Protect Industrial Systems from State-Sponsored Hackers | ExtraHop

On March 15, a significant alert was issued by the US-CERT regarding Russian state-sponsored threat activity against critical infrastructure sectors, including energy, aviation, and critical manufacturing.

The attacks were not random; these were deliberate, multistage, focused attacks designed to gain a foothold within high-impact assets that can be used for any number of nefarious actions.

A new approach to protecting industrial control systems (ICSs) is necessary. The only clear path is to start relying on network data analytics, which is far less vulnerable than other security tools to tampering and erasure by attackers and does not require challenging updates or software installation on legacy systems.

To learn more about how network data and network security analytics can be used to detect and investigate ICS breaches, check out the rest of my article on

This is a companion discussion topic for the original entry at