Top Page | English | 简体中文 | 繁體中文 | 한국어 | 日本語
Tuesday, 6 November 2018, 15:26 HKT/SGT
Share:
    

Source: NEC Corporation
NEC Technology Automatically Identifies Cyberattack Risks for ICT Systems and Important Infrastructure

TOKYO, Nov 6, 2018 - (JCN Newswire) - NEC Corporation (TSE: 6701) today announced the development of a technology for automatically identifying the risk of cyberattacks. The new technology uses simulations in order to create a comprehensive evaluation of cyberattack risks for ICT systems and important infrastructure, such as electricity, gas, water, and transport facilities.

This technology collects information about components and complex network settings that are particular to control systems, as well as information on data flow, including information about isolated environments, from actual systems and reproduces a virtual model based on that information. The virtual model is used to run cyberattack simulations that enable the automatic identification of a variety of cyberattack risks.

Cyberattack simulations are created using analysis knowledge based on attacks utilizing e-mail and the Web, data falsification, spoofing, and attacks on isolated networks utilizing a USB and other techniques, in addition to knowledge(1) about software vulnerability and attack techniques that are extremely sophisticated and hard to understand. This makes it possible to create an exhaustive range of realistic attack simulations.

"This technology can identify potential attack paths and the scope of their influence, making it possible to implement the necessary security measures with a minimum of system outages," said Mikiya Tani, General Manager, Security Research Laboratories, NEC Corporation. "Moreover, the technology bolsters the security of social infrastructure and ICT systems for enterprises, while contributing to the safety of communities and the development of economic activity."

NEC aims to provide this technology commercially within the 2019 fiscal year.

Primary features of the new technology include the following:

1. Creation of a virtual model for accurate security risk analysis
NEC developed a technique to create a virtual model by collecting detailed system information necessary for risk analysis, such as the hardware information of components (programmable logic controller [PLC] and others) peculiar to control systems, communications settings, such as packets and protocols, and data flow.

This makes it possible to visualize the entire configuration of complicated systems and data flow, which has conventionally been difficult to understand, even for specialists with extensive experience and advanced skills in status analysis. With this technique, NEC achieves an immediate, accurate understanding of the areas of vulnerability in risk analysis.

2. Analysis of realistic attack scenarios utilizing an attack database
NEC created a database of analysis knowledge that is used to produce simulations with a computer. The database consists of information on software vulnerabilities and attack technique data(1), such as CVE and CAPEC, which are widely disclosed around the world, but can only be understood by specialists. By structuring and creating a database of common characteristics, such as the conditions under which attacks become feasible, the status of attackers, and the change in the status of systems that occurs when attacks succeed, a series of attack simulations, from the starting point to the goal of attacks, can be automatically and accurately created at high speed.

Further, because the database of analysis knowledge encompasses a variety of attack forms, such as attacks utilizing e-mail and the Web, data falsification, spoofing, as well as attacks on an isolated network utilizing a USB or other techniques, it is possible to create more realistic attack scenarios.

With this technology, an attack can be understood visually and automatically. Further, because the effectiveness of security when measures are taken can be repeatedly confirmed, potential security risks can also be found.

NEC will showcase this technology at the "C&C user forum & iEXPO 2018" held by the NEC Group at the Tokyo International Forum on Thursday, November 8 and Friday, November 9.

For more information, please visit: https://www.nec.com/en/event/uf-iexpo/

(1) A worldwide database that discloses information about a variety of software vulnerability and attack techniques collected by US-based companies.


About NEC Corporation

NEC Corporation is a leader in the integration of IT and network technologies that benefit businesses and people around the world. The NEC Group globally provides "Solutions for Society" that promote the safety, security efficiency and fairness of society. Under the company's corporate message of "Orchestrating a brighter world," NEC aims to help solve a wide range of challenging issues and to create new social value for the changing world of tomorrow. For more information, visit NEC at https://www.nec.com.

Contact:
NEC
Seiichiro Toda        
s-toda@cj.jp.nec.com
+81-3-3798-6511


Nov 6, 2018 15:26 HKT/SGT
Source: NEC Corporation

NEC Corporation (TSE: 6701)

Topic: Press release summary
Sectors: Enterprise IT, Security/Biometrics
http://www.acnnewswire.com
From the Asia Corporate News Network


Copyright © 2019 ACN Newswire. All rights reserved. A division of Asia Corporate News Network.


NEC Corporation Links

http://www.nec.com

https://www.facebook.com/nec.global/

https://twitter.com/NEC_corp

https://www.youtube.com/user/NECglobalOfficial

https://www.linkedin.com/company/nec/

NEC Corporation
Jan 17, 2019 08:09 HKT/SGT
NEC Highlights New Business Creation for Communication Service Providers (CSPs) based on 5G at MWC 2019
Jan 16, 2019 14:12 HKT/SGT
NEC Provides Face Recognition Demo System Utilizing MEC to DOCOMO 5G Open Lab OKINAWA
Jan 14, 2019 08:31 HKT/SGT
NEC Contributes to Ultra-High-Definition Live Video Transmission Test Utilizing 5G Conducted by NTT DOCOMO and TOBU RAILWAY
Dec 27, 2018 22:07 HKT/SGT
NEC Acquires the Largest Danish IT Company, KMD
Dec 21, 2018 10:05 HKT/SGT
NEC Completes Construction of Earthquake Detection System in Indonesia
Dec 19, 2018 19:04 HKT/SGT
NEC Successfully Demonstrates Real-Time Digital OAM Mode Multiplexing Transmission in the 80GHz-Band for the First Time
Dec 19, 2018 18:31 HKT/SGT
NEC Welcomes Greater Industry Collaboration on Facial Recognition Technology
Dec 14, 2018 14:40 HKT/SGT
NEC Takes Top Spot as Worldwide Market Leader in MZA's Global Call Control (PBX-IP PBX) Market Report
Dec 13, 2018 16:37 HKT/SGT
NEC: Members Selected for the Research Program for the Development of a Quantum Annealing Machine Enabling High-Efficiency, High-Speed Processing
Nov 30, 2018 09:27 HKT/SGT
NEC to Provide Air Traffic Control Radars for Gimpo International Airport in Seoul, South Korea
More news >>
 News Alerts
Copyright © 2019 ACN Newswire - Asia Corporate News Network
Home | About us | Services | Partners | Events | Login | Contact us | Privacy Policy | Terms of Use | RSS
US: +1 800 291 0906 | Beijing: +86 400 879 3881 | Hong Kong: +852 2217 2912 | Singapore: +65 6304 8926 | Tokyo: +81 3 6721 7212

Connect With us: