Mitsubishi Electric’s new cyber attack detection technology: everything you need to know
On May 17th 2017, Mitsubishi Electric unveiled innovative new technology that detects a cyber attack by identifying network traffic that doesn’t fit within the norms of critical infrastructure. It can detect cyber attacks that disguise themselves as normal commands. The technology is not only first in the world, but comes at a time when the world probably needs it the most – as technology and digitalisation develop and thrive, the threat of cyber attacks to different corporations and infrastructures only increases. Mitsubishi Electric have truly come up with something brand new that really works.
The key features of the technology, as well as being the first of its kind, are that it holds the ability to detect deviation from normal commands and interpret these deviations as attack. The technology, unlike others that have been created, does not involve time consuming matching processes for suspicious patterns, and so ensures real-time operation. It also contributes to infrastructure stability, as it reduces detections time and does not disrupt other processes.
While there are pre-existing technologies that are similar, there are notable differences. Existing technologies detect cyber attacks by matching suspicious patterns with a huge variety of rules which is time consuming and can affect other processes that are under time constraints. These technologies are currently used in enterprise systems. The new Mitsubishi Electric technology has been effectively tested in plant system simulations, and thus could well be a fitting replacement for these existing technologies.
The new technology comes as a response to an increasing number of cyber attacks that are able to mimic normal commands so well that they are virtually undetectable. Unfortunately, existing technologies that use the matching suspicious patterns method are sometimes unable to detect these cyber attacks. Also, there are so many different suspicious patterns that the process takes up a lot of time, during which the control system operations could fail. This new technology means that such problems could be a thing of the past.
While creating this new technology, Mitsubishi Electric observed that normal control system traffic in critical infrastructure differs depending on the state of the operating system – operating, not operating or under maintenance. This observation means that the new technology is able to use different detection rules for each state, and can detect cyber attacks quickly and effectively. The innovative technology could revolutionise the way we detect cyber attacks.
