Nozomi Networks Labs

Defending Critical Infrastructure Against Cyber Risk

ABOUT LABS

Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations.

Through our cyber security research, and collaboration with industry and institutions, we’re helping defend the industrial systems that support everyday life.

Collaborating to Reduce ICS Cyber Risk

Nozomi Networks Labs is working with a broad range of experts, industry leaders and institutions to improve industrial cyber security.

If you’d like to work together, we’d love to hear from you!

NEW Mitsubishi Electric MELSEC-Q Series Ethernet Module  NCCIC ICS-CERT

NEW Nozomi Networks Labs Finds New Rockwell PLC Vulnerability BLOG  NCCIC ICS-CERT

 Research Reports

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Tools

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Threat Advisories

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Labs Blogs

New TRITON ICS Malware is Bold and Important

FireEye has reported that it has recently worked with an industrial operator whose facility was attacked by a new type of ICS malware, which they are calling TRITON. The attack reprogrammed a facility’s Safety Instrumented System (SIS) controllers, causing them to enter a failed state, and resulting in an automatic shutdown of the industrial process.

The TRITON attack is bold and notable because it is the first known industrial control system (ICS) attack that has targeted and impacted not just an ICS, but SIS equipment. Fortunately, because of the unique nature of how each plant implements its SIS and overall safety measures, the malware is not readily scalable.

read more

Bad Rabbit Highlights Employees’ Role in Cyber Security Attacks

Recently reports of a new ransomware malware known as Bad Rabbit was making headlines in the press. A suspected variant of NotPetya, Bad Rabbit spread quickly through IT networks in Europe and elsewhere.
Our research indicates that while Bad Rabbit infections started to be reported in late October, the group behind the attacks started creating an “infection-network” in July. While not reported as impacting industrial systems, industrial operators should take note of this attack and what it means for their cyber resiliency programs.

read more

Advancing IEC Standards for Power Grid Cyber Security

Last week Nozomi Networks had the privilege of hosting the first WG15 meeting of 2017. This group is responsible for establishing end-to-end cyber security standards for the world’s power system communication protocols. Read on to learn more about WG15 and how we advanced standards for encrypted communications for the power grids of the future.

read more

OT ThreatFeed

Click to enlarge.

Curated and maintained by Nozomi Networks Labs, the OT ThreatFeed™ provides threat and vulnerability updates to SCADAguardian and SCADAguardian Advanced, making it easy for IT/OT professionals to stay on top of current ICS risks.

“Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.”

ANDREA CARCANO & MORENO CARULLO

Co-founders, Nozomi Networks

© 2019 Nozomi Networks, Inc.
All Rights Reserved.