Control Loop: The OT Cybersecurity Podcast

The US Department of Energy seeks to improve visibility into ICS environments. NIST has issued a proposal for upgrading cybersecurity at water plants in the US. A patch has been issued for a critical vulnerability that affects flow computers from ABB. Guest Ashif Samnani of Cenovus Energy shares insights from his nearly two decade career in the OT world. In the Learning Lab, hear the third in a series with Mike Hoffman, a Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. This segment discusses looking at crown jewel analysis and understanding what really matters within your environment.Control Loop News Brief.US Department of Energy seeks to improve visibility into ICS environments.“DOE Pivots Security Strategy as 'Smart' Tech Use Soars,” (GovCIO)NIST proposal for upgrading cybersecurity at water plants.“NIST proposes project to improve cybersecurity at water utilities,” (FedScoop)“[Project Description] Securing Water and Wastewater Utilities: Cybersecurity for the Water and Wastewater Systems Sector,” (NIST)“Securing Water and Wastewater Utilities,” (National Cybersecurity Center of Excellence)Critical vulnerability affects flow computers.ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (SecurityWeek)CISA releases twenty ICS Security Advisories.CISA Releases Twenty Industrial Control Systems Advisories (CISA)Control Loop Interview.Guest Ashif Samnani, Industrial Control System Cyber Security Leader at Cenovus Energy, shares some insights from his nearly two decade career across the OT world.Control Loop Learning Lab.Our Learning Lab segment is the third in a series of three with Mike Hoffman, Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. This segment discusses looking at crown jewel analysis and understanding what really matters within your environment. Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA releases cross-sector cybersecurity performance goals. A look at the ransomware threat to industrial organizations. The TSA says it will issue new aviation cybersecurity requirements, and announces a railway cybersecurity directive. The White House focuses on cybersecurity in the chemical sector. Guest Jim Richberg of Fortinet addresses the evolving threat landscape and coming supply chain risks. In the Learning Lab, hear the second in a series with Mike Hoffman, a Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. This segment discusses the critical aspects of OT systems that have to be considered before thinking about security.Control Loop News Brief.CISA releases cross-sector cybersecurity performance goals. “Cross-sector Cybersecurity Performance Goals,” (CISA)The ransomware threat to industrial organizations.“Dragos Industrial Ransomware Analysis: Q3 2022,” (Dragos)Leading European metals producer hit with malware.“Aurubis says it was hit in wider cyberattack on metals industry” (Reuters)Copper Giant Aurubis Shuts Down Systems Due to Cyberattack (SecurityWeek)TSA says it will issue new aviation cybersecurity requirements.“U.S. to issue new cybersecurity requirements for critical aviation systems,” (Reuters)TSA announces railway cybersecurity directive.“Rail Cybersecurity Mitigation Actions and Testing,” (TSA)White House focuses on cybersecurity in the chemical sector.“FACT SHEET: Biden-⁠Harris Administration Expands Public-Private Cybersecurity Partnership to Chemical Sector,” (The White House)“White House Adds Chemical Sector to ICS Cybersecurity Initiative,” (SecurityWeek)Control Loop Interview.Guest Jim Richberg of Fortinet joins us to discuss the evolving threat landscape and coming supply chain risks.Control Loop Learning Lab.Our Learning Lab segment is the first in a series of three with Mike Hoffman, Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. IN this segment, he discusses the critical aspects of OT systems that have to be considered before thinking about security. Learn more about your ad choices. Visit megaphone.fm/adchoices

