Nozomi Networks Labs is committed to conducting cyber security research that makes industrial organizations more secure. Our latest project involves enhancing Radamsa, an open source fuzzing tool for testing software.
Our new code makes it faster and easier to test devices that communicate over industrial networks, such as PLCs and RTUs, for security vulnerabilities.
Over the past few years our company has been focused on product development and building our team, but we also began to contribute research to the ICS security community.
Today we’re formally introducing Nozomi Networks Labs, whose goal is to help defend the industrial systems that support everyday life.
To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.
As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.
The U.S. government has just released an important cyber security alert that confirms Russian government cyberattacks targeting energy and other critical infrastructure sectors.
The cyber campaign described is not new however, rather it is likely an expanded version of the Dragonfly 2.0 playbook. The Nozomi Networks solution ships today with an analysis toolkit that identifies the presence of Dragonfly.
Recently reports of a new ransomware malware known as Bad Rabbit was making headlines in the press. A suspected variant of NotPetya, Bad Rabbit spread quickly through IT networks in Europe and elsewhere.
Our research indicates that while Bad Rabbit infections started to be reported in late October, the group behind the attacks started creating an “infection-network” in July. While not reported as impacting industrial systems, industrial operators should take note of this attack and what it means for their cyber resiliency programs.