Analysis of how to prevent virus in industrial computer

With the Internet of things 、 big data 、 Artificial intelligence and other advanced technologies IT The rapid development of technology , Manufacturing industry is to reshape the core competitiveness of enterprises , Positive acceleration IT And OT Fusion , Transform the traditional production relations and business processes , From product development 、 From business management to production workshop, promote the development of enterprises in an all-round way Digital transformation And intelligent manufacturing . stay Digitization 、 Under the general trend of networking and intelligence , Industrial networks have moved from closed to open , Industrial control Security issues have gradually been concerned by all sectors of society .

IT、OT Fusion acceleration , The risk of industrial control safety has increased

In the traditional manufacturing enterprise information network , Due to the independent networking of production area and office area , Field equipment in the production area of the enterprise 、 control 、 The monitoring network and internal management network are relatively isolated from the external Internet , Formed a relatively closed environment , Good network security . But as the IT And OT Accelerated fusion of , In order to better realize the horizontal and vertical integration of the data information of internal and external enterprises and upstream and downstream enterprises in the supply chain , The equipment inside the enterprise needs to be 、 The application and information system is connected with the external network . In the process , Enterprises need to adopt standardized and general methods IT technology 、 Unified industrial protocol and open application interface , Break the isolation boundary of industrial control network , Make the industrial network from closed to open .

With the increasing openness of industrial networks , Information security risks continue to spread to the industrial field , Industrial control system （ICS） Our security protection system is facing a huge security threat . Big data era , Many enterprises protect key production and operation data as their core assets , In case of leakage , It will bring great losses to the enterprise . what's more , Industrial control system Carrying important industrial data related to social economy and even national security , Once stolen 、 Tamper with or flow abroad , Will pose a serious threat to national security . at present , The industry of the enterprise Control system （ICS） Security faces three major challenges , It is embodied in ：

（1） Sabotage by hackers . With the advent of the Internet era , More and more industrial control systems and equipment , Exposure to the Internet without protective measures , Easily detected by hackers . Some hackers with ulterior motives , In order to achieve certain economic and even political interests , Intrude into the industrial gateway through the Internet , Wanton attack on industrial control systems in important departments and fields .

（2） Its own loopholes emerge one after another . Software and hardware update of industrial control system 、 The current situation of difficult replacement makes many vulnerabilities hidden and can not be repaired , For example, in SCAD Systems software 、 operating system 、 Network communication protocol 、 There are some loopholes in the security policy and management process , Hard to detect . Besides , Many industrial control systems , It is also difficult to avoid the unintentional and deliberate modification of internal technicians .

（3） Vulnerability of self-protection system . Most of the ICS The network only ensures the relative isolation between industrial network and office network by deploying firewall , each industrial automation Lack of reliable secure communication mechanism between units , For example, based on DCOM Programming is standard OPC It's almost impossible to use traditional interfaces IT Firewall to ensure its security . The effect of data encryption is poor , The identification ability of industrial control protocol is not ideal , In addition, there is a lack of industry standards and management systems , The security defense capability of industrial control system is very limited .

Personal suggestion is to use the way of host reinforcement to strengthen the industrial computer , To resist the virus

The core points of host reinforcement ：

1、 System reinforcement

Lock the debugged system , Become a trusted system .

In a trusted system , Illegal procedure 、 Scripts can't run . And it will not affect data access .

Even if the system has vulnerabilities , Even administrator privileges are lost , This trusted system is secure .

2、 Program reinforcement

The executable program is signed by trusted signature 、 Start the script in real time hash Value verification , If the verification fails, the startup is rejected , And trusted programs cannot be disguised .

3、 Document reinforcement

Protect files of the specified type from tampering .

4、 Disk encryption

Create a safe sandbox , The sandbox is isolated from the outside , Encrypt the data in the sandbox , Ensure that the data can only be used under the premise of effective authorization management , To be decrypted . If there is no authorization , Even administrators cannot copy and use this data , Even system cloning does not work .

5、 Database hardening （ Structured data ）

first floor ： Database files are forbidden to be accessed and tampered with by unfamiliar programs . Ensure database file level security .

The second floor ： Database port access trusted filtering , Only business programs are allowed to connect to the database port , At the end of the connection string IP+ port + In the account password , Append process identification .

The third level ： Database connection SQL Intelligent filtering of text , Prevent critical data from being retrieved and accessed , Prevent the data in the database from being accessed illegally , Prevent dangerous operations of database forms .

The core points of host reinforcement ：

1、 System reinforcement

Lock the debugged system , Become a trusted system .

In a trusted system , Illegal procedure 、 Scripts can't run . And it will not affect data access .

Even if the system has vulnerabilities , Even administrator privileges are lost , This trusted system is secure .

2、 Program reinforcement

The executable program is signed by trusted signature 、 Start the script in real time hash Value verification , If the verification fails, the startup is rejected , And trusted programs cannot be disguised .

3、 Document reinforcement

Protect files of the specified type from tampering .

4、 Disk encryption

Create a safe sandbox , The sandbox is isolated from the outside , Encrypt the data in the sandbox , Ensure that the data can only be used under the premise of effective authorization management , To be decrypted . If there is no authorization , Even administrators cannot copy and use this data , Even system cloning does not work .

5、 Database hardening （ Structured data ）

first floor ： Database files are forbidden to be accessed and tampered with by unfamiliar programs . Ensure database file level security .

The second floor ： Database port access trusted filtering , Only business programs are allowed to connect to the database port , At the end of the connection string IP+ port + In the account password , Append process identification .

The third level ： Database connection SQL Intelligent filtering of text , Prevent critical data from being retrieved and accessed , Prevent the data in the database from being accessed illegally , Prevent dangerous operations of database forms .

Which host reinforcement brands are worth recommending ：

At present, several brands that have done well in the field of host reinforcement are known in the market ：

1、 Xinda's MCK Host reinforcement and CBS Sebo lock .

2、 Wisteria cloud security .

3、 Luoan Technology .

4、 wave .

5、 Anheng .

6、 Convinced .

7、 Tian Rong Xin .

In no particular order . Personal recommendations MCK Mainframe reinforcement +CBS Plan , Because what our company buys is MCK Mainframe reinforcement +CBS. It is said that their sandbox encryption is also an old brand in the industry , You can rely on .

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption

The purpose is to prevent extortion virus , Mainframe reinforcement , System reinforcement , Industrial control security server anti-virus , Business system anti-virus , Server intrusion prevention , Production line anti-virus , Industrial computer encryption , Industrial computer reinforcement , Server data security , Industrial control system host safety , Device encryption , Industrial computer anti-virus , Industrial computer encryption , Algorithm encryption , Program encryption anti copy , Super dongle , Device anti cracking , Equipment authorization management , Device antivirus , Industrial computer authorization management , Smart device encryption