Cybersecurity Blog: The Cyber Scene is evolving, are you?

WannaCry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a ransomware targeting Microsoft Windows operating system. On Friday May 12, 2017 a widespread attack using this ransomware was launched affecting IT organizations worldwide. The ransomware encrypts files changing the extensions to: .wnry, .wcry, .wncry and .wncrypt.  The malware then presents a window to the user with a ransom demand.

Read more

Last month I spoke at a cybersecurity forum of public power utilities. Many were fairly small, and for the most part, were subjected to the provisions of the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) standards that many of their larger brethren have been struggling to comply with. Nonetheless, I was struck by how many were trying to “do the right thing” with respect to cybersecurity. Given their limited budgets, much of that commitment was centered on the efforts of their employees rather than the purchase of expensive technologies. But I was still heartened by that effort when many larger utilities seem to be checking the box. Some of that is an understandable exhaustion from multiple years of intensive scrutiny by NERC CIP auditors and their overseers at the Federal Energy Regulatory Commission (FERC). With the most recent deadline passing last April, it’s not surprising that some utilities may be taking a breather. At the very least, the urgency is less now despite some passing news. For a while we thought that the Russians were hacking Burlington Electric, but that story fizzled, notwithstanding the utility’s laudable efforts to alert the industry to a threat. Potentially more serious were Turkey’s claims that someone in the United States hacked their grid and caused an outage, but weather was the more likely culprit. Finally, it seems we had a sort of a repeat of December 2015's power grid outage in Ukraine; this one being investigated as a cyber attack in Kiev.

Read more

The value of segmenting local area networks into security zones is widely recognized yet rarely done well. Many large production environments are susceptible to today's sophisticated attacks due to a focus on perimeter security, leaving internal networks as a “flat” architecture, and difficult to defend from well-designed exploits. Attacks on poorly segmented networks are often the result of malware having found the easiest path in, then moving to penetrate more valuable assets within the enterprise WAN.

Read more

According to technologist and entrepreneur Jay Samit, “To be successful, innovation is not just about value creation, but value capture.” Few technologies today capture value like the Internet of Things (IoT)—the ever-growing network of physical objects connected to the Internet. The ability of devices to “talk” to each other using technologies such as WiFi, Bluetooth, ZigBee and 2G/3G/4G cellular, to name a few, has forever changed product design and consumer expectations.

Read more

Monitor asset performance in real-time with new widgets available with Industrial Defender ASM version 6.2

The Industrial Defender ASM has always been more than an event monitoring platform. Now there’s one more reason why this technology is rapidly becoming the de facto solution to monitor, manage and protect ICS assets.

Asset Trends offers operational end-users a new set of widgets to track and trend asset performance. This investigative tools can be used to review a specific set of asset details for a finite span of time. When comparing trends it’s easy to identify anomalies and under-performing asset(s). Further analysis can be done to review the resources on the under-performing asset by spinning up a widget with settings set to compare I/O, memory and disk usage. These widgets display continuous, analog information in both a graph and table format over a selectable time interval using menus of metric categories and associated metric names for display. There are four standard widgets available: CPU usage, memory usage, disk usage and networking.

Read more

Industrial control systems operations owners find project success with Industrial Defender ASM

Effective cyber asset management is crucial to operations. Monitoring asset inventory details, health and configurations from a unified, single view platform provides increased effeciency and situational awareness.

An operations manager can effectively use the pre-configured ASM dashboard to monitor the health and welfare of assets.

An operations manager logs in to ASM each day or views the dashboard on a large screen. As new events and asset configuration changes are detected the dashboard updates with the latest information. Tiles across the top of the display track operation events and asset configuration changes that the manager would like to monitor. Charts and graphs provide more detail about aggregation of events across the environment.

  • Real-time asset configuration changes and events indicating resource issues and limitations
  • View CPU and network resource limitations
  • Asset configuration changes
  • Newly discovered assets
  • Charts and graphs provide
    • Reachability and distribution by varying criteria
    • Capture trends over time to detect suspicious anomalies
Read more

Release of ASM 6.0 was a significant milestone for our team and the Industrial Defender ASM solution stack. In a little more than two years from its first release ASM has captured the mindshare of the OT market. With ASM 6.0 we’ve introduced new applications and several key improvements to existing applications. After a successful controlled introduction process we are to happy to announce the general availablity to the market.

Industrial Defender solutions will be the standard across our entire fleet." – Leading US Utility

Read more

Primary objectives of hydroelectric control systems operators include ensuring operational stability and simplifying the task of meeting federal security and compliance requirements.

What's standing in their way? We've compiled a list of 10 major concerns facing operators in assuring the operational stability of all water management assets, as well as compliance with Federal Energy Regulatory Commission and NERC standards. These challenges can be broadly grouped into three major areas:

  • Business Practices
  • Infrastructure Management
  • Policy Considerations

Read more