Discover how the Firewall Configuration Analyzer plugin can help you address security challenges and integrate natively with various IT, OT, and security systems.
Axis A1001 Door Controller vulnerability exposes facilities to physical and cybersecurity threats. How can we stop attackers from gaining unauthorized access?
Electric grids are key critical infrastructure components. To protect them against continually evolving threats, generators, transmitters, and distributors...
Malware doesn’t shut down plants, people do. Learning about the people behind the industrial cyber-attacks will help to prevent the next cyber disaster.
In a world where threats constantly arise and exposures are identified, organizations must have a clear view of their operational security posture and a feasible action plan to continuously improve it.
Compliance requirements have done a lot to increase awareness and drive investment, but the question remains – Does compliance guarantee that effective security is in place?
In this post, we’ll take a closer look at NERC CIP, discuss why the framework is especially relevant in today’s turbulent cyber climate and see how companies can simplify their compliance with it.
Latest OTORIO research to be presented at S4x23 points to wireless IIoT vulnerabilities that provide a direct path to internal OT networks, enabling hackers to bypass common protection layers in operational and industrial networks.
Industrial organizations must close the skills gap between opertaional teams and SOC analysts to successfully implement a proactive, comprehensive security solution.
How to achieve accurate risk estimations and prioritize mitigations? Maintaining a list of potential threats is important for posture assessment in addition to ongoing monitoring use cases.
How and why should you determine and quantify the business impact of an asset? See why building a systematic approach to quantifying an industrial asset's business impact is valuable.
Europe’s reliance on Russia for liquid natural gas (LNG) is at a critical juncture. Global refineries and distributors assisting Europe must manage their OT and IT security risks effectively.
Food producers and beverage makers have become some of the preferred targets of ransomware attackers. As a critical infrastructure industry, how can food and beverage manufacturers manage risk effectively for their OT security and converged networks?
In the newly released GigaOm Radar Report on Industrial IoT (IIoT) Security, OTORIO was recognized as “the lone outperformer and pioneer among the vendors” analyzed in the report.
CISA's OT security alert (AA22-103A) about malware that hackers use to target ICS - SCADA devices highlights the value of a risk-based OT/IT/IIoT security approach for critical infrastructure and industrial facilities.
Over just ten recent days, we’ve witnessed no less than three significant OT security events that impact critical infrastructure. Collectively, they are a ‘perfect cyber storm’ highlighting known and unknown supply-chain vulnerabilities.
Earlier this week, GE Digital published 2 advisories of vulnerabilities in GE’s SCADA/HMI product - Proficy CIMPLICITY that were discovered by OTORIO’s research team.
Today, cyberattacks against critical infrastructure are being used strategically to foment and influence the course of political conflicts. Cyber defense of critical infrastructure has become a key component of national security for all nations.
Many CISOs from leading industrial organizations feel like they are not receiving the best value from their existing cybersecurity solutions. Why do existing OT security paradigms fail to deliver on their promise? Here are the top five reasons...
With criticality scores of 10 and 8.6, these vulnerabilities are easy to exploit and allow unauthenticated attackers to penetrate and take over industrial control systems.
OT, IT, and IoT are rapidly converging. All three domains are under increasing threats that steal vital information, halt production, and even put human lives at risk. The era of treating their cybersecurity needs separately is coming to a close.
While Saudi Aramco is deep in the throes of a dangerous data leak and ransom demand, cybersecurity pros manning the gates at other critical industrial facilities had better consider the ramifications for their own company’s well-being and right away.
Choosing the right security vendor for your company is a handful, especially in “insecure-by-design” environments like ICS/OT which require the highest level of expertise
The letter sent out on June 3rd by the US National Security Council's top cyber official, less than a week after the DHS/TSA directive, leaves no doubt: No company is safe from being targeted by ransomware.
The recent flood of serious ransomware attacks on critical infrastructure targets – with the latest being the attack on Colonial Pipeline - has led the US government to turn up the heat on critical infrastructure cybersecurity measures.
In 2021, the damage caused by cyberattacks has moved beyond data breaches and financial costs, to production shutdowns and severe operational disruptions.
In this blog, we will review four of the main concerns expressed by the two US cybersecurity leaders and we will offer advice on how they can best be addressed.
Read this Blog to learn why securing the industrial networks, that control the world’s physical ports, demands a different type of maritime cybersecurity approach.
The trend of increasing ransomware attacks continues in 2021. Read about a few of the major operational disruptions that happened in the last 3 months.
OTORIO’s Pen-Testers discovered more than 20 vulnerabilities in the MBConnect remote access solution. Attackers can disrupt production by exploiting these vulnerabilities.
Attacks across all sectors are growing bolder, more frequent, and exponentially more expensive. A recent report found that ransomware attacks targeting the industry were second only to those targeting government in prevalence.
In 2020, manufacturing and industry were increasingly in the crosshairs of ransomware threat actors. Attacks are growing bolder, more frequent, and exponentially more expensive.
OTORIO Cybersecurity Research and OT incident response team recently discovered two critical issues in the way Siemens’ PCS 7 DCS systems are configured.
In the advisory, OSIsoft reported a vulnerability that affects their PI System, a data management platform that accesses a broad range of core OT network assets in its sites.
Internet connectivity allows manufacturers to improve efficiency and improve profitability. The flip-side is exposing ICS's to the internet - and to cybercriminals.
The increased remote work triggered by COVID-19 caught industrial security teams off guard. To continue production without compromising cyber-security, follow our experts’ recommendations.
COVID-19 is one of the greatest challenges of our time. Yet for manufacturing SMBs who are open to new digital strategies, it entails a unique opportunity (part 2 of 2).
COVID-19 is one of the greatest challenges of our time. Yet for manufacturing SMBs who are open to new digital strategies, it entails a unique opportunity (part 1 of 2).
New research by OTORIO discovers highly sensitive information publicly available online belonging to some of the largest industrial companies in the world.
DoS attacks are known for disrupting systems by flooding them with traffic, but sometimes that is not the only objective. Here is what can be done about it.
In today’s competitive global market, traditional industries need a paradigm change in their cybersecurity approach to better support their ongoing digitalization.
TRISIS scans US power grid, Belgian aircraft parts manufacturer shutdowns because of ransomware, and the US launches Cyber-attack on Iranian weapon systems.
Three days shut down at a Thai plant, two companies fall victim to the LockerGoga ransomware, and one European manufacturer hit by a paralyzing ransomware attack.
A $40m ICS ransomware attack, a massive personal information exposure of 3 million clients, and one of every two computers found to be affected by ICS malware.
A dramatic increase in cyber attacks on German OT networks the U.S. takes actions against cyber-threats on critical infrastructure, IoTSI releases a framework to safeguard connected cities.