The latest updates on cyber-physical attacks, threat actors and other industry news
In response to the Colonial Pipeline attack, Cybersplice is offering free cyber-physical security visibility to Critical Infrastructure operators for a three month period using our zero-touch deployment model. Get in touch via the contact form or IM link to see if your organisation qualifies.
(X) Dismiss
What is Splice
Splice prevents death and destruction caused by cyber-physical attacks
Splice in action
Splice is deployed at the City of Cape Town, enabling secure management of Smart City infrastructure across various disciplines, including Transportation, Surveillance and Facilities Management.
Splice provides deep visibility of expected and anomalous activity on these networks and shields vulnerable OT communications inside the encrypted Splice overlay network. Using Splice advanced visualizations, the City was able to identify and mitigate high risk areas, and eliminate avoidable risks to the networks. Splice also provides asset discovery and management, a key requirement to enable secure management of this OT network.
Applications
SCADA
With Splice there is no need to touch the actual equipment or code.
IACS
Splice overcomes device and controller vulnerabilities by building vulnerability shielding, authentication, authorisation and access controls into the network layer.
PLC/DCS
Splice logically isolates targets in an encrypted overlay network for centralised profiling, segregation and Intrusion Detection.
BIOMEDICAL
Splice enables sensitive real world interfacing devices to co-exist securely inside existing IT networks.
How we do it
Splice protects Operational Technology networks by providing:
- secure remote access for operators, engineers and support partners
- secure identity management
- passive node discovery and tracking
- behavioural profiling and advanced machine learning driven outlier and anomaly detection
- logical isolation in the network core
- vulnerability shielding inside an encrypted overlay network
Splice has been specifically designed to require no or minimal reconfiguration or interruption to existing production processes. Splice allows you to take back control over insecure and legacy components.
Test drive Splice with a zero-touch deployment using Cloudsplice-as-a-service. Cloudsplice provides full asset tracking, behavioral analysis and outlier detection using metadata forwarded from your network infrastructure via built-in capabilities. Get in touch via the chat link below for a free evaluation.
Splice-net builds a dedicated encrypted overlay network on top of existing carrier infrastructure, providing our customers with a secure private sensor network. Splice-net is carrier independent, allowing sensor networks to expand across multiple carrier footprints, and allowing for high availability by rerouting overlay traffic through alternate carriers. Customers remain in full control of encryption keys and therefore fully in charge of their sensor networks, even where traffic traverse hostile or untrustworthy carriers.
Vulnerability Shielding
IT security practices do not always translate well for OT security or IoT security purposes. For various reasons, it may not be viable to patch vulnerabilities in HMI’s, PLC’s or other Operational Technology systems.
Splice provides a way to mitigate these vulnerabilities through Vulnerability Shielding by injecting authentication code into the existing communication flow. When a sensitive function is accessed, Splice takes over from the normal application flow and requests OTP or password verification before forwarding the request through to the HMI. Using Vulnerability Shielding, Role Based Access Control (with or without two factor authentication) can be built into legacy applications without touching the application code.
100%
Embedded
100%
IoT
100%
ICS
CISA ICS Ransomware Factsheet
US CISA issues ICS ransomware factsheet. Recommendations include:...
Rockwell ISaGRAF5 Runtime Funtime
A string of vulnerabilities in this runtime allows remote execution with low...
Codesys remote execution vulnerabilities
Codesys automation software gets 10 out of 10 severity rating for 6 new vulnerabilities:
CVE-2021-30189 – Stack-based Buffer Overflow
CVE-2021-30190...
Siemens S7 critical vulnerabilities
Siemens has released patches / workarounds for critical memory protection...
Major US East Coast Pipeline suffers Cyber attack
Ransomware effects spilling over into the real world.
A press release from...
