The Radiflow Cyber Security Blog

 

Seeing is Believing: Live Demonstration of OT Cyber Attacks

By Gilad Bandel, VP Products, Radiflow Real-life live demonstrations of cyber-attacks scenarios are the best way to educate and create awareness of the potential risks and damages to ICS/SCADA systems, using various attack vectors. Such a demonstration was held at the...

read more

The headache caused by protecting unmanned distributed sites

In recent years, the awareness for securing industrial control systems (ICS) has greatly increased. Since around 2014, many companies have started implementing cyber security solutions to protect their ICS networks from potential cyber incidents. In most companies,...

read more

Are Schools Ready for Cyber Attacks?

When parents send their children to school, they believe that the school will educate them, teach them manners, and prepare them for the real life. But before the teaching starts, both kids and parents should have confidence in the school environment, the quality of...

read more

Detection of unauthorized changes in the PLCs’ logic

The Deep-Packet-Inspection (DPI) protocol for industrial network traffic is one of the fundamental technologies currently used in protecting ICS networks. Using this technology, security products are able to accurately identify the industrial commands and parameters...

read more

Calculating the Cost of a Power Outage

What is the cost of a power outage caused by a cyber-attack? And how does one calculate the predicted cost? Beyond the actuary purpose of estimating the cost of a power outage caused by a cyber-attack, the predicted cost can also inform decision makers as to the...

read more

Analysis of the Ukrainian Outage

As the smoke starts to clear around the Ukrainian power outage–a significant case of a confirmed cyber-attack that left tens of thousands of people in the dark–more and more details are being confirmed about the chain of events that led to the outage. In this paper we...

read more

Seeing in the Dark: ICS Network Visibility

In this post I will describe the usage of an IDS (Intrusion Detection System) tool for achieving Network Visibility in ICS networks. This post will be divided into two sections. First, I will cover the operational and security needs in Network Monitoring. Second, I’ll...

read more

Industrial IDS Deployment

In our previous posts we discussed the various types of attacks on operational (OT) networks. We’ve also discussed the means of mitigating different types of attacks, with the exception of “In-Field” attacks. In this post we will discuss mitigating In-Field attacks...

read more

Revealing Web-Connected Critical Devices

Background In my last entry I mentioned shortly the re connaissance stage in ICS attack campaigns. In this post I will present the risks involved, and I will describe one of the tools used for reconnaissance. If you read this post through, you will be able to search on your own for web-connected SCADA controllers. The […]

read more

Yes We SCAN!

Early detection of ICS attacks decreases the probability of causing damage to the network. In this post I will focus on one of the first stages in ICS attacks, where the attacker attempts to scan the network for devices. First, I will explain the motivation behind the scanning stage, followed by a description of the scanning techniques used…

read more

Designing an ICS Attack Platform

Early detection of ICS attacks decreases the probability of causing damage to the network. In this post I will focus on one of the first stages in ICS attacks, where the attacker attempts to scan the network for devices.

read more

ICS Firewall Deployment

We take it as a given that it’s essential to deploy firewalls inside ICS networks. However, it is less clear why and which properties should such firewalls have: should they be stateful? DPI? Signature-based? In this post I will try to shed some light on the topic. Consider a typical ICS network, with a main […]

read more