Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs is committed to conducting cyber security research that makes industrial organizations more secure. Our latest project involves enhancing Radamsa, an open source fuzzing tool for testing software.

Our new code makes it faster and easier to test devices that communicate over industrial networks, such as PLCs and RTUs, for security vulnerabilities.

IEC 62351 Standards for Securing Power System Communications

IEC 62351 Standards for Securing Power System Communications

To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.

As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.

Russian Cyberattacks on Critical Infrastructure – What You Need to Know

Russian Cyberattacks on Critical Infrastructure – What You Need to Know

The U.S. government has just released an important cyber security alert that confirms Russian government cyberattacks targeting energy and other critical infrastructure sectors.

The cyber campaign described is not new however, rather it is likely an expanded version of the Dragonfly 2.0 playbook. The Nozomi Networks solution ships today with an analysis toolkit that identifies the presence of Dragonfly.

Bad Rabbit Highlights Employees’ Role in Cyber Security Attacks

Bad Rabbit Highlights Employees’ Role in Cyber Security Attacks

Recently reports of a new ransomware malware known as Bad Rabbit was making headlines in the press. A suspected variant of NotPetya, Bad Rabbit spread quickly through IT networks in Europe and elsewhere.
Our research indicates that while Bad Rabbit infections started to be reported in late October, the group behind the attacks started creating an “infection-network” in July. While not reported as impacting industrial systems, industrial operators should take note of this attack and what it means for their cyber resiliency programs.