Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

New Data Sharing Platform Serves as Early Warning System for OT Security Threats

Several OT cybersecurity firms have teamed up to create an information sharing platform designed to serve as an early warning system for critical infrastructure.

Several cybersecurity companies specializing in industrial control systems (ICS) and other operational technology (OT) have teamed up to create an open source information sharing platform that is designed to serve as an early warning system for critical infrastructure.

The new project, named ETHOS (Emerging THreat Open Sharing), is a vendor-agnostic technology platform for sharing threat information anonymously and in real time across various industries. 

The shared information includes indicators of compromise (IoCs) such as IP addresses, hashes, and domains, which can be useful to defenders for detecting new threats. 

“A real-time, open-source solution that functions almost like a hotline to correlate information from multiple security vendors to identify anomalous behaviors is the most feasible concept for reducing threat actor dwell time and discovering incidents during the reconnaissance phase of potential attacks,” the project’s initiators explained. “The goal for ETHOS is to uncover emerging threats for which there is no threat intelligence available.”

ETHOS currently has a beta API that provides data sharing functionality, and a server is in development. 

Organizations participating in the project can act as clients and/or host their own server to compare the information that is shared. ETHOS founding members pointed out that the project is not a shared proprietary threat intelligence feed and its goal is to complement existing information sharing platforms.

ETHOS is designed specifically for OT/ICS, but the API can be used by any type of cybersecurity solution.

Founding ETHOS members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security. 

Advertisement. Scroll to continue reading.

General membership applications will be available in June 2023. Any individual, organization or security vendor can contribute to the project.

Related: Swimlane Launches Security Automation Ecosystem for OT

Related: US Electric Cooperative Association Launches Commercial OT Security Solution

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.