How to use data diodes to prevent the escalation of ransomware damage.
Data Diode OWCD
While it is impossible to completely prevent the intrusion of information-gathering malware, let's effectively use data diodes (OWCD) as a communication restriction to protect ourselves from reconnaissance.
The terror of ransomware lies not in stealing data, but in its power to halt daily life. It penetrates deep within systems, targeting file servers and database servers to launch attacks. As the name "infostealer" suggests, this information-gathering malware operates stealthily. Before launching an attack, it steals authentication information, thoroughly investigates targets, and identifies the locations of important business secrets and personal information. Unlike the moment when a system is encrypted and it becomes immediately clear that an attack has occurred, the insidiousness of information-gathering malware lies in its ability to collect information without the victim realizing it, often having infiltrated days in advance and causing data leaks. This malware sends the information it gathers back to external attackers via the infiltration route. By intercepting this flow, much of the damage can be prevented. It allows for securing time until other security measures or virus removals can take effect, minimizing operational downtime. The data diode "OWCD" achieves a physical one-way communication restriction that allows no data to pass through. Since it is a physical method, it can be used safely even without on-site personnel. For inquiries, please refer to the related links below.
Inquire About This Product
basic information
Typically, the communication used in offices involves not only the data you send but also signals that control communication in the reverse direction. We replace this communication with a method that does not require the transmission of this control signal in front of the OWCD, making it unidirectional. That signal is communicated through the OWCD and decoded at the exit for your use. Communication control can also be done with firewalls and routers, but the OWCD is free from configuration errors; it "can only flow in one direction" because there is no reverse circuit. Therefore, no signals can flow from the opposite direction, effectively shutting out remote control signals emitted by viruses and the exfiltration of files they want to steal. While reports of damage to large corporations are common, about 60% of confirmed ransomware incidents in Japan involve small and medium-sized enterprises. The primary targets are organizations such as manufacturing companies, medical institutions, local governments, and schools, where security personnel are not permanently stationed. There is no need for settings that impose communication restrictions on the "OWCD" itself. Even if regular maintenance cannot be performed, the level of safety will definitely improve. Zero trust dislikes boundary control, but the OWCD, which imposes restrictions, is highly compatible! It is also favorable for micro-segmentation. For inquiries, please refer to the related link above.
Price information
We provide communication software compatible with various protocols that can operate on the communication processing PC prepared by the customer, featuring OWCD-2 with 100MBase-T connection and OWCD-G with 1000MBase-T connection as core products. Additionally, there is an "i" model that is integrated with the communication processing PC. While the initial investment may be on the higher side, the reduction in lifecycle costs is significant. The damage caused by ransomware is more severe the deeper it is rooted. Let's build a robust multi-layered defense to prevent this. For inquiries, please refer to the related links above.
Price range
P5
Delivery Time
※Please contact us for prices. You can find related links above.
Applications/Examples of results
Over 130 units sold to date. We have numerous achievements in remote monitoring of thermal power plants. While I can't discuss specifics, the utilization in critical infrastructure such as government agencies, public institutions, transportation, and important sectors within companies (like critical infrastructure and research facilities) is steadily increasing. Exploiting vulnerabilities at network entry points like VPN devices, attackers build footholds internally, leveraging weak password management to seize administrative rights over database servers, file servers, and terminals, allowing them to search for personal information and identify critical systems. As many business operations now depend on systems, a single server failure can ripple through the entire company's production and shipping. A system failure controlling real-time information halted all operations in factories, logistics, and sales. Digital transformation (DX) brings convenience but also structurally increases the risk of "stopping." The practice of completely separating incoming communications from an unspecified number of external sources and outgoing communications to specific destinations to prevent the activities of information-gathering malware is also beginning to gain traction. The use of unique solutions provided by system integrators (SIers) is rapidly increasing! For inquiries, please visit the related link above.
catalog(17)
Download All Catalogs
Company information
Our company is a member of the Mitsubishi Heavy Industries Group, serving as a design technology partner for Mitsubishi Heavy Industries, where we engage in planning and mechanical design for prime movers (steam turbines/boilers, gas turbines, water turbines), pumps, and various plants, as well as instrumentation control system planning and electrical design. In order to meet the increasingly diverse and sophisticated needs of our customers, we will continue to challenge ourselves to improve our technological capabilities, streamline operations, and reduce costs based on the trust we have built with users. Through this, we are developing activities that contribute to society by providing the products and engineering capabilities we have cultivated so far to everyone. Alongside the sale of products related to IoT, manufacturing DX, and on-site monitoring/condition monitoring, we will focus on custom orders, customization, and system construction to realize your ideas. We encourage you to consider utilizing our services. https://eng.power.mhi.com
