Select Page

OT & IoT Security News

Another Reason to Avoid Ransomware Payments: US Treasury Warns That It Might Violate Sanctions

Edgard Capdevielle, CEO at Nozomi Networks, also sees the US Treasury advisory as a reminder of the ever-increasing importance of a preventive security program and a robust backup system as an alternative to paying ransoms: “Ransomware attacks and other cyberthreats will remain constant as our personal lives and business operations continue to digitalize. That’s why choosing to pay a ransom is too often a short-sighted response that could come at a high cost…”

Read More


#NCSAM: Is Connected Ever Going to be Protected?

Andrea Carcano is the co-founder of Nozomi Networks, and claimed in the face of a global pandemic, IoT connections are empowering a level of remote work like none before. “We’ve seen industrial operators go from a single digit percentage of their workforce working remotely, to 52% and higher,” he said. “This deluge of internet-connected devices opens the door to a whole slew of new vulnerabilities and creates a much large attack surface.” He claimed NCSAM is a good time to remember that it doesn’t have to take a catastrophe to spur change.

Read More


Hackers Are Loving the New Wild West

According to Andrea Carcano, co-founder of IT/OT security provider Nozomi Networks, transportation organizations are rapidly evolving to improve their service levels and efficiency. As the same time, safety has never been more important, as risks from cyber threats increase.

Read More


Ransomware Attack on Shipping Giant

Andrea Carcano, co-founder of Nozomi Networks, described the level of system visibility and cybersecurity maturity in the shipping sector as “relatively low. The maritime industry in particular transports 90% of the world’s trade, and like other industries, is becoming increasingly connected, automated and remotely monitored,” said Carcano.

Read More


US Tugboat cyber-attack: the experts respond

According to Nozomi Networks co-founder Andrea Carcano, what happened in the US must be seen as a warning. “It’s a reminder that threat actors are lurking,” he explains. “As our global pandemic forces more remote work scenarios and as maritime organizations modernise and embrace digitalisation, they must take steps to prevent and defend against cyber threats.”

Read More

Laser developer IPG Photonics hit by a ransomware attack

“The ransomware attack against IPG Photonics highlights a concerning trend,” Andrea Carcano, co-founder of operational technology and “internet of things” security company Nozomi Networks Inc., told SiliconANGLE. “Attackers are demanding higher ransoms and targeting larger and more critical organizations. These threats should be a serious concern for security professionals responsible for keeping not only IT, but OT and IoT networks safe.”

Read More


CISA Named Top-Level Root CVE Numbering Authority

According to MITRE, there are currently 139 CNAs across 24 countries. One of the latest additions is OT and IoT security solutions provider Nozomi Networks, which can assign CVEs to flaws found in its own products and third-party industrial and IoT products that are not covered by a different CNA.

Read More


Nozomi Earns CVE Numbering Authority Status – ISSSource

The CVE Program, sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE, is the de facto international standard for identifying and naming cybersecurity vulnerabilities that leave systems open to attack.

Read More


Outside in security – the new world of remote access

The remote access genie is certainly out of the bottle and it will never return to the same state as before the pandemic. How Australian tech and security leaders react and adapt will be a telling point on how the country survives and competes in an enhanced digital economy.

Read More


Russian Attempt to Attack Tesla a Stark Warning to Enterprises

“This is the tip of the iceberg,” said Chris Grove, technology evangelist for Nozomi Networks, which produces monitoring and risk mitigation software for industrial control systems and IoT networks. “They were trying to ransom $5 million or $6 million but were planning to steal a half billion in data from Tesla.”

Read More


Maze delivers on threat to publish data stolen from Canon

“Evidence suggests that [Maze] operates under an affiliate model, which explains the diversity in its targets as well as the heterogeneity in TTPs employed to successfully compromise its victims,” said Andrea Carcano, co-founder of Nozomi Networks. “While originally spread through exploit kits and emails with malicious attachments, it has evolved to follow new trends and recently began to be deployed post-compromise. The post-compromise deployment approach gives the attackers time to perform lateral movement in the network and maximize the potential impact by exfiltrating and encrypting specific assets.”

Read More


Hackers Are Targeting the Remote Workers Who Keep Your Lights On

“If you notice an attack going on, it’s already too late,” said Andrea Carcano, co-founder of Nozomi Networks, which provides web security services for utilities and other industries. Nozomi estimates that grid attacks have increased 35% since Americans began quarantining. That correlates with more electric-sector employees working from home.

Read More


Satellite IoT helps remote farmers

A 2018 ACS report predicted that 25 per cent of attacks on businesses would involve IoT devices by this year – and the prediction was recently validated by a Nozomi Networks analysis that found cybersecurity threats against OT targets had surged in the first half of this year.

Read More


Surge in Consumer-Grade IoT Devices Undermining Enterprise Security

The second report this week, from Nozomi, showed that shadow IoT devices present a threat not just to the corporate network but to the OT environment as well. According to Nozomi, IoT botnets were one of the fastest-growing threats to operational networks in the first half of 2020 because of the proliferation of IP-connected devices.

Read More