Honeywell just released its USB Threat Report 2020. If your utility uses USB’s in the OT environment, this is a must read report to understand the types of threats Honeywell detected and the potential impact these threats could have on industrial facilities and critical infrastructure.
Key findings from the USB Threat Report 2020 include:
What seemed to begin as a friendly debate between industrial cybersecurity experts Joe Weiss and Dale Peterson, has resulted in a salient three-part series on security controls for Purdue Level 0 and Level 1 devices. While the need for security of Level 0 and Level 1 devices is not in question, some organizations understandably grapple with the priority of implementing proper controls to protect these crucial devices.
According to Dale, this three part article series can be summarized as follows:
Yesterday, Kaspersky ICS CERT released a report on advanced cyber threat groups they track targeting industrial organizations. While APT attacks do not represent the bulk of cyber threat activity against our industrial organizations, they do represent the highest consequence if successful. However, not all APT groups have advanced tradecraft with the capability to disrupt or destroy industrial assets. In other words, just because a group has targeted industrial organizations, does not mean they have advanced capabilities beyond IT-based network actions.
Industrial cybersecurity firm Claroty released its research regarding findings of vulnerabilities affecting Ovarro’s TBox remote terminal units (RTUs) and TWinSoft engineering software. ICS-CERT has published ICS Advisory ICSA-21-054-04. Claroty’s research highlights findings in implementations of Ovarro’s proprietary version of the Modbus protocol which allows for malicious code to be injected through the modification of an update package.
On Tuesday, industrial component manufacturing giant Honeywell issued a statement that its IT systems had been disrupted by malware. Limited information was given beyond working with Microsoft to assess and remediate the situation and that the investigation is ongoing.
On par with the annual Verizon Data Breach Investigation Report, is the FBI’s IC3 Internet Crime Report for fan favorite and most frequently referenced. So, without further ado, the 2020 Internet Crime Report has been released.
In its recent ICS Cybersecurity 2020 Year in Review Report (shared in the Security & Resilience Update for February 25, 2021) Dragos revealed four new ICS threat activity groups, KAMACITE, VANADINITE, STIBNITE, and
Network segmentation is a fundamental defense-in-depth strategy to limit communications across network boundaries and protect assets from unauthorized access. However, a commonly identified weakness during risk assessments is often a lack of appropriate network segmentation.
Used across multitude of facilities, often unmanaged and connected to the corporate network with little to no security, surveillance cameras provide an avenue for compromise. Compromise that usually leads to serious privacy concerns, but also opens the lens of access to the broader corporate network and for launching future attacks against customers. Attackers claim to have obtained privileged credentials for a high-level administrator at Verkada, an enterprise security camera solutions company.
A quick-hit of recent ransomware activity and developments.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
