Kaspersky’s secure-by-design approach implies using different kinds of cybersecurity solutions at nuclear power plants, including network firewalls, data diodes, monitoring solutions, intrusion detection systems, endpoint protection, operational technology & IoT cybersecurity, cybersecurity for networks and for nodes.
A secure-by-design approach in general means that an IT-enabled system (or facility) is built from scratch in a way that protects against malicious cyber actors getting access to devices, data, and connected infrastructure. This approach is based on system inherent security. The system should remain in a secure and safe state throughout the lifetime, reducing the cost of high-quality protection.
Kaspersky has developed a complete set of documentation for implementing secure-by-design IT infrastructure at nuclear power stations. Kaspersky’s approach to risk management covers the choice of contractors, equipment, hardware, software, and takes into account new types of computer threats, as well as the existing tactics and techniques of attacks. The documentation contains the description of a nuclear power plant IT architecture, relevant recommendations, ensuring the cybersecurity and information security of nuclear power plants throughout their long life cycle.
“On our usual computer at home or at the office we use traditional ‘on top’ or ‘add on’ protection solutions. They do a good job of protecting us from attacks at this level. But when it comes to nuclear power plants, the approach to their protection should be different. Nuclear and radiological safety, plant availability, reliable electricity supply are determined, among other factors, by cybersecurity,” comments Ekaterina Rudina, Security Analysis Group Lead at Kaspersky ICS CERT. “Nuclear power plant protection should be thoroughly planned at the early stages of plant design. Kaspersky’s approach to nuclear power plant cybersecurity is compliant with all standards and recommendations of international organizations, including the International Atomic Energy Agency (IAEA).”
To keep power plants and other critical infrastructure protected from various threats (even if they have not been designed with security in mind) Kaspersky experts recommend: