Select Page

OT & IoT
Security Blog

Learn More About OT & IoT Security and Visibility

OT & IoT Security Blog

Learn More About OT & IoT Security and Visibility

Answering the Call for Heightened Vigilance in the Face of Unknown Threats

Answering the Call for Heightened Vigilance in the Face of Unknown Threats

With vendors leveraging increasingly advanced obfuscation and encryption techniques to protect the confidentiality of their code, finding vulnerabilities can be especially challenging. Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The firmware in the Schneider Electric APC PDU is an example of such a code; it has been around for years and is compiled for an old and obsolete version of the Intel 80286, which prevents easy reading or inspection.

read more
Reverse Engineering Obfuscated Firmware for Vulnerability Analysis

Reverse Engineering Obfuscated Firmware for Vulnerability Analysis

With vendors leveraging increasingly advanced obfuscation and encryption techniques to protect the confidentiality of their code, finding vulnerabilities can be especially challenging. Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The firmware in the Schneider Electric APC PDU is an example of such a code; it has been around for years and is compiled for an old and obsolete version of the Intel 80286, which prevents easy reading or inspection.

read more
How to Analyze Malware for Technical Writing

How to Analyze Malware for Technical Writing

In the ever-changing world of cybersecurity, new threats appear and evolve on a regular basis. To efficiently conduct an analysis and publish new findings on emerging malware, it’s important to be prepared. We share tips on how researchers can conduct the analysis, and a suggested workflow.

read more
Ukraine, Vermont Utility Cyberattacks Highlight Need for Robust ICS Security in 2017

Ukraine, Vermont Utility Cyberattacks Highlight Need for Robust ICS Security in 2017

2016 ended with reports of 2 electric utility organizations, on different sides of the world (Ukraine and Vermont), citing cyberattacks or cyber infections. Both incidents highlight that corporate computer infections can threaten power systems and the need for robust ICS security in 2017. This article highlights the steps involved in the watershed 2015 Ukraine utility cyberattack as it moved from IT to OT systems and suggests ways of improving threat detection and mitigation.

read more
Extract Firmware from OT Devices for Vulnerability Research

Extract Firmware from OT Devices for Vulnerability Research

One of the most challenging tasks for a cybersecurity researcher is getting access to the underlying file system in OT devices to do a full analysis of potential attack vectors. This blog describes techniques for extracting firmware directly from the hardware and reading the flash content, a critical skill in a structured research team.

read more
ICS Security Lags Digitization in U.S. Oil and Gas Industry

ICS Security Lags Digitization in U.S. Oil and Gas Industry

A recently released study by the Ponemon Institute finds that 61% of oil and gas operators in the U.S. indicate that their organization’s ICS protection and security is inadequate. While the implementation of digitally connected industrial components is delivering business benefits, it has significantly increased cyber risk. Yet only 41% of companies continually monitor OT infrastructure to prioritize cyber threats and attacks.

read more
Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall

Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall

Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solutionbuilt for ICS.

Now, Nozomi Networks has extended the utility and reach of Nozomi Networks Guardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.

read more
Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence

Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence

Malware attacks like WannaCry, Dragonfly 2 and Industroyer have brought industrial cyber threats to the attention of corporate boards and governments around the world. As a result, CISOs and those responsible for critical infrastructure are demanding real, enterprise-grade OT security solutions. Many are reaching out to trusted partners in IT security, looking for help in securing their industrial control networks.

This is the driver behind our new partnership with FireEye. FireEye’s customers include more than 40% of the Forbes Global 2000 and they depend on FireEye to eliminate the complexity and burden of cyber security for them.

To help extend its ICS cyber security offerings, FireEye recently thoroughly analyzed the market for ICS network security monitoring solutions. We’re happy to announce today that our solution has been selected by FireEye to provide cyber security visibility and threat detection for industrial control systems. Find out why our technical excellence and ICS expertise stands out from the crowd.

read more
Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet

Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet

In the future, an organization’s cyber security strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.

Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cyber security. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.

If you’re interested in improving IT / ICS cyber security, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cyber security thread for Fortinet Security Fabric.

read more

THE LATEST LABS BLOGS

stay current with Cybersecurity, OT, and IoT trends and information

New BotenaGo Variant Discovered by Nozomi Networks Labs

While the use of open-source programming languages has its benefits, attackers find it equally beneficial and have been utilizing Go to code malicious malware. Our research highlights a new variant of the BotenaGo malware that specifically targets Lilin security camera DVR devices, which we have named Lillin scanner.

read more