An assessment of port and terminal cybersecurity in the US. Tata Power discloses a cyberattack. The White House issues statements on cybersecurity. India’s power company collaborates on energy sector cybersecurity. Guests Special Agent in Charge, Tom Sobocinski, and Supervisory Special Agent for Cyber, Tom Breeden, of the FBI Baltimore Field Office, discuss the FBI's collaborative approach to working with industry. In the Learning Lab, Mike Hoffman of Dragos kicks off the first of 3 segments on teaching infosec professionals how to think about OT security with the fundamental differences between IT security and OT security.Control Loop News Brief.Port and terminal cybersecurity.“US Ports and Terminals Sustain Increased Cybersecurity Attacks,”(Jones Walker LLP)Cyber attack against Tata Power.“Indian energy company Tata Power announces cyberattack affecting IT infrastructure,” (The Record)“Tata Power says hit by cyber attack, says critical system functioning,” (Mint)“Tata Power says hit by cyber attack,” (The Economic Times)Sabotage and terrorism directed against infrastructure.“Russia’s MFA summons German, Danish, Swedish envoys over Nord Stream probe,” (TASS)White House statement on cybersecurity.“FACT SHEET: Biden-⁠Harris Administration Delivers on Strengthening America’s Cybersecurity,” (The White House)India collaborates on energy sector cybersecurity.“New collaboration to tackle cybersecurity issues in power transmission systems,” (India Science Wire)Control Loop Interview.Guests are FBI Baltimore Special Agent in Charge, Tom Sobocinski, and Supervisory Special Agent for Cyber, Tom Breeden, sharing the FBI's collaborative approach to working with industry.Control Loop Learning Lab.Our Learning Lab segment is the first in a series of three with Mike Hoffman, Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. This episode's segment is about the fundamental differences between IT security and OT security. Learn more about your ad choices. Visit megaphone.fm/adchoices

Nord Stream pipelines sabotaged in a kinetic attack. NSA and CISA issue guidance on ICS threats. Ukraine anticipates Russian cyberattacks against the energy sector. Dragos receives CVE numbering authority. CISA's ICS Advisories. Guest Dawn Cappelli of Dragos shares an update on OT-CERT. In the Learning Lab, Mark Urban and Phil Tonkin of Dragos talk about where does all that electricity that is generated go?Control Loop News Brief.Nord Stream pipelines sabotaged in a kinetic attack.Sweden Detected Two Underwater Explosions Near Nord Stream Leak (Bloomberg)Germany Suspects Sabotage Hit Russia’s Nord Stream Pipelines (Bloomberg)European leaders blame Russian ‘sabotage’ after Nord Stream explosions (The Washington Post)Kremlin dismisses 'stupid' claims Russia attacked Nord Stream (Reuters)EU vows to protect energy network after 'sabotage' of Russian gas pipeline (Reuters)NSA and CISA issue guidance on ICS threats.NSA, CISA: How Cyber Actors Compromise OT/ICS and How to Defend Against It (NSA)NSA and CISA explain the potential consequences of these attacks.Control System Defense: Know the Opponent (NSA/CISA)Dragos receives CVE numbering authority.The CVE Program Recognizes Dragos as a Numbering Authority for Common Vulnerabilities and Exposures (Dragos)CISA's ICS Advisories.CISA Releases Eight industrial Control Systems Advisories (CISA)Control Loop Interview.Dawn Cappelli of Dragos shares an update on OT-CERT now that it's live and providing free resources to small and medium sized organizations with OT environments.Control Loop Learning Lab.In Part 2 of the Learning Lab segment on electricity, Mark Urban is joined by Dragos' Senior Director of Strategy Phil Tonkin. Now that we know how much electricity is generated, Phil sheds some light on where it all goes. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Palestinian hacktivist group GhostSec compromises Israeli PLCs. North Korea’s Lazarus Group targets the energy sector. The White House issues a memorandum on supply chain security. CISA issues advisories on ICS vulnerabilities. Guest Rachael Conrad of Rockwell Automation talks about how industrial automation organizations can achieve their connected enterprise by providing a safe and secure OT infrastructure. In the Learning Lab, Dragos' Mark Urban discusses the scale of the generation of electricity.Control Loop News Brief.Palestinian threat actor compromises Israeli PLCs.“Pro-Palestinian Hacking Group Compromises Berghof PLCs in Israel,” (OTIRO)Lazarus Group targets the energy sector.“Lazarus and the tale of three RATs,” (Cisco Talos)White House issues memorandum on software supply chain security.