Darktrace launches new cyber threat detection technology
Cambridge-based Darktrace has launched a new weapon to fight cyber terrorists targeting industrial control systems (ICS).
It has created a real-time detector within its Enterprise Immune System technology suite – specifically to spot emerging cyber threats in the ICS arena as they occur.
The new generation detector has already been rolled out at European energy powerhouse Drax, whose plant in North Yorkshire is the largest coal-fired power station in Western Europe and supplies around seven per cent of UK electrical consumption.
Darktrace CEO Nicole Eagan said the launch marked the dawn of a new era for the protection of critical infrastructure – “delivering real-time detection of today’s most advanced cyber-attackers and subtle insider threats.”
She said the innovation advance applied Darktrace’s machine learning and mathematics – which have their roots in Cambridge University – to both operational technology and corporate environments for the first time.
Industrial Control Systems, including SCADA (supervisory control and data acquisition), are relied on by power stations, factories and other parts of critical infrastructure to manage key processes, yet are increasingly being targeted by advanced hackers and exposed to vulnerabilities that originate in the corporate network.
As IT and operational technology environments continue to converge, managers of ICS have been faced with the challenge of protecting these crucial systems and data despite inherent security weaknesses and the continual risk of insider threat, Eagan added.
She said Darktrace’s Industrial Immune System represented a major innovation for critical infrastructure providers, giving them a holistic, visual overview of their production environments and alerting them to potential threats before they developed into full-blown cyber-attacks.
Powered by Enterprise Immune System technology developed at the University of Cambridge, Darktrace has specially adapted its innovative mathematical models to ICS data, forming an adaptive ‘pattern of life’ for the machines, networks and users within these environments, which is used to spot previously unidentified anomalies, in real time.
Since trialling the first generation technology Drax has decided to extend its implementation of Darktrace. It used Darktrace’s self-learning appliance within its corporate IT network and has now extended threat visibility into its SCADA systems to continuously monitor behaviours and alert security operators to any suspicious or abnormal activity.
Peter Emery, group operations director at Drax, said: “Nothing is foolproof in the modern-day challenge of cyber security, especially when it comes to protecting complex SCADA systems.
“Darktrace has transformed our ability to preempt threats by shining a light into our production environments and helping us focus our investigations. We now have visibility of both our corporate and production environments, enhancing our ability to anticipate potential issues early, wherever they originate.”
Nicole Eagan added: “By studying the behaviour of the control system itself, not the industrial process that it manages, we can provide increased confidence that the control system in functioning as intended.
“The Industrial Immune System’s fundamental ability to detect previously-unidentified cyber threats within SCADA and other operational technology systems is a world-first – helping operators meaningfully improve the resilience of critical infrastructure,and the safety of the people that work in these environments.”
Founded in 2013 by leading machine learning specialists and government intelligence experts, Darktrace is headquartered in Cambridge,UK and Washington D.C., with offices in Dallas, London, Milan, Melbourne, New York, Paris, San Francisco, and Singapore. It is funded by serial tech entrepreneur Mike Lynch through his Invoke Capital VC company.
Photograph: The Drax power plant in North Yorkshire. Image courtesy Harkey Lodger