The Radiflow Cyber-Security Blog
Automatic Risk Evaluation of Cyber-Attack Vectors
The Radiflow Security BlogIn this post I will discuss risk evaluation of attack vectors and applying Radiflow’s cyber risk evaluation model, which is now incorporated into Radiflow’s iSID Industrial Threat Detection System.In general, OT networks have very high...
Insights into the Norsk Hydro Cyberattack: Using AD in IT/OT Networks
The Radiflow Security BlogOne of the world's biggest aluminum producers, multinational manufacturer Norsk Hydro, announced it had been hit by a ransomware attack of unknown origin, with hackers demanding a ransom.The attack caused severe damage to the corporate...
Notes from RSA SF 2019: No Longer Feeling Like an OT Fish in IT Water
The Radiflow Security BlogWhile not defined as such, the RSA annual conference, which I had just attended in San Francisco, has traditionally been seen as a stronghold of the IT security market. But times are changing, and for the first time, being an OT guy at RSA...
Who Moved My Firmware?
The Radiflow Security BlogThe management of firmware risks in industrial facilities takes place on four levels: Within the supply chain During the facility’s initial commissioning During regular operations and as part of facility upgrades and expansions Radiflow’s...
How Dangerous is my ICS Vulnerability? Depends Who You Ask
The Radiflow Security Blog What to do when ICS-CERT and NIST produce contradictory vulnerability analyses Synopsis Vulnerability disclosure organizations are considered to be the most important and reliable source of actionable information for vulnerability and risk...
White Paper: The New EU NIS 2016/1148 Cybersecurity Directive for Essential Service Operators
The Radiflow Security BlogThe responsibility of top management, both personal- and organizational-wise, for the safe and reliable operation of critical infrastructures, is essential for national security and organizational success. The EU took an active step to ensure...
Unified monitoring: Using OT infrastructure & protocols to send CS alerts to a SCADA control center
In the process of devising a cybersecurity protection project for an OT network, operators typically need to reconcile between numerous constraints and influencers , to facilitate and simplify the project and reduce expenses, all while deriving the most benefits out...
Sirens blaring, but is it a false alarm? Cybersecure your Public Warning System
Public warning systems are crucial during natural disasters, terrorist attacks or armed hostilities, and as such, their reliability is key. They need be promptly initiated during emergencies, and they need to be absolutely silent at all other times, as...
Seeing is Believing: Live Demonstration of OT Cyber Attacks
By Gilad Bandel, VP Products, Radiflow Real-life live demonstrations of cyber-attacks scenarios are the best way to educate and create awareness of the potential risks and damages to ICS/SCADA systems, using various attack vectors. Such a demonstration was held at the...