“Enhancing the Security of the Software Supply Chain to Deliver a Secure Government Experience,” (The White House)CISA issues ICS advisories.MZ Automation libIEC61850 (CISA)PTC Kepware KEPServerEX (CISA)Baxter Sigma Spectrum Infusion Pump (CISA)Hillrom Medical Device Management (Update A) (CISA)Hitachi Energy TXpert Hub CoreTec 4 Sudo Vulnerability (CISA)Honeywell SoftMaster (CISA)Delta Industrial Automation DIAEnergie (CISA)Kingspan TMS300 CS (CISA)Paradox IP150 (Update A) (CISA)Siemens Mobility CoreShield OWG Software (CISA)Siemens Simcenter Femap and Parasolid (CISA)Siemens RUGGEDCOM ROS (CISA)Siemens Mendix SAML Module (CISA)Siemens SINEC INS (CISA)Siemens RUGGEDCOM ROS (Update A) (CISA)Simcenter Femap and Parasolid (CISA)Siemens Industrial Products Intel CPUs (Update A) (CISA)Siemens OpenSSL Affected Industrial Products (CISA)Siemens OpenSSL Vulnerability in Industrial Products (Update E) (CISA)Siemens SCALANCE (CISA)Control Loop Interview.Rachael Conrad of Rockwell Automation joins Dave Bittner to talk about how industrial automation organizations can achieve their connected enterprise by providing a safe and secure OT infrastructure.Control Loop Learning Lab.The Learning Lab has Mark Urban of Dragos, in part one of a two-part segment on electricity, explores the scale of the generation of electricity. For more detail, check out this blog post on Electricity by the Numbers. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybersecurity for the food industry. Montenegro works to recover from Russian cyber offensive. NSTAC recommends cataloging Federal OT assets. Chemical sector cybersecurity. Kinetic attacks affect Ukrainian nuclear power plant. CISA ICS alerts. Guest Dean Parsons from SANS joins us to discuss attacks against critical infrastructure. The Learning Lab finds Dragos' Mark Urban joined by Miriam Lorbert breaking down the fundamentals of the control loop.Control Loop News Brief.Food industry cybersecurity.Food Processing Special Report Reveals Increasing Concern of Cyber Attacks for Food & Beverage Industry (Dragos)Montenegro works to recover from Russian cyber offensive.FBI's team to investigate massive cyberattack in Montenegro (AP NEWS)US issues rare security alert as Montenegro battles ransomware (TechCrunch)Cuba ransomware group claims attack on Montenegro government (IT PRO)Cuba Ransomware Team claims credit for attack on Montenegro (Databreaches.net)Montenegro blames Cuba ransomware for cyberattack (Cybernews)Montenegro Sent Back to Analog by Unprecedented Cyber Attacks (Balkan Insight)Montenegro blames criminal gang for cyber attacks on government (EU Reporter)Ransomware Attack Sends Montenegro Reaching Out to NATO Partners (Bloomberg)NSTAC recommends cataloging Federal OT assets.NSTAC Urges CISA Action to Boost Security of Feds’ OT Systems (MeriTalk)Chemical sector cybersecurity.Chemical Sector Next in Line for White House Plan to Incentivize Cybersecurity (Nextgov.com)Kinetic attacks affect Ukrainian nuclear power plant.Ukraine says nuclear plant offline after Russian shelling (AP NEWS)Russia-Ukraine war: Ukraine accuses Russia of shelling town by Zaporizhzhia nuclear plant as inspectors arrive – live (the Guardian) UN inspectors arrive at Ukraine nuclear plant amid fighting (AP NEWS)U.N. Inspectors Gauge Risks at Nuclear Plant as Ukraine and Russia Trade Accusations (New York Times)IAEA head ignores gunfire to visit Ukraine nuclear plant, says experts to stay (Reuters)CISA ICS alerts.Hitachi Energy FACTS Control Platform (FCP) Product (CISA)Hitachi Energy Gateway Station (GWS) Product (CISA)Hitachi Energy MSM Product (CISA)Hitachi Energy RTU500 series (CISA)Fuji Electric D300win (CISA)Honeywell ControlEdge (CISA)Honeywell Experion LX (CISA)Honeywell Trend Controls Inter-Controller Protocol (CISA)Omron CX-Programmer (CISA)PTC Kepware KEPServerEX (CISA)Sensormatic Electronics iSTAR (CISA)Mitsubishi Electric GT SoftGOT2000 (CISA)Contec Health CMS8000 (CISA)Delta Electronics DOPSoft (CISA) Dragos Industrial Security Conference 2022.Mark your calendar for Saturday, November 5, 2022, for the next Dragos Industrial Security Conference (DISC), 100% free as a thank you to the ICS asset owner and operator community. You’ll hear ICS research on threats, malware, incidents, and vulnerabilities conducted by our intelligence and threat operations teams. Visit http://dragos.com/disc-2022 to learn more and register.Control Loop Interview.Dean Parsons from SANS talks about cyber attacks against critical infrastructure, the future of geopolitical conflict, active ICS defense using ICS-threat hunting techniques, and the difference between IT/OT incident response.Control Loop Learning Lab.Do you want to know how a toilet became the very first industrial control system more than 2000 years ago? Hear about it in the Learning Lab where Mark Urban speaks with Miriam Lorbert, Senior Industrial Consultant at Dragos, about the fundamentals of the control loop. Learn more about your ad choices. Visit megaphone.fm/adchoices

