Industrial Cyber Security News
Stay up-to-date with Nozomi Networks on and
LockerGoga ransomware blamed for Norsk Hydro attack – impacts aluminium prices
Nozomi Networks Labs has carried out an analysis into the LockerGoga ransomware, which aims to explain how the malware works and how victims can tell they are infected.
Norsk Hydro recovers some systems following Lockergoga ransomware security breach
Nozomi Networks Labs explained: “The malware encrypts the files with the targeted extension and soon after drops the ransom note inside the filesystem, providing the user with the steps he/she must take in order to get the files back. It follows the classic approach present in most ransomware malware.”
Norsk Hydro Restoring Systems, But Not Paying Ransom
Nozomi has pointed out that the malware includes some anti-analysis features, such as detecting the presence of virtual machines and deleting itself to prevent researchers from collecting samples.
Nozomi Launches Research Lab
The goal behind the lab to provide the ICS cyber security community with the information, tools and guidance that can help reduce cyber threats to industrial and critical national infrastructure.
Industrial Cybersecurity Firm Nozomi Launches Research Department
While this is the formal launch of its research department, Nozomi has already conducted detailed analysis of some major threats targeting industrial control systems (ICS), including the GreyEnergy and Triton/Trisis malware families. The company has also created and released some tools that may be useful to defenders.
CYBERRISIKEN BEI KRITISCHEN NATIONALEN INFRASTRUKTUREN VERSTEHEN
Unternehmen müssen für unterschiedliche Schutzebenen sorgen. Das reicht vom Absichern des Netzwerks selbst bis dahin, es auf Anomalien zu überwachen, die Anzeichen für eine Cyberbedrohung sein könnten. Angriffe auf kritische Infrastrukturen / CNI nehmen zu, das ist ein Fakt. Aber sowohl der öffentliche wie der private Sektor nehmen die Bedrohungen sehr ernst und ergreifen aktiv Schritte für mehr Sicherheit und Widerstandsfähigkeit dieser Umgebungen.
NSA Releases Security Research Tool But Can You Trust It?
Suzanne Spaulding is an advisor to Nozomi Networks and a former Department of Homeland Security Under Secretary, she told me that she understands the mistrust but would certainly use Ghidra herself. “First, it’s incredibly useful for forensic threat analysts” she explains, continuing “second, it’s open source, so NSA would be taking a huge risk that anything malicious it might build in would be detected eventually.”
Reverse Engineering GreyEnergy Malware
It’s important for those defending critical and industrial infrastructure to share knowledge and stay up-to-date on malware tradecraft.
Deep Packet Inspection Powers New Industrial Systems Security Tool
Nozomi’s SCADAguardian uses deep packet inspection against tables of known malware behavior, as well as pattern recognition and relationship observations.
TÜV, Nozomi Ink Partnership Pact
TÜV Rheinland and Nozomi Networks are collaborating to improve the detection and remediation time of cybersecurity threats that target operational technology infrastructure.
Nozomi Networks Embeds SCADAguardian Advanced on RUGGEDCOM Platform
This week at the DistribuTECH conference, Nozomi Networks debuted its flagship industrial security and visibility solution as part of Siemens RUGGEDCOM Multi-Service Platforms. Nozomi’s SCADAguardian Advanced Container Edition provides industrial operators and cyber security teams with an embedded solution for real-time cyber security and OT network visibility.
GreyEnergy malware uses junk code and anti-analysis techniques to evade detection
An analysis of the malware linked with the 2015 cyber-attacks on the Ukrainian power grid reveals that hackers added a large amount of junk code to their malware in a bid to evade detection and to confuse security researchers.
GreyEnergy malware has ‘massive amounts of junk code’ meant to confuse researchers
His work shows that while attackers can be very persistent, so, too, are the analysts tracking them.
Nozomi Embeds Security into Ruggedcom
The consolidated solution provides industrial operators and cyber security teams with a rugged networking and switching platform that includes industrial cyber security capabilities built-in. Users can gain computing and cyber security functionality, while reducing rackspace and streamlining procurement and installation productivity.
SCADAguardian from Nozomi Networks
If you need to know what talks to what in your ICS network, when, and what they say, then SCADAguardian is a flexible, friendly, and highly effective option.
Oklahoma Government Leaks 3TB of Sensitive Data
“We need to stop making it so easy for hackers and bad actors who are simply using tools that have been around for years,” argued Suzanne Spaulding, Nozomi Networks adviser and former DHS under secretary.
Nozomi Networks continues to address IT/OT convergence issues with Schneider Electric partnership
We tested a number of different vendors, and Nozomi came out on top.
S4: Schneider, Nozomi Ink Partner Pact
The pact allows Schneider to respond more aggressively to immediate demand for effective, operational technology cybersecurity services, solutions and expertise in oil and gas, power, building automation and other industrial sectors…“Nozomi is now part of the Schneider EcoStructure…
Schneider Electric Partners with Nozomi Networks to Provide Enhanced Solutions to Secure and Protect Critical Infrastructure
The partnership helps to strengthen Schneider Electric’s commitment to a defense-in-depth approach that helps to prevent and minimize cyberattacks and creates a multi-layered, multi-technology strategy to better safeguard critical systems.
US government shutdown eroding web security
Suzanne Spaulding, an advisor at security vendor Nozomi Networks and former DHS Under Secretary, warned: “With each passing day, the impact of the government shutdown on our nation’s security grows… Cybersecurity is hard enough with a full team. Operating at less than half strength means we are losing ground against our adversaries.”
