Tag: Critical Infrastructure Cybersecurity

Industroyer-ICS-Cyberattack-Ukraine-Substations

Defending Against Industroyer with ICS Anomaly Detection

Date: June 29, 2017 By: Heather MacKenzie
Industroyer / CrashOverride have been at the top of the industrial security news lately. And rightly so. Not since Stuxnet has the world seen an advanced malware that was designed and deployed to disrupt physical infrastructure, notably power grids. Industroyer is believed to have been used in attacks on Ukraine that took place in on December 17, 2016 that shut down electrical power to a large area of its capital city, Kiev.

Industroyer is an advanced threat of high concern. Nozomi Network’s experts and researchers have dissected how it works to formulate specific steps to protect, detect, and defend against it. and one that uses normal protocol commands to build its attack. Fortunately, advanced ICS intrusion detection is available that would both identify the malware’s presence and help protect against its impacts.

Read more
a-gartner-cool-vendor-that-s-getting-hot

Nozomi Networks – A Gartner Cool Vendor That’s Getting Hot

Date: June 15, 2017 By: Edgard Capdevielle
Until now Industrial Control System (ICS) Cybersecurity wasn’t the coolest area of cybersecurity, but Gartner is changing that with its recognition of Nozomi Networks as a 2017 Cool Vendor. Last week, we were honored to learn that Nozomi Networks is a 2017 Gartner Cool Vendor. We are excited that our innovation and its positive impact on ICS cybersecurity will now be brought to the attention of more companies around the world.

I am also very pleased to share the news that the company has seen better than expected customer growth, has made two senior strategic hires, and has recently won a number of industry accolades. Read on to find out more about the momentum being generated by the Nozomi Networks’ team and its advanced OT security technology…

Read more
1-WannaCry-Ransomware-Threatens-ICS-Security

WannaCry: A Wake-up Call to Revisit ICS Cybersecurity Measures

Date: May 17, 2017 By: Heather MacKenzie
Updated May 19, 2017

The WannaCry ransomware malware broke onto the world scene on Friday May 12, 2017 when it infected over 200,000 computers in more than 150 countries. Thankfully, the impact on manufacturing systems and critical infrastructure was relatively low. However, while WannaCry’s spread has been curtailed for now, new variants have been reported.

Immediate actions are to determine whether your systems are vulnerable by identifying computers and devices running Windows operating systems not updated with the latest security patches or communicating with the SMB1 protocol. If these situations exist, you need to execute a plan to mitigate and protect against these security weaknesses.

While we can take a deep breath that WannaCry did not shut down essential services such as power systems and water systems, the malware is certainly a very loud wake-up call Let’s look at what can be done immediately, and over time, to prevent and mitigate ransomware infections to industrial systems.

Read more