- February 07, 2016
New CyberFence technology secures OPC/DCOM dynamic port-allocation vulnerabilities that traditional firewalls cannot protect
Rockville, MD (February 8, 2016) – Ultra Electronics, 3eTI®, a leading cyber-technology company with products and solutions that secure critical infrastructure and improve operational efficiency, today announced secure OPC (OLE for process control) traffic monitoring and alerting for its CyberFence® product line. 3eTI’s CyberFence solution monitors and cyber-hardens vulnerable OPC Classic applications to proactively protect existing critical safety systems that use OPC DA, HDA or A&E.
OPC is one of the world’s leading protocols in process automation, valued for its utility in enabling interoperability among widely varying components and technologies. It is also the source of frequent threat warnings because its method of operation exposes control networks to attacks that traditional firewalls cannot protect against. This was publicly demonstrated when the Havex malware, deployed during the Energetic Bear/DragonFly ICS cyber-attack campaigns, targeted OPC and caused crashes and denial-of-service impacts to many infected systems.
CyberFence ensures that only authorized OPC applications can communicate by using DPI (deep packet inspection) technology to selectively permit traffic flows to dynamically assigned ports on networked workstations. CyberFence manages traffic flows for improved operational stability and efficiency by:
- Dynamically learning authorized OPC applications
- Tracking TCP port assignments by OPC servers
- Blocking OPC requests that do not comply with set standards
- Blocking unauthorized OPC requests and port-hijacking
- Providing simple configuration control for OPC clients and servers
- Standardizing methods for alerting & reporting unauthorized activity
"Continuing our practice of providing certified solutions that address specific challenges faced by our industrial automation and control system customers, we now have an answer to persistent vulnerabilities inherent in OPC," said Benga Erinle, President, 3eTI. "With more than three-fourths of the industry relying on this useful, yet highly vulnerable protocol, we're pleased to offer a solution that protects critical assets without impacting operational performance."
CyberFence products and systems are designed for both military and industrial applications. They are built to help secure new and existing industrial control systems -- safeguarding against external hackers, malware infections, deliberate insider attacks and unauthorized devices. OPC is the latest protocol to be supported in the CyberFence family that provides robust cyber security for industrial protocols including DNP3, MODBUS TCP, BACNet, EtherNet/IP and CANopen/CAN bus.