Industrial Cyber Security Blog

Integration with Cisco Technologies Delivers IT / ICS Security

Integration with Cisco Technologies Delivers IT / ICS Security

Nozomi Networks has integrated its ICS security solution with Cisco Security technologies to deliver comprehensive operational visibility and cyber security across IT/OT networks.

Together, we provide real-time monitoring and threat detection that streamlines security policy management & enforcement, and speeds incident response.

read more
How ICS Data Analytics & Cyber Security Deliver True Business Value

How ICS Data Analytics & Cyber Security Deliver True Business Value

Last month we launched our partnership with digital transformation heavyweight Atos. Combining Atos analytics on data from industrial devices, with our cyber security processes, takes operational visibility and OT security to new levels.

But the real value goes way beyond cyber security – to include lower total cost of ownership and business resilience. Read on to learn more.

read more
Overcoming IT/OT Cybersecurity Convergence Roadblocks

Overcoming IT/OT Cybersecurity Convergence Roadblocks

Many organizations still view IT and OT cyber security as unique issues to address, yet the need for convergence has never been more important. Attackers exploit the security gaps between IT and OT technologies exactly because those responsible for their defense have different priorities.

While challenging to achieve, IT / OT convergence will eliminate security gaps and reduce overall cyber risk. Read on to learn more.

read more
New Product Line Delivers Choice in Deep ICS Network Visibility

New Product Line Delivers Choice in Deep ICS Network Visibility

As I travel the world visiting industrial sites, I am seeing the state of ICS cybersecurity changing. While most of our customers are very satisfied with our passive solution, some organizations want deeper visibility.

Today I am proud to announce a new, additional product line, SCADAguardian Advanced™ (SGA), that builds on our passive technology but adds ICS-safe Smart Polling™ to further identify assets, vulnerabilities and threats.

read more
Open Source Software Exposes ICS Device Vulnerabilities to Hackers

Open Source Software Exposes ICS Device Vulnerabilities to Hackers

It’s disturbing to think that disruption and damage to our critical infrastructure can happen by simply combining the use of OSS tools with malicious intent. Fortunately, those same tools are being used by ICS security researchers around the world to increase industrial control systems cyber security.

Read on to learn why transportation, communications, energy and emergency services are so exposed, and what’s being done to close the ICS cyber security gap.

read more
Black Hat: Understanding TRITON, The First SIS Cyber Attack

Black Hat: Understanding TRITON, The First SIS Cyber Attack

Today at Black Hat USA I am part of a team speaking about the landmark TRITON malware attack. We are presenting new research on TRITON, releasing two tools to help defend against it and publishing a white paper summarizing our findings.

The TRITON malware attack went beyond other industrial cyber attacks by directly interacting with a Safety Instrumented System (SIS). Asset owners should act immediately to secure their SIS — and the information in our white paper will help.

read more
Electric Grid Cyber Security: Ten Actions Utilities Can Do Now

Electric Grid Cyber Security: Ten Actions Utilities Can Do Now

Concerns about cyber attacks on the U.S. critical infrastructure have reached a new level with The Wall Street Journal reporting “an evolution in the U.S. government’s thinking about how to deter malicious cyberactors”.

Find out ten actions that can be done quickly to monitor and secure the electrical grid against determined threat actors.

read more
SCADA Cyber Security for an Industry 4.0 Oil and Gas Application

SCADA Cyber Security for an Industry 4.0 Oil and Gas Application

If you’re boots-on-the-ground dealing with the daily oil and gas challenges of control and automation, you’ve likely heard lots about Industry 4.0, the fourth wave of industrial revolution. Given the inter-connection between more and more devices and commercially marketed systems, the cyber security challenges of this phase of automation are daunting.

To overcome these hurdles, let’s examine how an application that’s been around for a long time – hosted SCADA, can be monitored for cyber security, data integrity and reliability.

read more
Russian Cyber Attacks on Critical Infrastructure: The “New Normal”

Russian Cyber Attacks on Critical Infrastructure: The “New Normal”

Concerns about Russian cyber attacks on U.S. electric utilities have increased again this week. The Wall Street Journal is reporting that such attacks have impacted hundreds of victims, not just the dozens reported earlier.

This news brings a new wave of concern about cyber attacks across the U.S. and beyond. If you are involved in this discussion, following is a recap of what is known about the Russian cyber attacks and my thoughts on its significance and repercussions.

read more
New TRITON Analysis Tool: Wireshark Dissector for TriStation Protocol

New TRITON Analysis Tool: Wireshark Dissector for TriStation Protocol

In 2017, TRITON malware was used to attack a gas facility, directly interacting with its Safety Instrumented System (SIS). Given the significance of this attack, Nozomi Networks conducted research to better understand how TRITON works.

Today we released a Wireshark dissector for the TriStation protocol on GitHub to help the ICS community understand SIS communications. Our complete TRITON analysis will be presented at Black Hat USA 2018.

read more