AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities
CS4CA USA Summit Speaker Daryl Haegley on Zero Trust and OT VisibilityCritical infrastructure operators face constant cyber probing from state adversaries targeting energy, water and industrial systems. A U.S. Air Force cyber resiliency leader explains why zero trust, IT-OT separation and stronger anomaly detection are essential to defend mission-critical operations.
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
International Coalition Highlights Security Risks in OT’s Rush to AIHurriedly integrating AI into industrial systems isn't the wisest idea, the U.S. Cybersecurity and Infrastructure Security Agency and its domestic and international partners warned earlier this month. "We don't want [operators] treating AI like a magical black box," explained a CISA official.
New Rules Tell Power Grid Operators to Log All OT Network TrafficA new reliability standard for U.S. and Canadian electric grid tells major power companies to monitor and log traffic on their operational technology and industrial control systems networks. The rules will be a heavy lift for the electricity sector.
OT Security 'a Generation Behind Traditional IT'For those charged with the cyber defense of OT and industrial control systems, one challenge towers above all others: Data. Specifically, its scarcity. Most operators simply don't capture it, in stark contrast with their IT counterparts.
OT and ICS systems indeed hold the crown jewels of critical infrastructure organizations, but unmonitored data sprawl is proving to be pure gold for increasingly brazen nation-state threat actors like Volt Typhoon, Pearce argues.
Sydney Trains' Maryam Shoraka on Identifying the Blind Spots in OT SystemsIT organizations can apply multiple frameworks to help reduce risk, but relying on them in OT environments could create blind spots. Security leaders must rethink compliance-driven strategies and adapt controls to meet the unique demands of industrial systems, said Sydney Trains' Maryam Shoraka.
The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.
Dragos' Robert Lee on Why Ransomware Groups Target OT for Faster, Larger PayoutsRansomware attacks on OT systems rose to 87% in 2024. With industrial systems becoming more connected and digitized, threat actors are able to scale attacks more effectively across critical infrastructure, said Robert Lee, co-founder and CEO of Dragos.
Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems
Manufacturers and infrastructure providers are gaining options to satisfy regulations and boost cyber safety for embedded and industrial control systems, as EMB3D, STRIDE, and ATT&CK for ICS gain traction.
Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn’t just ineffective—it’s high risk
The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here's how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.
Cyberattacks against OT/ICS engineering workstations are widely underestimated, according to researchers who discovered malware designed to shut down Siemens workstation engineering processes.
IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty
Data from the SANS State of ICS/OT Cybersecurity report suggest organizations are going to shift spending from security technologies protecting industrial control systems and operational technology environments to non-technical activities such as training and incident response.
SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at the most common types of attack vectors used against ICT/OT networks.
SANS Survey Finds Incident Detection ImprovingMore incidents, vulnerability remediation timelines that can stretch into a year and mismatched budget priorities - such is the state of operational technology cybersecurity in 2024, according to participants in an annual SANS survey. Incident response remains a weak point.