Vendor claims to be the first to offer device-level protection solutions designed for legacy and new industrial machinery and smart factory production lines. Credit: Metamorworks / Getty Images NanoLock has announced the launch of a new suite of zero-trust cybersecurity solutions for the industrial and manufacturing market. In a press release, the firm claimed to be the first to offer device-level protection solutions designed specifically for legacy and new industrial machinery and smart factory production lines. The launch comes in the wake of a joint cybersecurity alert surrounding advanced persistent threat (APT) attacks on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices.Zero-trust approach prevents unauthorized modificationNanoLock’s industrial product suite was developed in cooperation with industrial and manufacturing companies to protect ICS devices and industrial machines, ensuring the operational integrity of machines and production lines without impacting performance and functionality, the firm said. It has been designed to integrate with devices and systems to provide a device-level zero trust security approach that prevents unauthorized modification attempts, protecting connected industrial devices from multiple attack vectors.“The chaotic reality of the cybersecurity landscape is that there is no way to know where the next attack will come from, so the world must move away from detection to prevention to ensure business continuity,” commented NanoLock CEO Eran Fine.APT actors targeting ICS/SCADA devices with custom attacksA recent joint cybersecurity advisory from the U.S. Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the FBI emphasized the need for enhanced security approaches to protect industrial/OT environments from APT cyberattacks. “APT actors have developed custom-made tools for targeting ICS/SCADA devices,” the advisory read. “The tools enable them to scan for, compromise, and control affected devices once they have established initial access to the operational technology (OT) network.” Organizations in the space were urged to implement mitigations to address the threats posed to ICS/SCADA systems, including:Isolate ICS/SCADA systems and networks from corporate and internet networks using strong perimeter controls.Limit communications entering or leaving ICS/SCADA perimeters.Enforce multi-factor authentication for all remote access to ICS networks and devices whenever possible.Enforce the principle of least privilege.Leverage continuous OT monitoring to alert on malicious indicators and behaviors.Limit ICS/SCADA systems’ network connections to only specifically allowed management and engineering workstations. Related content feature 3 ways to fix old, unsafe code that lingers from open-source and legacy programs Code vulnerability is not only a risk of open-source code, with many legacy systems still in use — whether out of necessity or lack of visibility — the truth is that cybersecurity teams will inevitably need to address the problem. By Maria Korolov Nov 29, 2023 9 mins Security Practices Vulnerabilities Security news Amazon’s AWS Control Tower aims to help secure your data’s borders As digital compliance tasks and data sovereignty rules get ever more complicated, Amazon wants automation to help. By Jon Gold Nov 28, 2023 3 mins Regulation Cloud Security news North Korean hackers mix code from proven malware campaigns to avoid detection Threat actors are combining RustBucket loader with KandyKorn payload to effect an evasive and persistent RAT attack. By Shweta Sharma Nov 28, 2023 3 mins Malware feature How a digital design firm navigated its SOC 2 audit L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits. By Alex Levin Nov 28, 2023 11 mins Certifications Compliance Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe