Recent findings reveal a stark reminder of the ever-present cyber threats in the industrial sector. A survey by Palo Alto Networks has shown that out of nearly 2,000 industrial organizations, spanning across 16 countries, a significant 25% experienced operational technology (OT) shutdowns due to cyberattacks within the last year​ (SecurityWeek)​​ (OODA Loop)​. 

Following our recent blog post about vulnerabilities in Programmable Logic Controllers, the Cybersecurity & Infrastructure Security Agency (CISA) is urging manufacturers to change or even get rid of default passwords altogether on equipment and software they manufacture.  The agency went on to say that “studies by CISA show that the use of default credentials, such as passwords, is a top weakness that threat actors exploit to gain access to systems, including those within U.S. critical infrastructure”. 

You may have seen the news last week that multiple municipal water authorities declared themselves under cyber attack.  How did they get in?  The answer is quite simple: by using the default credentials on Unitronics PLCs.  The specific controllers that were compromised were equipped with HMIs and did not have their default passwords changed.  While the attack has a multitude of geopolitical ramifications, ultimately it highlights the need to revisit security measures around interconnected devices, especially those that have not had proper security controls implemented or changed from their default settings.

Cybersecurity threat intelligence services are comprehensive offerings that collect, analyze, and provide real-time insights on potential cybersecurity threats, vulnerabilities, and risks to your organization. These services monitor diverse data sources, detect threats, and identify vulnerabilities, including malware and attack patterns, while also offering tailored recommendations and mitigation strategies. They supply real-time alerts, facilitate information sharing among organizations, and often offer educational resources. Threat intelligence services can empower organizations to proactively safeguard their digital assets by staying informed about the evolving threat landscape and taking appropriate measures to protect against cyberattacks and data breaches.  However, these services often come with a significant price tag, which begs the question: should manufacturers sign up?

We all know that Cybersecurity is paramount to ensuring the continuous operation of any business in today’s digital world, and responding to any type of cybersecurity incident at some point is only question of when. To safeguard your manufacturing operations from cyber threats, it's essential to assess your readiness and response capabilities regularly. One effective tool for this is the tabletop exercise. In this post, I'll explain what tabletop exercises are and why they're vital to the preparedness of any manufacturing organizations to respond to an incident.

The Internet of Things (IoT) continues to transform the way we approach manufacturing, but it also brings increased risks of cyberattacks.  With the growing volume of IoT devices and sensors, the potential attack surface for manufacturers grows with it, as does the amount of data needed to protect.  In this blog post, we will delve into IoT attacks, highlight why manufacturers need to be vigilant, and provide actionable steps manufacturers can take to safeguard themselves against these evolving threats.

If you’ve read the news lately, you’ve probably heard that Artificial Intelligence tools powered by language models like ChatGPT are taking the world by storm and have the potential to revolutionize the ways we all work, especially in the manufacturing industry. Manufacturers are increasingly exploring the potential of AI tools to enhance their operations and gain a competitive edge. In today’s article, we will embark on an exploration of ChatGPT and delve into the ways in which manufacturers can harness the power of AI to elevate their business processes. We will also emphasize the paramount importance of data security and privacy, ensuring that manufacturers can leverage AI tools responsibly and safely.

What is a “watering hole” attack and how do I prevent it from happening to my company?

A watering hole attack targets a specific company by infecting their website with malware which proceeds to then further infect everyone that visits your website.  The attackers essentially use your website as a distribution mechanism to inject malware into as many of your website viewer's computers as possible, with the goal of stealing information or extracting ransom payments.  Manufacturing companies are particularly vulnerable to watering hole attacks because they often rely on supply chain partners and subcontractors who may not have the same level of security measures in place.  These attacks can compromise your sensitive information and/or intellectual property, and can also disrupt your operations.

A Denial of Service (DoS) attack is a type of cyber-attack that attempts to make a website, online service or computer network unavailable by overwhelming it with a flood of traffic or requests, causing it to crash or become extremely slow and unresponsive.. It can be targeted at a single system or an entire network, and can range from minor disruption or slowness to a complete shut down.  

Bring Your Own Device, or BYOD, has become an important technology topic over the past ten years as mobile devices have increased their capability and sophistication.  But how should your company deal with employees using their personal devices for work?  What company services do you allow employees to connect to from their personal devices, and what should you restrict to only corporate-issued computers?  The answer is: it depends!