Monitoring room
With cyber threats to critical infrastructure and operational technology (OT) on the rise, a group of cybersecurity and critical infrastructure companies has launched a platform for sharing early threat information.
Ethos – Emerging THreat Open Sharing – is an open-source, vendor-neutral technology platform that will automatically compare shared data in real time. The aim is to identify statistically significant behaviors, anomalies, and indicators of new and novel attacks and allow companies to head them off in advance.
The platform was created in response to CISA’s call for Shields Up and the Biden administration’s 100 Day Sprint, aimed at speeding up the response to novel threats targeting operational technology and critical infrastructure. Founding members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.
“This is much bigger than any one vendor, or even a couple… it’s the whole ICS community,” says Matt Morris, global managing director for security and risk Consulting at 1898 & Co. and president-elect of Ethos.
“Critical infrastructure defenders have felt like they are on an island. To remain highly vigilant against potential attacks and adversaries, Ethos provides collective defense through vendor-agnostic information-sharing from both public and private sources that enables improved metrics like time-to-detection and time-to-respond.”
Ethos will function rather like a hotline, with any individual, organization or security vendor able to contribute, and information shared with peers and governments. Applications for general membership will open in June this year.
The shared information will include indicators of compromise (IoCs) such as IP addresses, hashes, and domains, aimed at helping to uncover new and novel attacks for which no threat intelligence or known attack pattern is available. For example, if a dozen or more electric utilities with various vendor solutions all detect the same unknown IP address correlated at an Ethos server, security teams could proactively investigate and take preventive measures.
According to Dragos Security, cyberattacks on industrial control systems increased by a massive 78 per cent in 2022, with a 35 per cent increase in the number of ransomware groups targeting industrial control and operational technology systems.
Meanwhile, 89 per cent of manufacturing firms had poor visibility into the cybersecurity of their OT environments.
The group has the support of the US Cybersecurity and Infrastructure Security Agency (CISA).
“The scale of threats facing critical infrastructure operators, and in particular operational technology networks, requires an approach to information sharing grounded in collaboration and interoperability,” says Eric Goldstein, CISA executive assistant director for cybersecurity.
“CISA is eager to continue support for community-driven efforts to reduce silos that impede timely and effective information sharing. We look forward to collaborating with such communities, including the Ethos community, to improve early warning and response to potential cyber threats, while appropriately protecting sensitive information about our nation’s critical infrastructure community.”
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here
