It is certainly not impossible to maintain an air gapped control system network, but all too often risk assessments and penetration tests reveal they are a dying breed. Likewise, numerous case studies and research into ICS-focused adversaries reveal many threat groups leveraging IT exploits to traverse into the OT network. Both scenarios confirm the fact that OT and IT cybersecurity need each other for a holistic security posture.
On Tuesday, Siemens released five advisories related to vulnerabilities in its products used in industrial environments regarding the NAME:WRECK vulnerability disclosed by Forescout that same day.
Cybersecurity is an organizational initiative; a necessity. It’s not us (OT) versus them (IT). Cybersecurity is not solely a technology problem. IT standards do not always translate well to secure ICS/SCADA systems and processes; however, much can be gained by understanding IT security principles and how they may or may not relate to OT security. Likewise, IT security needs to know/understand the engineering and operations of control systems so together they can better architect secure solutions.
It’s easier to trick a person than it is to “hack” a computer – if that weren’t true, security awareness programs wouldn’t be necessary. But with the continually increasing volume of threats targeting users instead of computers, security awareness programs are as vital as asset management in every cybersecurity strategy.
OT Cybersecurity Staffing Challenges – Industry expert Dale Peterson outlines three strategies to addressing the OT cybersecurity shortage, including encouraging women into the field, stop demanding cybersecurity unicorns, and don’t force personnel without interest or acumen into OT cybersecurity. Read more at Dale Peterson.
It’s no secret that small-medium cities, towns, and villages often struggle with cybersecurity despite their implementation of technology solutions. While not the first, nor the last, the incident that occurred in Oldsmar, Florida is a poignant example. Quite simply, cybersecurity is a cost of doing business or providing a critical service in today’s society that just can’t be ignored. Short of an apocalypse, the need for cybersecurity is not going away, regardless of funding and resource constraints.
Honeywell just released its USB Threat Report 2020. If your utility uses USB’s in the OT environment, this is a must read report to understand the types of threats Honeywell detected and the potential impact these threats could have on industrial facilities and critical infrastructure.
Key findings from the USB Threat Report 2020 include:
What seemed to begin as a friendly debate between industrial cybersecurity experts Joe Weiss and Dale Peterson, has resulted in a salient three-part series on security controls for Purdue Level 0 and Level 1 devices. While the need for security of Level 0 and Level 1 devices is not in question, some organizations understandably grapple with the priority of implementing proper controls to protect these crucial devices.
According to Dale, this three part article series can be summarized as follows:
Yesterday, Kaspersky ICS CERT released a report on advanced cyber threat groups they track targeting industrial organizations. While APT attacks do not represent the bulk of cyber threat activity against our industrial organizations, they do represent the highest consequence if successful. However, not all APT groups have advanced tradecraft with the capability to disrupt or destroy industrial assets. In other words, just because a group has targeted industrial organizations, does not mean they have advanced capabilities beyond IT-based network actions.
Industrial cybersecurity firm Claroty released its research regarding findings of vulnerabilities affecting Ovarro’s TBox remote terminal units (RTUs) and TWinSoft engineering software. ICS-CERT has published ICS Advisory ICSA-21-054-04. Claroty’s research highlights findings in implementations of Ovarro’s proprietary version of the Modbus protocol which allows for malicious code to be injected through the modification of an update package.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
