Respond to growing OT vulnerabilities with endpoint systems management

A recent cybersecurity advisory alert details the Top 15 Common OT Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited. There have been multiple other […]
Throwback Attack: Elfin team changes tactics

In recent years, cybersecurity in critical infrastructure has been at the forefront of people’s minds. With attacks on the U.S.’s critical infrastructure, such as Colonial Pipeline, Kemuri Water Company and many more, cybersecurity threats aren’t […]
Throwback attack: Industroyer creates precedent for future cybersecurity threats

Industroyer, or Crashoverride, is the first of many cybersecurity threats that is designed solely to attack power and electrical grids. It is also one of four cybersecurity threats found thus far that targets Industrial Control […]
What is MITRE ATT&CK?

The MITRE ATT&CK framework is a publicly available knowledge base of observed adversary behaviors categorized into specific tactics and techniques across an adversary’s attack lifecycle. MITRE ATT&CK provides a taxonomy or vocabulary when discussing cybersecurity […]
What critical infrastructure can learn from Conti ransomware leaks

Attacks on critical infrastructure increased by 3,900% from 2013 to 2020 (Gartner), and 55% of OT security practitioners rate ransomware as the #1 threat to OT systems (SANS), which is double the percentage from 2019. Why? […]
Throwback attack: Chinese hackers fall for a “honeypot” trap

Critical infrastructure has always been a major target of threat actors around the world. For some, they strive to hit society at its most critical points (energy grids, water facilities, etc.). Some adversaries do it […]
Throwback Attack: Bad Rabbit ransomware hops across Europe

In 1989, the first known ransomware attack occurred; 33 years later we are still being faced with more varied and complex ransomware incursions. Over the years, threat actors have found innovative ways to exploit vulnerabilities […]
How software in the supply chain is an insider threat to ICS networks

The media focuses most of its attention on information security threats that originate outside of an organization. Whether it is the discovery of a new advanced persistent threat (APT) or a company breach, generally one […]
Throwback Attack: Researchers worry Flame malware might be the next evolution of Stuxnet

One of the most complex threats ever founded, according to Kaspersky Labs, Flame malware targeted Iran and other Middle Eastern countries with a cyber-espionage attack that researchers had little precedent for. Given the intricacies and […]
How to improve OT network visibility

This blog is the first in a series expanding on each of these findings. Dragos determined 86% of service engagements have a lack of visibility across OT networks, down from 90% in 2020 compared to […]