Cybersecurity Blog: The Cyber Scene is evolving, are you?

New features make compliance and configuration management easier than ever!

Please see links below to view our new Passive Monitoring capabilities sheet:

Overview

Industrial Control Systems / Supervisory Control and Data Acquisition (ICS/SCADA) devices monitor and control critical infrastructure, but what tools monitor these systems? Many ICS/SCADA systems were developed and deployed before the evolution of today’s cybersecurity threats. These systems were not designed to interface with modern IT security architecture. Typically they lack local intelligence or security awareness. Most ICS/SCADA systems are protected only by a firewall, leaving OT security operators with little understanding of who or what may be trying to penetrate and breach there systems. Passive monitoring helps fill this ICS visibility gap.

Passive monitoring deploys non-invasive network sensors that capture the communication between SCADA and PLC devices looking for possible threats. These devices listen to network traffic and have a learning capability that captures the typical communication between devices and report out when anomalous activity is detected.

Read more

Please see links below to Case Studies in Financial Services Cybersecurity:

Overview

Critical infrastructure is not limited to just the energy and utilities sectors. The Financial Services sector is just as critical to a country's security as any nuclear power plant or energy delivery system. It is a hard to imagine our lives with an impaired or disrupted financial commerce system. To address this threat the Financial Services Information Sharing and Analysis Center (FS-ISAC) was launched in 1999. It is the global financial industry's go to resource for cyber and physical threat intelligence analysis and sharing. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non-profit entity. Leidos Cyber, Inc. is proud to be an “Affiliate Member” of FS-ISAC.

Read more

Overview

On March 15 2018, the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) – TA18-074A providing information on Russian government actions targeting U.S. critical infrastructure organizations including energy, nuclear, water, aviation and critical manufacturing sectors. The TA includes the Indicators of Compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks.

Read more

Spear Phishing
noun

The fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.
"spear phishing represents a serious threat for every industry"

How does this serious threat effect your organization? We’ve built a detailed analysis of how one adversary takes a very personal approach to the classic supply chain attack. It analyzes the attack end to end, using the Cyber Kill Chain® analysis framework, including review of how a targeted email was delivered and weaponized.

Note: All names are fictional, and any resemblance to real people or companies is unintentional.

Read more

Leidos has just enhanced its Industrial Defender ASM® to support passive monitoring of ICS assets, now combining market leading active monitoring with full passive monitoring support. Adding passive monitoring support increases key asset visibility capabilities and enhances our customer’s ability to detect and prevent anomalous behavior.

Read more

With their proprietary control protocols and use of specialized hardware and software, early industrial control systems (ICS) had little resemblance to traditional information technology (IT) systems.  However, today’s ICS environments are using industry standard computers, operating systems (OS) and network protocols, putting them at risk of cybersecurity vulnerabilities and incidents. The increased use of wireless networking further acerbates the security issue.

Read more

Cyber attacks are rising faster than ever, resulting in malicious threats infiltrating corporate networks and just about anything technology based. This reality has brought about a shift in the cybersecurity landscape and for good reason.

Read more

Struggling with internal security teams that are short-staffed, overworked, and underskilled, today’s CISOs are turning to information security consulting providers for needed expertise. But who should they turn to in a market full of choices?

Read more

At the Black Hat 2017 conference in Las Vegas, Leidos gave a sneak peek at a new product for critical infrastructure customers—Arena Asset Visibility and Insights (AVI). The product’s concept was driven by interactions with customers who shared concerns over the lack of situational awareness and visibility into their industrial control systems (ICS) network. While most have a wealth of tools and processes to aggressively monitor and respond to threats and security incidents to their Enterprise IT network, their Operations (OT) side is typically only monitored up to the edge of the IT/OT firewall. For the Security Analysts in the SOC, managers who act as a liaison between the plants, corporate IT, and the plant operation managers, OT awareness is minimal.

Read more

The cyber-attack on Ukraine power centers last December — an event that took 30 substations offline and left more than 230,000 residents without power — was a rude awakening for power generation plants and distribution centers around the world. Despite being well-segmented from the control center business networks with robust firewalls — notably more secure than some U.S. operations — the network was still breached.

Read more