OT Security 4 Ways to Protect Against Triton ICS Malware December 21, 2017 by arpit The recent Triton ICS malware attack is a custom-tailored ICS malware that also earned the moniker “TRISIS” because it targets a vulnerability in Schneider Electric’s EcoStruxure™ Triconex Safety Systems safety instrumented system (SIS) that enables the malware to replace the logic in PLCs that send commands directly to physical machinery. the Triton ICS malware is […] Read more » Triton ICS malware
OT Security Industroyer / CrashOverride – IT to OT Malware That Changes Industrial Security Paradigms June 19, 2017 by arpit ESET researchers recently discovered one of the most aggressive forms of cyber threats on electric grids and industrial control networks – coined Industroyer, or CrashOverride. This malware was likely the cause of the December 2016 “Black Energy” cyberattack on Ukraine’s power grid that caused a blackout of over an hour in part of its capital, […] Read more » Industroyer
OT Security Ransomware a real risk for SCADA networks May 23, 2017 by arpit By now the ‘Air gapping’ myth should be expunged from every ICS/SCADA manager on earth. SCADA networks have been hacked on several known occasions and made the need for advanced SCADA security solutions crystal clear. But this weekend we learned that even non-targeted malware can pose a serious risk to our physical plants when the […] Read more » SCADA Ransomware
OT Security SCADA MODBUS Protocol Vulnerabilities April 13, 2017 by arpit Supervisory Controls and Data Acquisition (SCADA) protocols are communications protocols designed for the exchange of control messages on industrial networks. Over the past three decades, several hundred of these protocols have been developed for serial, LAN, and WAN-based communications in a wide variety of industries including petrochemical, automotive, transportation, and electrical generation/distribution. SCADA MODBUS is […] Read more » MODBUS Protocol vulnerabilities SCADA
OT Security SCADA Security Starts with Visibility March 9, 2017 by arpit Critical infrastructures such as power, oil and gas, water treatment systems and transportation are vital to national survival. Any interruption can put lives at risk. Though ample precautions are taken to secure physical facilities and separate operational networks from IT networks, the majority of ICS/SCADA networks remain vulnerable. Improving SCADA security is a top priority […] Read more » SCADA visibility
OT Security Protecting Industrial Control Networks – It’s Not Just About SCADA Security February 10, 2017 by arpit Industrial Control Networks: a Hybrid of OT and IT When we think about protecting critical infrastructure operational technology (OT) networks, the common perception is that it’s all about SCADA security. But that is not even half of the story. Almost all Industrial Control Systems (ICS), in critical national infrastructures as well as in much smaller […] Read more » Industrial Control Networks OT SCADA Security
OT Security ICS/SCADA Protocol Vulnerabilities: CIP (Common Industrial Protocol) January 5, 2017 by arpit SCADA (Supervisory Control And Data Acquisition) networks serve as the backbone for many manufacturing and critical infrastructure industries, including utilities, telecom, transportation and food distribution, performing vital tasks such as monitoring data from pumps, valves and transmitters. Dating back to the 1960’s, these systems were built to provide plant workers with a user-friendly interface from […] Read more » ICS SCADA
OT Security End the air gapping myth in critical infrastructure security December 15, 2016 by arpit In an environment where we’re seeing increasing demand for connectivity between operational technology (OT) and IT, security teams have to dispel the air gapping myth to acknowledge that IT influences can exploit OT connections. The air gapping approach was used for a long time to prevent any impact on ICS systems. But it’s wishful thinking […] Read more » ICS SCADA
OT Security 4 Europe Cyber Security Trends to Watch in 2017 December 6, 2016 by arpit With digital crimes that know no borders and terrorism fuelled by bits and bytes, the world is grappling with matters that are poised to disrupt the very way we live. And 2017 is already on course to cement all things cyber security-related as the defining concerns of our times. Looking at the EU’s current security […] Read more » Critical infrastructure