Industrial Cyber Security Blog

Discover how the Firewall Configuration Analyzer plugin can help you address security challenges and integrate natively with various IT, OT, and security systems.

Learn about Siemens ALM critical vulnerabilities that can lead to Remote Code Execution and full file access, impacting various devices.

Bazan group wasn't attacked, so why did the Iranian cyber gang Cyber Avengers falsely claim they breached the Israeli Oil & Gas company?

Discover why cybersecurity is important for the oil and gas industry and how Energy companies can build cyber resilience.

Axis A1001 Door Controller vulnerability exposes facilities to physical and cybersecurity threats. How can we stop attackers from gaining unauthorized access?

Why does Electric Utilities need to protect everything they operate and how can they achieve it?

OTORIO enables electric utilities to move beyond NERC CIP to build robust OT security.

Electric grids are key critical infrastructure components. To protect them against continually evolving threats, generators, transmitters, and distributors...

Explore SSH Tunneling in this informative article that explains what tunneling is and demonstrates simple ways to do it in several ways.

OTORIO research uncovers vulnerabilities in the Power Focus 6000 Torque Controller used in manufacturing and industrial companies.

OTORIO research team shares DCS/SCADA risks and mitigations with their top 10 steps to improve security and secure industrial processes.

As industries evolve and become more digitized, there is a greater need for improved security measures that reduce risk.

Malware doesn’t shut down plants, people do. Learning about the people behind the industrial cyber-attacks will help to prevent the next cyber disaster.

Vulnerabilities in Sierra Wireless AirVantage cloud-based management platform and AirLink series of routers disclosed and mitigated.

Interconnecting IoT and OT optimize efficiency, but the cybersecurity risks are high.

Research discovers vulnerabilities in the cloud management platform, InRouter devices.

In a world where threats constantly arise and exposures are identified, organizations must have a clear view of their operational security posture and a feasible action plan to continuously improve it.

Vulnerabilities in Teltonika's RMS and RUT model routers affect thousands of internet-connected devices worldwide.

OTORIO's newly patented risk simulation model and attack graph analysis provide a unique approach to quantifying and managing risk.

ServiceNow & OTORIO survey C-suite insights confirm rising concerns for OT security, and highlight key challenges and priorities for 2023/24.

Compliance requirements have done a lot to increase awareness and drive investment, but the question remains – Does compliance guarantee that effective security is in place?

The need for robust OT security practices continues to grow as the threat landscape for IT-IoT-OT security continues to evolve.

Biden's new US cybersecurity strategy stresses the importance of working proactively and strategically to defend critical infrastructure.

During the first four months of 2022, researchers identified more destructive malware attacks on Ukraine by Russia than in the previous eight years.

In this post, we’ll take a closer look at NERC CIP, discuss why the framework is especially relevant in today’s turbulent cyber climate and see how companies can simplify their compliance with it.

Latest OTORIO research to be presented at S4x23 points to wireless IIoT vulnerabilities that provide a direct path to internal OT networks, enabling hackers to bypass common protection layers in operational and industrial networks.

Critical vulnerabilities in Siemens ALM puts multiple Siemens products at high risk of breach, RCE uncovered by OTORIO researchers.

OTORIO researchers uncovered two vulnerabilities affecting certain Sierra Wireless wireless IIoT devices.

A look at the CISA Director's recent comments on why technology needs to be secure by design

Our Field CTO shares OT security insights for critical infrastructure entities to maintain operational resilience.

Our CEO shares important advice on how your organization can implement an effective OT security plan in 2023.

Which OT security risks do pulp and paper companies face, and how can extended asset visibility help address them?

A look at some of the most prominent cyberattacks in 2022 on critical infrastructure and industrial manufacturing.

Whether producing paper, boards, or tissue, pulp and paper industry machinery increases a manufacturer’s digital attack surface.

GhostSec hacktivists are performing country-specific targeting of ICS and PLC devices used by critical infrastructure.

