The Radiflow Cyber Security Blog
Automatic Risk Evaluation of Cyber-Attack Vectors
Defining attack-vector use cases according to attacker skill levelBy Liron Benbenishti, cybersecurity researcher, Radiflow LTDIn this post I will discuss risk evaluation of attack vectors and applying Radiflow’s cyber risk evaluation model, which is now incorporated...
read more
Insights into the Norsk Hydro Cyberattack: Using AD in IT/OT Networks
By the Radiflow Research Team One of the world's biggest aluminum producers, multinational manufacturer Norsk Hydro, announced it had been hit by a ransomware attack of unknown origin, with hackers demanding a ransom.The attack caused severe damage to the corporate...
read more
Notes from RSA SF 2019: No Longer Feeling Like an OT Fish in IT Water
By Rani Kehat, V.P. Business Development, Radiflow While not defined as such, the RSA annual conference, which I had just attended in San Francisco, has traditionally been seen as a stronghold of the IT security market. But times are changing, and for the first time,...
read more
Who Moved My Firmware?
By Tsur Segal, VP Strategic Sales, Radiflow LTD Each and every component in an ICS (Industrial Control System) utilizes firmware, faulty firmware maintenance may result in critical cyber-risk. Here we discuss the topic and offer a number of simple, yet effective...
read more
How Dangerous is my ICS Vulnerability? Depends Who You Ask
What to do when ICS-CERT and NIST produce contradictory vulnerability analyses Synopsis Vulnerability disclosure organizations are considered to be the most important and reliable source of actionable information for vulnerability and risk assessment, including...
read more
White Paper: The New EU NIS 2016/1148 Cybersecurity Directive for Essential Service Operators
The responsibility of top management, both personal- and organizational-wise, for the safe and reliable operation of critical infrastructures, is essential for national security and organizational success. The EU took an active step to ensure this in the NIS directive...
read more
Unified monitoring: Using OT infrastructure & protocols to send CS alerts to a SCADA control center
In the process of devising a cybersecurity protection project for an OT network, operators typically need to reconcile between numerous constraints and influencers , to facilitate and simplify the project and reduce expenses, all while deriving the most benefits out...
read more
Sirens blaring, but is it a false alarm? Cybersecure your Public Warning System
Public warning systems are crucial during natural disasters, terrorist attacks or armed hostilities, and as such, their reliability is key. They need be promptly initiated during emergencies, and they need to be absolutely silent at all other times, as...
read more
Seeing is Believing: Live Demonstration of OT Cyber Attacks
By Gilad Bandel, VP Products, Radiflow Real-life live demonstrations of cyber-attacks scenarios are the best way to educate and create awareness of the potential risks and damages to ICS/SCADA systems, using various attack vectors. Such a demonstration was held at the...
read more