OPSWAT introduces cybersecurity solutions for critical infrastructure

The insights were unveiled at Vietnam Cyber Security Day 2024, organised by the Vietnam Information Security Association in collaboration with the Authority of Information Security in Hanoi.

According to OPSWAT, as digital transformation progresses, cyberattacks, espionage, and cyberterrorism targeting critical IT and Operational Technology (OT) systems are increasing. Ensuring cybersecurity has become a top priority for nations. Particularly for Vietnam, undergoing a robust digital transformation, protecting critical networks is of utmost importance.

La Manh Cuong, vice president of Research and Development and general director of OPSWAT Vietnam

At the plenary session, La Manh Cuong, vice president of Research and Development and general director of OPSWAT Vietnam, discussed two prominent cyberattacks on critical OT systems worldwide: Stuxnet (2010) and FrostyGoop (2024). Using these examples, OPSWAT's cybersecurity expert proposed effective, comprehensive solutions to counter cyberattacks on critical IT and OT systems.

Stuxnet is a sophisticated malware that spread via USB into the air-gapped network of Iran's Natanz nuclear facility in June 2010. It targeted Siemens' SCADA (Supervisory Control and Data Acquisition) systems used at the site, manipulating centrifuge speeds to dangerous levels while masking abnormal activity on monitoring screens. As a result, nearly 1,000 centrifuges were damaged, disrupting uranium enrichment and delaying Iran's nuclear programme by a decade.

This critical industrial cybersecurity attack was discovered in April 2024. The malware attacked a local energy company, leaving 600 residential buildings without heating for two days. Targeting Industrial Control Systems (ICS) and OT environments, FrostyGoop utilised the Modbus protocol–a common ICS standard–to interact and disrupt operations. Hackers sent malicious Modbus commands to control systems, causing malfunctions and system breakdowns. This event alarmed the cybersecurity community, highlighting vulnerabilities in poorly segmented or inadequately monitored ICS environments.

In both cases, attackers employed similar methods to infiltrate and attack organisations' OT networks. To counter these threats, Cuong recommended using OPSWAT's MetaDefender Kiosk to scan and block malware on portable storage devices, ensuring data is sanitised before being introduced into organisational networks.

For comprehensive protection, he suggested organisations continuously update security patches and deploy MetaDefender Netwall™ for secure data transfer in OT environments. Additionally, he advocated implementing MetaDefender Industrial Firewall™ as the final defence layer to safeguard ICS, OT, and SCADA systems.

OPSWAT showcases its products at Vietnam Cyber Security Day 2024. Photo: OPSWAT

Cuong emphasised the importance of bolstering IT-OT security and continuous monitoring to detect and mitigate similar threats. “The Stuxnet and FrostyGoop incidents serve as a wake-up call for industrial organisations to invest in cybersecurity measures, particularly for critical infrastructures like power plants, water systems, and manufacturing facilities,” he said.

He also introduced the MetaDefender platform, designed to protect critical IT-OT networks globally. This solution offers comprehensive network security, helping organisations address concerns about today's dangerous cyber threats.

Alongside the workshop, OPSWAT showcased a range of cybersecurity solutions for IT and OT, simulating cyberattacks on nuclear power plants and other critical IT and OT systems. Cybersecurity experts demonstrated OPSWAT's solutions for successfully preventing these attacks.

OPSWAT now welcomes cybersecurity experts, engineers, and students to explore its technologies at the Critical Infrastructure Protection Lab (CIP Lab) located at its Vietnam offices in Ho Chi Minh City and Hanoi.

For the last 20 years, OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, has continuously evolved an end-to-end solutions platform that gives public and private sector organisations and enterprises the critical advantage needed to protect their complex networks and ensure compliance.

Empowered by a “Trust no file. Trust no device.™” philosophy, OPSWAT solves customers’ challenges around the world with zero-trust solutions and patented technologies across every level of their infrastructure, securing their networks, data, and devices, and preventing known and unknown threats, zero-day attacks, and malware.

OPSWAT signs strategic partnership with CMC Cyber Security OPSWAT, a global leader in critical infrastructure protection and cybersecurity solutions, on December 7 opened a new office in Hanoi, and signed a strategic partnership agreement with CMC Cyber Security Co., Ltd., making new moves to expand its footprint in Vietnam.

OPSWAT presents advanced cybersecurity solutions at Vietnam Security Summit 2024 Cybersecurity experts from OPSWAT, a pioneering enterprise in critical infrastructure protection, on May 30 shared insights on implementing advanced security technologies to safeguard information systems and critical infrastructure at the 6th Vietnam Security Summit 2024.

OPSWAT acquires InQuest to strengthen cybersecurity capabilities Cybersecurity solutions provider OPSWAT announced on August 7 its acquisition of InQuest to enhance its capabilities.