In its recent ICS Cybersecurity 2020 Year in Review Report (shared in the Security & Resilience Update for February 25, 2021) Dragos revealed four new ICS threat activity groups, KAMACITE, VANADINITE, STIBNITE, and
Network segmentation is a fundamental defense-in-depth strategy to limit communications across network boundaries and protect assets from unauthorized access. However, a commonly identified weakness during risk assessments is often a lack of appropriate network segmentation.
Used across multitude of facilities, often unmanaged and connected to the corporate network with little to no security, surveillance cameras provide an avenue for compromise. Compromise that usually leads to serious privacy concerns, but also opens the lens of access to the broader corporate network and for launching future attacks against customers. Attackers claim to have obtained privileged credentials for a high-level administrator at Verkada, an enterprise security camera solutions company.
A quick-hit of recent ransomware activity and developments.
Risk management firm, The Gate 15 Company reviews the February 5, 2021 blended threat (cyber-physical) incident at the Oldsmar, Florida Water Treatment Plant in a recent blog post titled, “Blended Threats: Did Florida’s Cyber Attack Whet Your Appetite for Better Preparedness and Security?” The post highlights the blended threat concerns and reviews some best practices and mitigation actions drawn from WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities for greater preparedness.
In case you haven’t seen it yet, Dragos published its 2020 ICS Cybersecurity Year in Review yesterday. This years' report has some cool interactive elements displayed as an executive summary. Based on extensive experience, assessments, and incident response insights, Dragos shares its observations, lessons learned, and recommendations in this annual data-driven analysis of Industrial Control System (ICS)/Operational Technology (OT) focused cyber threats and vulnerabilities.
In addition to several key findings and recommendations for ICS defenders, read the report for more on:
Zero trust has become a bit of a buzzword lately, especially since the disclosure of the SolarWinds incident. In addition, it’s possible that the concept of zero trust is thought of as applicable only to IT systems and may have industrial systems operators dismissing it. But as the air-gap continues to erode in favor or greater (remote) access to control systems, zero trust becomes essential.
As the country continues discussing the cyber incident which occurred at the Oldsmar Florida Water Treatment Plant on February 5, 2021, it is important to continue highlighting the need for information sharing across the sector. Michael Mimoso, Aperture’s host and Claroty Editorial Director invited Water ISAC Managing Director Michael Arceneaux and Cyber Threat Analyst Jennifer Lyn Walker to discuss the incident, how it underscores the need for better information-sharing about incidents, and improved security hygiene inside critical infrastructure sectors such as water and wastewater.
The dust (new details/disclosures) seems to be settling on the incident at the Oldsmar, Florida Water Treatment Plant that occurred on February 5, 2021. If you haven’t already, now is a good time to assess that your utility is not as vulnerable to the same basic cybersecurity shortcomings that reportedly contributed to the incident and/or have been identified during the investigation.
All eyes are on the Oldsmar, Florida Water Treatment Plant incident at the moment, and not just the security community’s.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
