All Blogs

Current Threats to Maritime Security: A Prime Target for Cyber Adversaries

Author | Mission Secure

Recent reports highlight the exponential growth in OT cyber-attacks targeting the maritime industry, increasing a staggering 900% over the last three years. As Marine Log reports, “Cyber-attacks on the maritime industry’s operational technology (OT) systems have increased by 900% over the last three years, with the number of reported incidents set to reach record volumes by year end.” Accounting for the carriage of 90% of world trade, maritime is one of the oldest industries and lifeblood of the global economy...

Read More

Industrial Control System (ICS) Security and Segmentation

Author | Paul Arceneaux

Network and device segmentation should be part of the defense in depth security approach for all critical industrial control system (ICS) environments. Frankly speaking, it is a physical security best practice learned over centuries, and an IT security best practice learned over the last several decades. Segmentation and micro-segmentation stop unbridled access in IT environments and should be doing the same in ICS environments. In fact, most industrial operations, like oil and gas, power, utilities...

Read More

Australia Targeted: Confronting a Nation-state Cyber Attack

Author | Mission Secure

On June 18, 2020, the Australian government's Cyber Security Centre issued Advisory 2020-008 regarding the "sustained targeting of Australian governments and companies by a sophisticated state-based actor." According to multiple reports, institutions such as hospitals and state-owned utilities have been under attack for months. In a notably rare occurrence, Australian Prime Minister Scott Morrison publicly acknowledge being under an ongoing state-sponsored cyber-attack. Morrison called for the public to be...

Read More

President declares National Emergency for cyber threats to grid—time to take action

Author | David Dresher

On Friday, the President of the U.S. declared a national emergency as foreign adversaries threaten the electric grid with cyber attacks. The Presidential Executive Order on securing the bulk-power system essentially prohibits power producers and distributors from purchasing and deploying equipment made by companies under foreign control by foreign adversaries.The Presidential Order goes on to say:"...the bulk-power system is a target of those seeking to...

Read More

Making Cyber Vigilance the New Modus Operandi

Author | Matt Malone

Over the last weeks, hackers unleashed a wave of cyber attacks. Computer Weekly reported, “The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever.” For industrial operations like energy, power, and manufacturing, the mean incubation period for operational technology (OT) or industrial control system (ICS) networks infected with a computer virus or other types of malware is notoriously long. Havex, for example, had an incubation period...

Read More

The OT Cybersecurity Blind Spot: The need for visibility and protection for Level 0

Author | Ed Suhler

As our critical logistical support systems, mission operational systems, and key communications systems become even more automated, the risks associated with cyber threats are magnified in the field. It’s time to address the blind spots now and make critical industrial control systems (ICS) and operational technology (OT) networks cyber resilient. Take a “bottoms up” approach and protect the mission-critical cyber-physical processes within the OT environment, including Purdue Model Levels 1 and 0.

Read More

Mitigating Industrial Control System Cyber Risk from the Iranian Cyber Threat

Author | Mission Secure

US Generals have long stated the next frontier of war will be in cyberspace. The realities of a digitally transforming industrially environment have made such a prognosis ever more real—now enter Iran. Be prepared for cyber attacks. That key message in response to escalation in Iranian tensions issued by the US Department of Homeland Security’s rare National Terrorism Advisory System (NTAS) alert continues to reverberate throughout the government and private sector. Meanwhile, everyone continues...

Read More

Cyber Attack Briefing: India’s Largest Nuclear Power Plant and the Truth About Air-gapping

Author | Mission Secure

The Kundankulam Nuclear Power Plant (KKNPP) is India's largest and newest nuclear facility. Owned by the Nuclear Power Corporation of India Limited (NPCIL), KKNPP rests on a legacy of controversy from safety issues and a nearly decade-delay in construction to absent offsite spent fuel storage and subsequent court battles—the recent cyber attack being the latest in the list. What exactly happened at KKNPP? Uncovering a cyber attack: On October 28th, reports began circulating that computer...

Read More

NCSAM 2019 Perspectives on ICS & OT Cybersecurity: Helping organizations ‘protect’ operations

Author | Mission Secure

For organizations in oil & gas, maritime, critical infrastructure and defense, the ultimate goal is cyber resiliency—to ensure the safety and security of operations in the face of a cyber attack. Control system veteran, Mark Baggett, discusses his experience in the field, insights and current gaps in protecting control systems in today’s digital era. With more than 25 years of experience, Mark’s worked on control systems for the industry’s most prominent players.

Read More

NCSAM 2019 Perspectives on ICS & OT Cybersecurity: Helping organizations ‘secure’ OT

Author | Mission Secure

We’re all about control systems for NCSAM 2019. Week one covered building ICS cybersecurity awareness within organizations, followed by ‘owning’ industrial control systems during week two. This week, dive into securing operational technology or OT with Paul Arceneaux, Vice President of Product. Leading product development at IT and OT cybersecurity companies, learn more about how a product leader and innovator views the OT world and what organizations can do to “secure OT” going forward.

Read More

NCSAM 2019 Perspectives on ICS & OT Cybersecurity: Helping organizations ‘own’ ICS cybersecurity

Author | Mission Secure

Building awareness is the first step to greater cybersecurity and safety. What you don’t know can hurt you. So, take action and identify your risks. Once #CyberAware, it’s time to take measures to protect your operations. And that starts with ownership. So, this week, we dive into ‘owning ICS’ with Don Ward, Senior Vice President of Global Services at Mission Secure. Gain insights from the frontlines as Don shares challenges, surprises and how his team is helping organizations ‘own’ control system and OT cybersecurity.

Read More