What industrial manufacturing cybersecurity issues were top of mind for attendees at ManuSec USA?

OTORIO's IEC 62443 certification highlights our commitment to internationally recognized cyber security standards and best practices.

Join OTORIO at the ManuSec USA Cyber Security for Manufacturing Summit in Chicago on November 2-3, 2022.

Why German industrial manufacturers and critical infrastructure operators face greater OT security risks and regulatory compliance.

Industrial organizations must close the skills gap between opertaional teams and SOC analysts to successfully implement a proactive, comprehensive security solution.

GhostSec attackers target Iranian ICS; their capabilities appear to be growing stronger with each new event.

How to achieve accurate risk estimations and prioritize mitigations? Maintaining a list of potential threats is important for posture assessment in addition to ongoing monitoring use cases.

From asset visibility to proactive, contextual risk awareness and more, here are 5 essentials for a complete industrial OT security solution.

OTORIO's Research team reveals how a hacktivist group allegedly 'breached' a water controller in Israel

OTORIO's Research team reveals how the GhostSec hacking group compromised 55 Berghof PLC devices in Israel.

How can industrial organizations enhance the ROI of their IDS-only solutions and empower their teams to build resilient operations?

See why relying solely on an intrusion detection system (IDS) leaves gaps in your OT security, making industrial operations more vulnerable to attack.

OTORIO helped an oil refinery eliminate alert fatigue and prioritize risk alerts with contextualized OT security insights

How and why should you determine and quantify the business impact of an asset? See why building a systematic approach to quantifying an industrial asset's business impact is valuable.

Europe’s reliance on Russia for liquid natural gas (LNG) is at a critical juncture. Global refineries and distributors assisting Europe must manage their OT and IT security risks effectively.

Food producers and beverage makers have become some of the preferred targets of ransomware attackers. As a critical infrastructure industry, how can food and beverage manufacturers manage risk effectively for their OT security and converged networks?

In the newly released GigaOm Radar Report on Industrial IoT (IIoT) Security, OTORIO was recognized as “the lone outperformer and pioneer among the vendors” analyzed in the report.

Only by repeatedly performing this risk assessment loop can companies achieve business resilience, and do so using a limited amount of resources.

CISA's OT security alert (AA22-103A) about malware that hackers use to target ICS - SCADA devices highlights the value of a risk-based OT/IT/IIoT security approach for critical infrastructure and industrial facilities.

Over just ten recent days, we’ve witnessed no less than three significant OT security events that impact critical infrastructure. Collectively, they are a ‘perfect cyber storm’ highlighting known and unknown supply-chain vulnerabilities.

Earlier this week, GE Digital published 2 advisories of vulnerabilities in GE’s SCADA/HMI product - Proficy CIMPLICITY that were discovered by OTORIO’s research team.

Today, cyberattacks against critical infrastructure are being used strategically to foment and influence the course of political conflicts. Cyber defense of critical infrastructure has become a key component of national security for all nations.

Many CISOs from leading industrial organizations feel like they are not receiving the best value from their existing cybersecurity solutions. Why do existing OT security paradigms fail to deliver on their promise? Here are the top five reasons...

The OT Digital Supply Chain is exposed - read this post to find out how this trend is moving forward and how organizations deal with it.

How does the Log4J vulnerability affect OT networks, in general and how mitigate the risk?

How does the new cybersecurity directive affect your company?

Even our researchers at OTORIO were overwhelmed to discover nearly 70,000 ICSs IPs exposed to the internet in their recent research.

OTORIO’s Pen Testers discovered 13 highly severe vulnerabilities in one of InHand’s industrial routers

With criticality scores of 10 and 8.6, these vulnerabilities are easy to exploit and allow unauthenticated attackers to penetrate and take over industrial control systems.

The RaaS business model is a subscription-based model that works in a manner similar to Software as a Service (Saas) business models.

