Kaspersky Lab assists to enhance cybersecurity of brewery

Kaspersky Lab has assisted Plzensky Prazdroj, the producer of popular Pilsner Urquell beer, to enhance cybersecurity of the brewery.
Cybersecurity for CSOsPlzensky Prazdroj worked with Kaspersky Lab to identify possible attack vectors and security gaps in its complex IT infrastructure.

Kaspersky Lab undertook a cybersecurity assessment (CSA), a minimally invasive remote and on premise cybersecurity assessment that began with an Infrastructure audit and threat model development across the two brew houses and eight packaging lines at the plant.

The CSA examined the corporate network linked to industrial zone, SCADA software and identified all uncontrolled external connections to and from the industrial floor. Kaspersky Lab experts provided a list of discovered vulnerabilities, zero-day vulnerabilities, details of possible attack vectors and actionable recommendations.

Plzensky Prazdroj IT security team averted potential attack disastrous consequences that could negatively affect breweries safety, reliability, and the company’s bottom line.

“The analysis showed us significant recommendations for the security lifecycle and highlighted weaknesses in security processes. Several areas for improvements were noted and all findings were summarized in the final report,” said Miroslav Zajic, IT analyst at Plzensky Prazdroj.

“Cyber threats to industrial environments are fundamentally different to traditional threats that businesses or individuals may face both and in terms of complexity and the scale of potential damage, which can be disastrous,” said Maxim Frolov, vice president of Global Sales at Kaspersky Lab.

Cyber-attacks against industrial networks have become prevalent. Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team says 37.8 percent of computers have been attacked by cyber threats in the second half of 2017.

A single industrial cyber-attack can have major disruptive potential and carries the real threat of damaging the industrial processes and threatening business continuity with an average enterprise losing $1.2 million if an incident is not detected within a week.