Control Loop: The OT Cybersecurity Podcast

Real world stories of incident response and threat intelligence.

Aug 23, 2023

Today's guest, Lesley Carhart, shares real-world incident response and threat intelligence stories. Topics discussed include manipulated radiation sensor reports, malware attack on a power generator, APT-31 attacks on industrial systems, maritime cyber risk regulations, CODESYS vulnerabilities, and the role of firewalls in OT and IT environments.

33:34

Creator website

Episode guests

Lesley Carhart

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Radiation sensor data from Chernobyl may have been manipulated, posing safety risks to industrial systems and sectors.

Chinese threat actors have the capability to launch infrastructure attacks against critical sectors, exploiting legitimate administrative tools and privileges.

Deep dives

Manipulated Radiation Sensor Reports from Chernobyl

Researchers have found evidence suggesting that radiation sensor data from the Chernobyl exclusion area may have been manipulated during the Russian Army's brief occupation in 2022. The data did not correspond to the actual physical conditions, indicating a potential cyber attack that could pose safety risks in industrial systems and sectors.

Introduction

4min

Espionage and Vulnerabilities: Threats and Mitigations

7min

Insights and Challenges of Incident Response

4min

Observations and Trends in the Industrial Control Systems Industry at RSA

2min

The Role of Firewalls in OT and IT Environments

9min

Leveraging EDR and passive monitoring for comprehensive OT security

3min

Radiation sensor reports from Chernobyl may have been manipulated. South African power generator hit with malware. APT31 linked to attacks on industrial systems in Eastern Europe. Environmental regulation and increased maritime cyber risk. CISA Director warns of Chinese infrastructure attack staging. Threats to the power grid. CODESYS vulnerabilities.

Today's guest is Dragos’ Lesley Carhart, sharing their RSAC 2023 talk on real world stories of incident response and threat intelligence.

The Learning Lab continues the conversation between Dragos’ Mark Urban and Kimberly Graham about the convergence.

Control Loop News Brief.

Radiation sensor reports from Chernobyl may have been manipulated.

Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication (Ruben Santamarta)

The Mystery of Chernobyl’s Post-Invasion Radiation Spikes (WIRED)

CISA Director warns of Chinese infrastructure attack staging.

Top U.S. cyber official offers 'stark warning' of potential attacks on infrastructure if tensions with China escalate (NBC News)

China's Volt Typhoon snoops into US infrastructure, with special attention to Guam. (CyberWire)

Control Loop Interview.

Our guest is Dragos’ Technical Director for Industrial Incident Response, Lesley Carhart, sharing real world stories of incident response and threat intelligence from their RSAC 2023 talk.

Control Loop Learning Lab.

On the Learning Lab, Mark Urban is joined by Dragos Vice President of Product Management Kimberly Graham in part two of their discussion on the convergence of OT and IT.

Control Loop OT Cybersecurity Briefing.

A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Control Loop: The OT Cybersecurity Podcast

Real world stories of incident response and threat intelligence.

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Manipulated Radiation Sensor Reports from Chernobyl

Chinese Infrastructure Attacks and US Critical Infrastructure

South African Power Generator Hit by Malware

Control Loop News Brief.

Radiation sensor reports from Chernobyl may have been manipulated.

CODESYS vulnerabilities.

South African power generator hit with malware.

Environmental regulation and increased maritime cyber risk.

Threats to the power grid.

APT31 linked to attacks on industrial systems in Eastern Europe.

Control Loop Interview.

Control Loop Learning Lab.

Control Loop OT Cybersecurity Briefing.

Remember Everything You Learn from Podcasts