Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

ICS

OT:ICEFALL: Addressing Operational Technology Equipment Flaws with Zero-Trust Controls

A new report on Operational Technology (OT) equipment flaws from automated cybersecurity software company Forescout outlines the alarming state of OT security. The report titled OT:ICEFALL was crafted by researchers at the company’s Vedere lab. It breaks down 56 vulnerabilities affecting 26 devices from 10 vendors in OT.

Bridging the IT/OT gap with Tripwire's Industrial Solutions

Cybersecurity has, since its inception, been a corporate-based problem. Whether it is a public, or private corporation, these entities were the primary targets of most cybercrime. In recent years, the industrial sector has increasingly become the target of attack for malicious actors. The reasons include newly internet-connected devices that were once air-gapped, and the immaturity of cybersecurity in many of these plants.

ICS Security in Healthcare: Why Software Vulnerabilities Pose a Threat to Patient Safety

The lack of healthcare cybersecurity is one of the most significant threats to the sanctity of the global healthcare industry. This is made evident by the fact that in 2020 more than 18 million patient records were affected by successful cyber-attacks on the U.S. healthcare system. Health professionals should not take this issue lightly, as financial assets and intellectual property are at risk.

One Year Later: What We Have Learned from the Colonial Pipeline Attack

As we approach the one-year anniversary of the Colonial Pipeline ransomware attack, it is an excellent time to reflect upon what took place and how that incident can serve as a teaching point for any organization interested in preventing a ransomware attack. First, here is a quick refresher on what transpired.

"Pipedream" Malware Targets ICS: What Critical Infrastructure Owners Need to Know

Troubling new malware designed to facilitate attacks on a wide array of critical infrastructure – from oil refineries and power plans, to water utilities and factories – is raising concerns for its versatility. The malware, named Pipedream by Dragos and Incontroller by Mandiant, who have both tracked and researched the toolkit, is potentially capable of gaining full system access to multiple industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices.

Understanding ISA/IEC 62443 Standards for Industrial Networks, OT, and Critical Systems

There are many significant technology-enabled changes taking place in industrial environments today. Smart factories and Industry 4.0. The Industrial Internet of Things (IIoT). The convergence of information technology (IT) and operational technology (OT). All of these things are introducing digital technologies at a fast pace to improve operations, increase productivity, enhance oversight, and increase profitability.

What Is the Role of Incident Response in ICS Security?

In recent years, cyber espionage has been growing in magnitude and complexity. One of the most common targets is Industrial Control Systems (ICS) within critical infrastructure sectors. With many organizations relying more heavily on ICS networks, there has been an increase in threats and cyberattacks aimed at these systems. Not only do these attacks have an economic impact, but they also put national security at risk.

US Officials Warn - Heightened Risk of Ransomware Attacks on Municipal Utilities

US Officials warn of potential ransomware attacks in response to increased sanctions on Russia and have asked state and local officials to consider how ransomware attacks could disrupt the provision of critical services. “Right now, the biggest concern we have are preparations for potential impacts to US utilities and industrial critical infrastructure, (Dragos)”