You are here

Home » Cybersecurity

Cybersecurity

Emotet Effectively Exhausted – Uninstall Command Executed on April 25

The uninstall code planted by the German Bundeskriminalamt (BKA) federal police agency instructing Emotet to uninstall from roughly one million remaining infected systems executed on Sunday. This action cleans up the Windows registry key that enabled the Emotet modules to run automatically and stops and deletes associated services, but does not remove other files, nor does it erase additional malware that might have been installed through the botnet.

OT Cybersecurity – ICS Unicorns are an Endangered Species

It is certainly not impossible to maintain an air gapped control system network, but all too often risk assessments and penetration tests reveal they are a dying breed. Likewise, numerous case studies and research into ICS-focused adversaries reveal many threat groups leveraging IT exploits to traverse into the OT network. Both scenarios confirm the fact that OT and IT cybersecurity need each other for a holistic security posture.

OT and IT Cybersecurity – We Need Each Other

Cybersecurity is an organizational initiative; a necessity. It’s not us (OT) versus them (IT). Cybersecurity is not solely a technology problem. IT standards do not always translate well to secure ICS/SCADA systems and processes; however, much can be gained by understanding IT security principles and how they may or may not relate to OT security. Likewise, IT security needs to know/understand the engineering and operations of control systems so together they can better architect secure solutions.

OT Cybersecurity Compendium – Staffing, Securing IIoT, and OPC Security, Oh My!

OT Cybersecurity Staffing Challenges – Industry expert Dale Peterson outlines three strategies to addressing the OT cybersecurity shortage, including encouraging women into the field, stop demanding cybersecurity unicorns, and don’t force personnel without interest or acumen into OT cybersecurity. Read more at Dale Peterson.

Cyber Resiliency – National League of Cities Helping Municipalities Do More with Less

It’s no secret that small-medium cities, towns, and villages often struggle with cybersecurity despite their implementation of technology solutions. While not the first, nor the last, the incident that occurred in Oldsmar, Florida is a poignant example. Quite simply, cybersecurity is a cost of doing business or providing a critical service in today’s society that just can’t be ignored. Short of an apocalypse, the need for cybersecurity is not going away, regardless of funding and resource constraints.

ICS Cybersecurity Recommendations for Level 0 and Level 1 Devices

What seemed to begin as a friendly debate between industrial cybersecurity experts Joe Weiss and Dale Peterson, has resulted in a salient three-part series on security controls for Purdue Level 0 and Level 1 devices. While the need for security of Level 0 and Level 1 devices is not in question, some organizations understandably grapple with the priority of implementing proper controls to protect these crucial devices.

According to Dale, this three part article series can be summarized as follows:

Kaspersky Report on APT Attacks Against Industrial Organizations

Yesterday, Kaspersky ICS CERT released a report on advanced cyber threat groups they track targeting industrial organizations. While APT attacks do not represent the bulk of cyber threat activity against our industrial organizations, they do represent the highest consequence if successful. However, not all APT groups have advanced tradecraft with the capability to disrupt or destroy industrial assets. In other words, just because a group has targeted industrial organizations, does not mean they have advanced capabilities beyond IT-based network actions.

Pages

Subscribe to Cybersecurity