Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture.
Steganography-based attacks on ICS networks are on the rise, some using the interconnectivity between the organization and its vendors/suppliers. Mitigation includes OT/IT network segregation; raising awareness among employees; and installing an IDS (e.g. Radiflow iSID) to detect anomalous network behavior.
Radiflow CEO llan Barda’s presentation at zenonIZE 2020 focuses on Analysis of Gaps and Mitigations in an OT network for IEC62443 compliance, and namely streamline the flow of security alerts between the security system (IDS) and the operations personnel and IT professionals.
The new iSID v5.7 introduces over a dozen improvements including automatic asset identification, threats prioritization using dynamic risk calculation and refined Deep Packet Inspection (DPI) across an expanded suite of OT protocols.
Evidence related to recent cyber-attacks against Honda and the Enel Group using the EKANS/SNAKE malware suggests that the attackers in both cases took advantage of both companies’ move to grant employees remote network access.
BleepingComputer had recently reported about highly-targeted steganography-based attacks on industrial enterprises, by means of sending malicious payloads hidden in ordinary images to supply chain vendors and 3rd-party collaborators.
Radiflow CPO Michael Langer discusses the context of a cyber-attack on an Iranian seaport that had been attributed to Israeli operatives as retaliation to an attack against Israeli water facilities attributed to Iranian operatives.
A leading Israeli news outlet recently reported that water/wastewater facilities in Israel were subject to cyber attacks. Radiflow CPO Michael Langer presents his analysis of the incident based on available information and prior attacks on water facilities, as well as recommendations for mitigation and network hardening.
This case study covers a deployment at a large Central European power plant, consisted of the iSID Industrial (OT) Threat Detection & Analysis System, iSAP Smart Collector and iSEG-3180 DPI-Firewall/Secure Gateway.