DOE invests in securing the US power grid. CISA’s recent ICS security advisories. Industroyer2 makes an appearance in Ukraine. DDoS attack against Energoatom’s website. Ransomware trends and the threat to OT systems. Ransomware gang attempts to extort the wrong water company.Control Loop News Brief.DOE invests in securing the US power grid. DOE invests $45 million in cyber technology that protects power sector (The Hill) CISA’s recent ICS security advisories.Cisco Releases Security Update for Multiple Products (CISA)Siemens Simcenter STAR-CCM+ (CISA)Siemens Teamcenter (CISA) Schneider Electric EcoStruxure, EcoStruxure Process Expert, SCADAPack RemoteConnect for x70 (CISA)Emerson ROC800, ROC800L and DL8000 (CISA)Siemens SICAM A8000 Web Server Module (CISA) Siemens SICAM TOOLBOX II (CISA)Siemens SCALANCE (CISA) Siemens SIMATIC S7-400 (CISA) Siemens Industrial Products Intel CPUs (Update A) (CISA) Siemens Industrial Products LLDP (Update B) (CISA) Siemens Linux-based Products (Update G) (CISA) Siemens Datalogics File Parsing Vulnerability (CISA)Siemens S7-400 CPUs (Update A) (CISA)Siemens SIMATIC Software Products (Update B) (CISA) Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update B) (CISA)Baxter Sigma Spectrum Infusion Pumps (Update B) (CISA)Siemens Industrial Products with OPC UA (Update H) (CISA)Siemens PROFINET Stack Integrated on Interniche Stack (CISA) Siemens TIA Portal (Update C) (CISA) Siemens Teamcenter (CISA) Siemens Industrial Devices using libcurl (CISA)Siemens SIMATIC WinCC and PCS (CISA)Siemens Teamcenter (CISA)Siemens Industrial Products (CISA)Siemens OpenSSL Vulnerabilities in Industrial Products (CISA)Siemens RUGGEDCOM ROS (CISA) Simcenter Femap and Parasolid (CISA) Siemens SRCS VPN Feature in SIMATIC CP Devices (CISA) Yokogawa CENTUM Controller FCS (CISA)LS ELECTRIC PLC and XG5000 (CISA)Delta Industrial Automation DRAS (CISA)Softing Secure Integration Server (CISA)B&R Industrial Automation Automation Studio 4 (CISA)Emerson Proficy Machine Edition (CISA)Sequi PortBloque S (CISA)Siemens Industrial Products with OPC UA (CISA)Siemens Linux-based Products (Update J) (CISA)Siemens Industrial Products LLDP (Update D) (CISA)Siemens OpenSSL Affected Industrial Products (Update B) (CISA)Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update A) (CISA)Mitsubishi Electric Multiple Factory Automation Products (Update A) (CISA)Industroyer2 makes an appearance in Ukraine. Ukraine cyber chief pays surprise visit to 'Black Hat' hacker meeting in Las Vegas (Reuters) Black Hat 2022‑ Cyberdefense in a global threats era (WeLiveSecurity) DDoS attack against Energoatom’s website. Ukraine’s state-owned nuclear power operator said Russian hackers attacked website (The Record) Ransomware trends and the threat to OT systems. Dragos Industrial Ransomware Analysis: Q2 2022 (Dragos) Ransomware gang attempts to extort the wrong water company.Hackers attack UK water supplier but extort wrong company (BleepingComputer)Control Loop Interview.Jason Christopher, Director of Cyber Risk at Dragos, Boards and threat-informed industrial risk managementControl Loop Learning Lab.David Foose, Senior Product Manager at Dragos, talking with Mark Urban of Dragos about SCADA. Learn more about your ad choices. Visit megaphone.fm/adchoices

BlackCat ransomware gang hits Luxembourg energy company. Predatory Sparrow's assault on Iran's steel industry. MOXA issues patches for two vulnerabilities. ICS security advisories. Two security bills pass the US House. Insider threat: Spain arrests nuclear plant employees. The human risk to OT systems.Control Loop News Brief.BlackCat ransomware gang hits Luxembourg energy company.BlackCat ransomware gang hits Luxembourg energy supplier Creos (Computing)Luxembourg energy provider Encevo Group battles ransomware attack by BlackCat (Tech Monitor)BlackCat ransomware claims attack on European gas pipeline (BleepingComputer)Luxembourg energy companies struggling with alleged ransomware attack, data breach (The Record by Recorded Future) Predatory Sparrow's assault on Iran's steel industry.Predatory Sparrow: Who are the hackers who say they started a fire in Iran? (BBC News)Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents' (CyberScoop) MOXA issues patches for two vulnerabilities.Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek)Two Moxa Zerodays — ICSRange.com - Powered by En Garde Security (ICSRange.com - Powered by En Garde Security)ICS security advisories.Inductive Automation Ignition (CISA)Honeywell Safety Manager (CISA)Honeywell Saia Burgess PG5 (CISA)MOXA NPort 5110 (CISA)Mitsubishi MELSEC and MELIPC Series (Update D) (CISA)Rockwell Products Impacted by Chromium Type Confusion Vulnerability (CISA)Mitsubishi FA Engineering Software (Update B) (CISA)Mitsubishi Electric Factory Automation Engineering Software (Update C) (CISA)Mitsubishi Electric Factory Automation Products Path Traversal (Update C) (CISA)Mitsubishi Electric Factory Automation Engineering Products (Update H) (CISA)Mitsubishi Electric FA Engineering Software Products (Update F) (CISA)Delta Electronics DIAEnergie (Update C) (CISA)Delta Electronics DIAEnergie (Update C) (CISA)Security bills pass the US House.House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek)Insider threat: Spain arrests nuclear plant employees.Spanish police arrest two accused of hacking radioactivity alert system (Record by Recorded Future)The human risk to OT systems.The 2022 State of Operational Technology (SCADAfence)Control Loop Interview.Bryson Bort from SCYTHE, on threat emulation for critical infrastructure, season 3 of Hack the Plant with the Atlantic Council, and the ICS Village at Def Con in collaboration with CISA.Bryson Bort on LinkedInControl Loop Learning Lab.Jim Gilsinn, Technical Leader at Dragos Global Services Team, discusses Security Directive Pipeline-2021-02C, pipeline cybersecurity mitigation actions, contingency planning, and testing, with Mark Urban, VP of Product Market Strategy at Dragos.Jim Gilsinn on LinkedIn Mark Urban on LinkedInU.S. Transportation Safety Administration (TSA) Pipeline Security DirectiveSubscribe to the Control Loop Newsletter here with new editions published every month. Learn more about your ad choices. Visit megaphone.fm/adchoices

More deniable DDoS attacks strike countries friendly to Ukraine. Russian intentions and capabilities in its hybrid war. Log4j is now “endemic.” CISA’s ICS security advisories. Operational technology and the C2C market. TSA issues revised pipeline cybersecurity guidelines. Zero-trust comes to OT.Our guest is Puesh Kumar from the Department of Energy, discussing the DOE’s efforts to secure critical infrastructure, and to secure clean energy infrastructure.In the Learning Lab, Kimberly Graham, senior director of product management at Dragos, talks with Mark Urban about the alphabet soup of OT. Control Loop News Brief.Threats to infrastructure in a hybrid war.Ignitis Group hit by DDoS attack as Killnet continues Lithuania campaign (Tech Monitor) Ignitis services were knocked offline this weekend in a DDoS attack as Russian hackers Killnet target Ukraine's allies.US seeking to understand Russia’s failure to project cyber power in Ukraine (Defense News) “With regard to the Russian use of cyber and our takeaways,” Anne Neuberger said, “there are any number of theories for what we saw and what, frankly, we didn’t see.”Battling Moscow's hackers prior to invasion gave Kyiv 'full dress rehearsal' for today's cyber warfare (CyberScoop) Years of cyberattacks have helped prepare Ukraine to fight back against Russia's arsenal of digital weapons.Log4j is now “endemic.”DHS Review Board Deems Log4j an 'Endemic' Cyber Threat (Dark Reading) Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says.DHS board: No one used software inventories to find vulnerable Log4j deployment (FedScoop) Many in government and industry want SBOMs to be the secure software development compliance standard, but the technology remains limited.Review of the December 2021 Log4j Event (Cyber Safety Review Board) We write this report at a transformational moment for the digital ecosystem. The infrastructure on which we rely daily has become deeply interconnected through the use of shared communications, software, and hardware, making it susceptible to vulnerabilities on a global scale.Dragos and Emerson Expand Global Agreement to Secure Industrial Infrastructure for Process Industries (Dragos) Dragos Extends ICS/OT Cybersecurity to Emerson’s DeltaV Distributed Control System to Protect Process Industries.CISA’s ICS security advisories.Hundreds of ICS Vulnerabilities Disclosed in First Half of 2022 (Security Week) More than 600 industrial control system (ICS) product vulnerabilities were disclosed in the first half of 2022 by the US Cybersecurity and Infrastructure Security Agency (CISA), according to an analysis conducted by industrial asset and network monitoring company SynSaber.Operational technology and the criminal-to-criminal market. Hackers are targeting industrial systems with malware (Ars Technica) An entire ecosystem of sketchy software is targeting potentially critical infrastructure.Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems (The Hacker News) Hackers Distributing Password Cracking Tool for PLCs and HMIs to Infect Industrial Systems with Sality MalwareThe Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators (Dragos) Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.TSA issues revised pipeline cybersecurity guidelines. TSA revises and reissues cybersecurity requirements for pipeline owners and operators (Transportation Security Administration) The Transportation Security Administration (TSA) announced the revision and reissuance of its Security Directive regarding oil and natural gas pipeline cybersecurity. This revised directive will continue the effort to build cybersecurity resiliency for the nation’s critical pipelines. Learn more about your ad choices. Visit megaphone.fm/adchoices

A cyberattack hits a Ukrainian energy provider. A Chinese-speaking threat actor targets building automation systems. An Iranian steel mill suspends production due to a cyberattack. The US US TSA issues relaxed pipeline cybersecurity directives. A US cybersecurity bill focuses on training. Ian Frist from BlueVoyant joins us to discuss on what CMMC will mean for ICS environments. And in the Learning Lab, Robert M Lee joins us to explain the five critical controls for ICS.Control Loop News Brief.Russian hackers allegedly target Ukraine's biggest private energy firm (CNN) Russian hackers carried out a "cyberattack" on Ukraine's biggest private energy conglomerate in retaliation for its owner's opposition to Russia's war in Ukraine, the firm said Friday.Attacks on industrial control systems using ShadowPad (Kaspersky) In mid-October 2021 Kaspersky ICS CERT researchers uncovered an active ShadowPad backdoor infection on industrial control systems (ICS) in Pakistan.Cyberattack Forces Iran Steel Company to Halt Production (SecurityWeek) One of Iran’s major steel companies said Monday it was forced to halt production after being hit by a cyberattack that also targeted two other plants, apparently marking one of the biggest such assaults on the country’s strategic industrial sector in recent memory.Iran’s steel industry halted by cyberattack (The Jerusalem Post) Predatory Sparrow, a hacktivist group that is little known, took credit for the hacking that halted Iran's steel industry.Iranian steel facilities suffer apparent cyberattacks (CyberScoop) Three Iranian steel companies suffered apparent cyberattacks Monday, claimed a hacktivist group that previously took responsibility for a digital assault on the Iranian train system with wiper malware.Smart Factories Need to Prioritize Cybersecurity (Capgemini) Smart factories are increasingly being utilized by industry as part of the transition toward digitization. Being connected to cloud or the internet, they bring a plethora of communicative advantages. However, this network connection also creates a larger surface area vulnerable to attack via digital means.TSA Eases Pipeline Cybersecurity Rules Issued After Colonial Hack (Wall Street Journal) The Transportation Security Administration is loosening pipeline cybersecurity rules imposed after ...House Passes ICS Cybersecurity Training Bill (SecurityWeek) The House of Representatives has passed the Industrial Control Systems Cybersecurity Training Act.Cyber Yankee exercise hones New England Guard skills to fight digital threats (C4ISRNet) “Whether it’s a state or a federal effort, the importance of being prepared to respond to a cyber ...Control Loop Interview.Ian Frist from BlueVoyant joins us to discuss the Cybersecurity Maturity Model Certification from the US Department of Defense and what it means for industrial environments.Ian Frist on LinkedInControl Loop Learning Lab.Robert M. Lee teaches us about the five critical controls for OT cybersecurity.5 Critical Controls for OT CybersecuritySubscribe to the Control Loop Newsletter here with new editions published every month. Learn more about your ad choices. Visit megaphone.fm/adchoices