Open-source ETHOS platform for detecting cyber attacks to protect ICS and OT environments launches
Nozomi Networks, an OT (operational technology) and IoT (Internet of Things) security provider, and other companies, including the ABS Group, Schneider Electric and Waterfall Security, recently introduced the ETHOS platform.
ETHOS (Emerging THreat Open Sharing) is an open platform designed to share real-time data to create early warning systems for investigating unusual activity across OT and ICS environments instead of relying on known malware signatures.
Nozomi Networks says ETHOS automates the frequency analysis of new activity and threats, allowing faster responses to novel tactics, techniques and procedures (TTPs). It is built for ICS and OT environments and enables entities and security vendors to compare information, contribute data anonymously and receive notifications of correlations. The benefits include reduced timelines for refining data to identify and classify new threats and preventing more severe attack paths.
The founders are creating a proof of concept before 2024 and inviting participants to evaluate their submission and notification APIs on Github. Nozomi Networks says that this will help the participants understand how the tool aggregates and anonymizes information.
Nozomi Networks will host the first ETHOS server for beta testing and has already incorporated integration capabilities for machine-to-machine data sharing.
In the future, any organization can independently host an ETHOS server using the open-source project. The host can then invite participants and clients to connect and exchange information. An ETHOS client with integration capabilities is required to participate in the ETHOS network.
The initiative was developed in answer to the Shields Up campaign by CISA and the 100-Day Sprint by the Biden Administration. Its objective is to shorten the duration for addressing new attacks that target operational technology and essential infrastructure.
Earlier this year, Nozomi Networks introduced Nozomi Arc, an endpoint security sensor that aims to enhance operational efficiency. The company said the solution addresses the issue of monitoring industrial control devices and integrates the Vantage and Guardian platforms to perform network-based analysis.
Peachtree Corners smart city and Spoke team up to improve road safety
ABS Group | critical infrastructure | cyber attack | ICS | Nozomi Networks | OT | Schneider Electric | Waterfall Security