Industrial Cyber Security Blog

GreyEnergy Malware Research Paper: Maldoc to Backdoor

GreyEnergy Malware Research Paper: Maldoc to Backdoor

When the GreyEnergy Advanced Persistent Threat (APT) was unveiled last year, I decided to put my reverse engineering skills to work and study one of its infection techniques.

Find out about the methods the malware’s packer stage used to conceal its true functionality, plus get access to my full Research Paper, in today’s article.

read more
Nozomi Networks Embeds SCADAguardian Advanced on RUGGEDCOM Platform

Nozomi Networks Embeds SCADAguardian Advanced on RUGGEDCOM Platform

Nozomi Networks is proud to debut our flagship industrial security and visibility solution as part of the RUGGEDCOM Multi-Service Platforms from Siemens AG.

Our integrated offering delivers multiple advantages, including an industrially hardened, comprehensive cyber security solution with a low Total Cost of Ownership (TCO). Let’s take a closer look at this innovative and useful development.

read more
IEC 62351 Standards for Securing Power System Communications

IEC 62351 Standards for Securing Power System Communications

To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.

As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.

read more
Nozomi Networks, Schneider Electric Work Together to Secure Critical Infrastructure

Nozomi Networks, Schneider Electric Work Together to Secure Critical Infrastructure

I’m excited to let you know that Schneider Electric has teamed up with Nozomi Networks to help secure industrial facilities as they face escalating cyber threats and rapid digital transformation in the age of IIoT.

Our global partnership agreement provides Schneider Electric customers with easy access to our ICS cyber security and visibility solution, security-enhanced industrial internet of things solutions, and a global network of trained consultants.

read more
Grading My 2018 ICS Security Predictions: Did They Come True?

Grading My 2018 ICS Security Predictions: Did They Come True?

Going into 2018, I predicted that it would be the year ICS security went mainstream. Industrial cyber security practices would mature, IT and OT would finally converge, and AI technologies would facilitate threat monitoring.

As we kick off 2019, I reflect back on my five predictions for last year. Find out how I did, along with my thoughts on some notable OT security developments of the year.

read more
Simplifying the ICS Cyber Security Vendor Selection Process

Simplifying the ICS Cyber Security Vendor Selection Process

Defining ICS cyber security needs and selecting a trusted partner can be challenging for industrial operators, so Kim Legelis sat down with ARC Advisory Group VP Research Larry O’Brien to see if he could help simplify the process.

From the challenges of IT/OT convergence to ensuring asset visibility, read on to learn what that Larry thinks are important considerations, and ways to streamline the selection process.

read more
2019 Predictions: ICS Cyber Security Challenges for CISOs

2019 Predictions: ICS Cyber Security Challenges for CISOs

What does Suzanne Spaulding, Nozomi Networks’ new Advisory Board Member, see as the biggest cyber threat challenges for CISOs and their security teams in 2019?

From what’s holding nation-state threat actors in check, to outing hackers and cross-sector collaboration, read on to learn about Suzanne’s top 6 cyber security predictions for 2019.

read more
Making the Case for an IT/OT Security Operations Center (SOC)

Making the Case for an IT/OT Security Operations Center (SOC)

With the responsibility to keep their companies ahead of all enterprisewide threats, CIOs or CISOs certainly feel the pressure. They’re often challenged by lack of experience in managing digital risk from the industrial side of the company.

A key part of the solution is simple: an IT/OT SOC. And, the good news is that there is a straightforward way to integrate ICS security oversight into an existing SOC.

read more
Analyzing the GreyEnergy Malware: from Maldoc to Backdoor

Analyzing the GreyEnergy Malware: from Maldoc to Backdoor

GreyEnergy is an Advanced Persistent Threat (APT) which has been targeting industrial networks in Eastern European countries for several years.

As a security analyst, I have studied the malware and provide a detailed description of how it works, from the moment that someone receives a phishing email, until the malware is installed in a PC. We also provide the GreyEnergy Unpacker, a free tool for other analysts to use for further analysis of this advanced persistent threat.

read more