Date: November 17, 2017 By: Moreno Carullo
Recently reports of a new ransomware malware known as Bad Rabbit was making headlines in the press. A suspected variant of NotPetya, Bad Rabbit spread quickly through IT networks in Europe and elsewhere.
Our research indicates that while Bad Rabbit infections started to be reported in late October, the group behind the attacks started creating an “infection-network” in July. While not reported as impacting industrial systems, industrial operators should take note of this attack and what it means for their cyber resiliency programs.
Tag: Critical Infrastructure Cybersecurity
Date: November 17, 2017 By: Moreno Carullo
Date: November 15, 2017 By: Chet Namboodri
Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solutionbuilt for ICS.
Now, Nozomi Networks has extended the utility and reach of Nozomi Networks SCADAguardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.
Date: October 23, 2017 By: Andrea Carcano
Amid rising threats to industrial control systems, it’s good to see more and more operators realizing there is new technology available that can significantly help them with the challenge of ICS cybersecurity. Companies are moving beyond relying on network segmentation, industrial firewalls and SIEMs and want to monitor and analyze their network traffic in real-time so they can immediately act to defend security and reliability.
Our passive ICS cybersecurity and visibility solution addresses that goal, and today I am glad to let you know that we are advancing our offering with our second major product release of 2017. It further enhances our strength in ICS threat detection and addresses the needs of large customers for easy IT/OT integration. Let’s look at the key capabilities in release 17.5.
Date: October 10, 2017 By: Heather MacKenzie
Malware attacks like WannaCry, Dragonfly 2 and Industroyer have brought industrial cyber threats to the attention of corporate boards and governments around the world. As a result, CISOs and those responsible for critical infrastructure are demanding real, enterprise-grade OT security solutions. Many are reaching out to trusted partners in IT security, looking for help in securing their industrial control networks.
This is the driver behind our new partnership with FireEye. FireEye’s customers include more than 40% of the Forbes Global 2000 and they depend on FireEye to eliminate the complexity and burden of cybersecurity for them.
To help extend its ICS cybersecurity offerings, FireEye recently thoroughly analyzed the market for ICS network security monitoring solutions. We’re happy to announce today that our solution has been selected by FireEye to provide cybersecurity visibility and threat detection for industrial control systems. Find out why our technical excellence and ICS expertise stands out from the crowd.
Date: September 26, 2017 By: Chet Namboodri
In the future, an organization’s cybersecurity strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.
Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cybersecurity. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.
If you’re interested in improving IT / ICS cybersecurity, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cybersecurity thread for Fortinet Security Fabric.
Date: August 24, 2017 By: Chet Namboodri
When dealing with the difficulties of securing critical infrastructure, it’s sometimes good to take a step back from day-to-day challenges and take a macro view; look at the big picture.
Fortinet’s CISO Phil Quade did just that recently. He indicates that while the news media focuses attention on high profile malware and ransomware attacks, like WannaCry, the bigger threat to critical infrastructure comes from “low and slow” attacks that are hard to detect. And, since a lot of critical infrastructure is owned and operated by the private sector, securing it takes real cooperation between industry and government.
Phil also states that we are on the verge of a security revolution that includes using automation strategies to find and respond to incremental cyber intrusions. Automation is what underpins the Fortinet / Nozomi Networks partnership. Read on to learn more about Phil’s perspective and how our combined solution secures critical infrastructure.
Date: June 29, 2017 By: Heather MacKenzie
Industroyer / CrashOverride have been at the top of the industrial security news lately. And rightly so. Not since Stuxnet has the world seen an advanced malware that was designed and deployed to disrupt physical infrastructure, notably power grids. Industroyer is believed to have been used in attacks on Ukraine that took place in on December 17, 2016 that shut down electrical power to a large area of its capital city, Kiev.
Industroyer is an advanced threat of high concern. Nozomi Network’s experts and researchers have dissected how it works to formulate specific steps to protect, detect, and defend against it. and one that uses normal protocol commands to build its attack. Fortunately, advanced ICS intrusion detection is available that would both identify the malware’s presence and help protect against its impacts.
Date: June 15, 2017 By: Edgard Capdevielle
Until now Industrial Control System (ICS) Cybersecurity wasn’t the coolest area of cybersecurity, but Gartner is changing that with its recognition of Nozomi Networks as a 2017 Cool Vendor. Last week, we were honored to learn that Nozomi Networks is a 2017 Gartner Cool Vendor. We are excited that our innovation and its positive impact on ICS cybersecurity will now be brought to the attention of more companies around the world.
I am also very pleased to share the news that the company has seen better than expected customer growth, has made two senior strategic hires, and has recently won a number of industry accolades. Read on to find out more about the momentum being generated by the Nozomi Networks’ team and its advanced OT security technology…
Date: May 17, 2017 By: Heather MacKenzie
Updated May 19, 2017
The WannaCry ransomware malware broke onto the world scene on Friday May 12, 2017 when it infected over 200,000 computers in more than 150 countries. Thankfully, the impact on manufacturing systems and critical infrastructure was relatively low. However, while WannaCry’s spread has been curtailed for now, new variants have been reported.
Immediate actions are to determine whether your systems are vulnerable by identifying computers and devices running Windows operating systems not updated with the latest security patches or communicating with the SMB1 protocol. If these situations exist, you need to execute a plan to mitigate and protect against these security weaknesses.
While we can take a deep breath that WannaCry did not shut down essential services such as power systems and water systems, the malware is certainly a very loud wake-up call Let’s look at what can be done immediately, and over time, to prevent and mitigate ransomware infections to industrial systems.