OT, IT, and IoT are rapidly converging. All three domains are under increasing threats that steal vital information, halt production, and even put human lives at risk. The era of treating their cybersecurity needs separately is coming to a close.

While Saudi Aramco is deep in the throes of a dangerous data leak and ransom demand, cybersecurity pros manning the gates at other critical industrial facilities had better consider the ramifications for their own company’s well-being and right away.

Choosing the right security vendor for your company is a handful, especially in “insecure-by-design” environments like ICS/OT which require the highest level of expertise

The letter sent out on June 3rd by the US National Security Council's top cyber official, less than a week after the DHS/TSA directive, leaves no doubt: No company is safe from being targeted by ransomware.

The recent flood of serious ransomware attacks on critical infrastructure targets – with the latest being the attack on Colonial Pipeline - has led the US government to turn up the heat on critical infrastructure cybersecurity measures.

In 2021, the damage caused by cyberattacks has moved beyond data breaches and financial costs, to production shutdowns and severe operational disruptions.

We have a responsibility to share our experience and collaborate with the wider industrial cybersecurity community.

200% Increase in Disruptive Industrial Cyber Attacks in Q1 2021

In this blog, we will review four of the main concerns expressed by the two US cybersecurity leaders and we will offer advice on how they can best be addressed.

The explosion of ransomware attacks against healthcare provider networks demands a rethinking of cyber response policy.

Read this Blog to learn why securing the industrial networks, that control the world’s physical ports, demands a different type of maritime cybersecurity approach.

The trend of increasing ransomware attacks continues in 2021. Read about a few of the major operational disruptions that happened in the last 3 months.

In this blog, we’ll take a quick look into what MITRE ATT&CK is, and why we felt it was important enough to tie so closely to our RAM² solution.

OTORIO’s Pen-Testers discovered more than 20 vulnerabilities in the MBConnect remote access solution. Attackers can disrupt production by exploiting these vulnerabilities.

The recent KIA Ransomware attack is not the first cyberattack targeting automotive manufacturers

We should consider the attack on Florida water systems a warning signal. What can we do to prevent a successful attack? Be proactive

Attacks across all sectors are growing bolder, more frequent, and exponentially more expensive. A recent report found that ransomware attacks targeting the industry were second only to those targeting government in prevalence.

Today we are releasing a new Windows hardening tool for one of the most commonly used HMI/SCADA systems: GE Digital’s CIMPLICITY.

OTORIO researchers joined forces with Check Point Research to analyze a large scale phishing campaign.

In 2020, manufacturing and industry were increasingly in the crosshairs of ransomware threat actors. Attacks are growing bolder, more frequent, and exponentially more expensive.

In today’s volatile cybersecurity climate, the only way to truly mitigate damage is to prevent it. The question is, how?

Cyber security predictions for 2021 and the two words that should keep you up at night.

On December 1st, 2020, an Iranian threat-actor published a video of a breach in an Israeli reclaimed water reservoir HMI system.

Insurers dealing with supply chain cybersecurity should be aware of the risks in the industrial and manufacturing sectors.

This blog post gives an overview of how easy it is to perform cyberattacks on the oil and gas sector.

Given that digital and cyber risks are on the rise, it's time to change old cybersecurity paradigms and adopt operational resilience management.

The explosion of ransomware attacks against industrial networks demands a rethinking of cyber insurance ransomware response policy.

How to define industrial security systems testing criteria and choose an attack scenario tool.

OTORIO Cybersecurity Research and OT incident response team recently discovered two critical issues in the way Siemens’ PCS 7 DCS systems are configured.

As industrial systems (OT) continue to digitize, IT security teams should get to know the new OT environment and how it differs from IT.

In this blog post, we present some of the ways cyber criminals collect information about their victims in order to initiate a harmful attack.

The next generation of OT security solutions should fuse asset discovery with automated and operation context risk metrics.

Ransomware attacks continue to make headlines in this week's edition of the Industrial Security Bulletin. 

