Articles

ThreatGEN

Florida Water Treatment Plant Attack

Since there are plenty of threat monitoring sources throughout our industry, we thought it best not to repeat those concerning the Florida water treatment plant attack.  ThreatGEN believes it is worthwhile to have a lessons learned after the the dust settles though.  The reason we didn't release immediately after the ...
Read More
Capture the Flag (CTF)

CTF – “You keep using that word. I do not think it means what you think it means.”

As a gamer, every time I hear "capture the flag", or "CTF", my memories bring me back to playing games like Team Fortress, Counter Strike, and other team FPS (First Person Shooter) games where you would literally try to steal (a.k.a. “capture”) the other team’s flag (usually placed deep within ...
Read More
SolarWinds

What Could the SolarWinds Attack Mean for OT?

Since the publication of the SolarWinds attack in December 2020, there have been countless breakdowns of the malware used, how it works, and what the implications are for organizations using Orion products in their IT infrastructure. As extensive as the coverage of the attack has been, we haven’t heard much ...
Read More
gamification

Gamification vs. Games

A lot of people play video games. According to NewZoo's article "Video Game Industry Statistics in 2020", in 2019 over 2.7 billion people played video games. That's more than 1 out of every 3 people who voluntarily spend their leisure time pursuing video games. Gamification is about trying to use ...
Read More
cybersecurity statistics

Lies, Damned Lies, and Cybersecurity Statistics

Either Mark Twain or the 19th century British Prime Minister Benjamin Disraeli said, "There are three kinds of lies: lies, damned lies, and cybersecurity statistics." There are three kinds of lies: lies, damned lies, and statistics."Mark Twain Quotes." Quotes.net. STANDS4 LLC, 2021. Web. 21 Jan. 2021. <https://www.quotes.net/quote/1647>. Parody aside, in the cybersecurity ...
Read More

OT/ICS Cybersecurity Kill Chain video released

Sugar Land, Texas (July 2, 2020) — ThreatGEN, an operational technology (OT) security firm, releases its second video in its Red vs. Blue Academy OT security educational series entitled "OT/ICS Cybersecurity Kill Chain, Technical Demo". In this video, Pascal Ackerman demonstrates an OT/ICS cybersecurity attack on a control system, from ...
Read More

Checking for ICS Internet Exposure Using Shodan.io

In this article I will take you through the process of performing an internet exposure check for your ICS. We will look at what “exposure” means in the realm of networking, followed by a sample search for the internet exposure of a random IP address that I chose for no ...
Read More

Design for Security – Why Proper Architecture Matters to ICS Security

I wanted to take some time today and share with you my thoughts on fundamental ICS (cyber)security. With all these shiny new and expensive OT-centric security products getting released over the past few years, it might be tempting to start thinking that securing your industrial environment will be achievable with ...
Read More

Taking a closer look at the LookBack Malware Campaign

If you follow my posts on LinkedIn, you might recall an article I shared about a week or two ago about a new malware campaign that was uncovered, targeting ICS companies in the US utilities industry. If you missed the post or want to reread the article, here is the ...
Read More

Another day, more data breaches – where the data goes

This is my first blog post as principal threat analyst with ThreatGEN. The intent is to release a somewhat weekly security news aggregate article with a preference for Industrial security threat articles and a strong technical emphasis on things. Well, I will start that ritual next week, because this week ...
Read More

Categories