3 major industrial companies have been attacked by maze ransomware and 3 new ICS vulnerabilities were mitigated for week 28.

The earlier a company understands its ransomware "victim profile”, the better it can prepare for a potential attack.

Understanding how ransomware attacks work is the key to dealing with them, and perhaps, preventing them altogether 

In the advisory, OSIsoft reported a vulnerability that affects their PI System, a data management platform that accesses a broad range of core OT network assets in its sites. 

Internet connectivity allows manufacturers to improve efficiency and improve profitability. The flip-side is exposing ICS's to the internet - and to cybercriminals. 

The increased remote work triggered by COVID-19 caught industrial security teams off guard. To continue production without compromising cyber-security, follow our experts’ recommendations.

Cyber-criminals are expanding their global reach and targeting more industries than ever before. Threat actors are creating new industrial victims.

The new reality imposed by Coronavirus has limited face-to-face interactions, forcing industrial companies to shift to remote operations.

COVID-19 is one of the greatest challenges of our time. Yet for manufacturing SMBs who are open to new digital strategies, it entails a unique opportunity (part 2 of 2).

COVID-19 is one of the greatest challenges of our time. Yet for manufacturing SMBs who are open to new digital strategies, it entails a unique opportunity (part 1 of 2).

Lemon Duck hits masses of machines running EoS Win7; US gas compression plant attack, OT disrupted;  Ransomware halts Canadian paper producer.

Clop ransomware evolved from targeting individual Windows users to enterprises and has now evolved further to target industrial companies.

The newly-identified vulnerability lays in the implementation of the Profinet stack with implications for a variety of industrial verticals.

Snake ransomware targets ICS, Ryuk hits Oil & Gas facilities, Data breach in Mitsubishi Electric, a key player in EU energy hit by a trojan.

OTORIO researchers flag an Iranian connection in a new strain of ransomware aimed at disrupting the activity of Industrial Control Systems (ICS).

Iran has proven capabilities to launch cyber-attacks on ICS, and with the tension rising, industrial companies would be wise to be prepared.

Ransomeware hit US Maritime facility, an attempt at BMW and Hyundai secrets, IoT malware targets ICS, Siemens scammer sent to jail.

India’s largest nuclear power plant hit by a cyber-attack, global oil & gas sector affected by botnets, FBI warns the US Automotive sector.

Pilz hit by a Ransomware attack, Massive IT disruption paralyzes Porsche production, Russian hackers cloak attacks using Iranian group.

New research by OTORIO discovers highly sensitive information publicly available online belonging to some of the largest industrial companies in the world.

First-ever DoS cyber-attack on A U.S. power grid, U.S. Utility is a target of LookBack malware, and Airbus suffered a series of cyberattacks.

DoS attacks are known for disrupting systems by flooding them with traffic, but sometimes that is not the only objective. Here is what can be done about it.

Spear-fishing on US utilities companies; Ukrainian power systems utilized by employees to mine cryptocurrency.

Ransomeware at a Johannesburg-based Power company, WINNITI Group is targeting the German industry, and ISA introduces a new Cybersecurity Alliance.

In today’s competitive global market, traditional industries need a paradigm change in their cybersecurity approach to better support their ongoing digitalization.

TRISIS scans US power grid, Belgian aircraft parts manufacturer shutdowns because of ransomware, and the US launches Cyber-attack on Iranian weapon systems.

Only one significant event has been reported this month, ransomware called Robinhood.

Three days shut down at a Thai plant, two companies fall victim to the LockerGoga ransomware, and one European manufacturer hit by a paralyzing ransomware attack.

A $40m ICS ransomware attack, a massive personal information exposure of 3 million clients, and one of every two computers found to be affected by ICS malware.

A dramatic increase in cyber attacks on German OT networks the U.S. takes actions against cyber-threats on critical infrastructure, IoTSI releases a framework to safeguard connected cities.