Control Loop: The OT Cybersecurity Podcast

ICEFALL affects OT devices. Thermal cameras and industrial processes. Sandworm spies on infrastructure. Ransomware hits auto parts manufacturer. Most electricity, oil & gas, manufacturing firms have seen cyberattacks. Nuclear facility cyber exercises. Connecticut Guard trains to defend utilities.Dawn Cappelli joins us to discuss how the OT Cyber Emergency Readiness Team is planning to address cybersecurity resource gaps for industrial infrastructure.And in the learning lab, Nick Shaw joins us for part two of OT fundamentals, where he explains the Purdue reference model for industrial cybersecurity.Control Loop News Brief.ICEFALL vulnerabilities affect OT devices OT:ICEFALL: 56 Vulnerabilities Caused by Insecure-by-Design Practices in OT (Forescout)Thermal camera vulnerabilities.Multiple Vulnerabilities in Infiray IRAY-A8Z3 thermal camera (SEC Consult)Vulnerabilities in access control panels.Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System (Trellix)Sandworm exploits Follina in phishing campaign.Russian hackers start targeting Ukraine with Follina exploits (BleepingComputer)Ransomware hits automotive hose manufacturer.US Subsidiary of Automotive Hose Maker Nichirin Hit by Ransomware (SecurityWeek)Most ransomware victims are attacked a second time.Ransomware: The True Cost to Businesses (Cybereason)89% of electricity, oil & gas, and manufacturing firms have been hit by cyberattacks.Cyber-Attacks on Industrial Assets Cost Firms Millions (Trend Micro)Control Loop Interview.Dawn Cappelli on how the OT Cyber Emergency Readiness Team (OT-CERT) is addressing the cybersecurity resource gaps that exist in industrial infrastructure. Follow Dawn on LinkedIn. OT-CERT is an Operational Technology – Cyber Emergency Readiness Team dedicated to addressing the OT resource gap that exists in industrial infrastructure. Designed to support asset owners and operators of industrial infrastructure, Dragos OT-CERT provides free cybersecurity resources for the Industrial Control System (ICS) /OT community. Learn more about OT-CERT here.Register here to join the OT-CERT community.Control Loop Learning Lab.Mark Urban is joined by Nick Shaw for part two of an intro to OT.A Collection of Resources for Getting Started in ICS/SCADA Cybersecurity.Building security to achieve engineering and business requirements.Subscribe to the Control Loop Newsletter here with new editions published every month. Learn more about your ad choices. Visit megaphone.fm/adchoices

Subscribe to the Control Loop Newsletter here with new editions published every month.UK Attorney General discusses hacking back in defense of critical infrastructure. Ethiopia says it stopped cyberattacks on its Nile dam. Recommended cybersecurity improvements for dams in the Southeastern US. Water system security. MITRE releases supply chain security framework. CISA and its partners issue guidelines for evaluating 5G implementation. Deloitte opens a Smart Factory at Wichita State University.Tim Conway from SANS discusses his path to OT cybersecurity, workforce and cyber skills development for OT personnel, and new developments in cybersecurity education for industrial security.And in the Learning Lab, Mark Urban is joined by Nick Shaw for part one of an intro to OT.Control Loop News Brief.Hacking back in defense of critical infrastructure.Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to “Hack Back” When Critical Infrastructure & Services Attacked. (CPO Magazine)TVA recommends cybersecurity improvements for dams in Southeastern US.Request for Final Action - Audit 2020-17340 Non-Power Dam Control Cybersecurity. (Office of the Inspector General, TVA) INSA says cyber attack on GERD, financial institutions foiled. (Addis Standard)Water system security.Cyberspace Solarium congressman, water officials decry EPA inaction on cybersecurity. (CyberScoop)MITRE releases supply chain security framework.Mitre’s New “System Of Trust” Protects Vulnerable Supply Chains (MITRE)CISA and its partners issue guidelines for evaluating 5G implementation.5G Security Evaluation Process Investigation Version 1 (CISA)Ransomware attack on FOXCONN Mexico factory operations..Foxconn: Mexico factory operations ‘gradually returning to normal’ after ransomware attack. (The Record)LockBit, Conti most active ransomware targeting industrial sector. (Bleeping Computer)Deloitte opens US Smart Factory.Deloitte Opens New US Smart Factory in Wichita, Kansas, Convenes Ecosystem of Innovators to Make Industry 4.0 a Reality (PR Newswire)Control Loop Interview.Tim Conway from SANS discusses his path to OT cybersecurity, workforce and cyber skills development for OT personnel, and new developments in cybersecurity education for industrial security.His LinkedIn profile may be found here; follow him at the SANS Institute here.Control Loop Learning Lab.Mark Urban is joined by Nick Shaw for part one of an intro to OT.A Collection of Resources for Getting Started in ICS/SCADA Cybersecurity Learn more about your ad choices. Visit megaphone.fm/adchoices

Every two weeks, get the latest in OT news in Control Loop News Brief, an interview featuring a thought leader in the OT space sharing current industry trends, and the Control Loop Learning Lab’s educational segment. A companion monthly newsletter is available through free subscription and on the CyberWire's website.Headlines include: Russia’s hybrid war against Ukraine. Russian threat actors against industrial control systems. Exploits for Bluetooth Low Energy. Hacktivists claim attacks against Russian ground surveillance robots. New wiper loader. Turla threat actor reconnaissance in Estonian and Austrian networks. Robert M. Lee, CEO of Dragos, talks giving back to the OT community and shares insights on Pipedream malware. Learning Lab has Dragos' Mark Urban and Jackson Evans-Davies talking about the fundamentals of OT cybersecurity.Control Loop News Brief.Continuing expectations of escalation in cyberspace.Microsoft President: Cyber Space Has Become the New Domain of Warfare - Infosecurity MagazineCyber Attacks on Ukraine: Not What You Think | PCMag Warning: threat actor targets industrial systems.US warns energy firms of a rapidly advancing hacking threat - E&E NewsPIPEDREAM: CHERNOVITE's Emerging Malware Targeting Industrial Environments | DragosPipedream Malware: Feds Uncover 'Swiss Army Knife' for Industrial System Hacking | WIREDIndestroyer2 and Ukraine's power grid. Twitter: @ESETresearchIndustroyer2: Industroyer reloaded | WeLiveSecurityRussian hackers tried to bring down Ukraine's power grid to help the invasion | MIT Technology ReviewBluetooth vulnerabilities demonstrated in proof-of-concept.NCC Group uncovers Bluetooth Low Energy (BLE) vulnerability that puts millions of cars, mobile devices and locking systems at riskTesla Hacker Proves a Way of Unlocking Doors, Starting Engine - BloombergCISA and its international partners urge following best practices to prevent threat actors from gaining initial access.Weak Security Controls and Practices Routinely Exploited for Initial Access | CISAHacktivists claim to have compromised Russian-manufactured ground surveillance robots.Did hackers commandeer surveillance robots at a Russian airport?Twitter: @caucasnetPolitically motivated DDoS attack on Port of London Authority website.Twitter: @LondonPortAuthPro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack New loader identified in wiper campaigns.Sandworm uses a new version of ArguePatch to attack targets in Ukraine | WeLiveSecurity Turla reconnaissance detected in Austrian and Estonian networks.Russian hackers perform reconnaissance against Austria, Estonia TURLA's new phishing-based reconnaissance campaign in Eastern Europe SANS ICS Summit is coming to Florida, June 1-9.ICS Security Summit & Training 2022Colonial Pipeline’s ransomware attack, one year later.How the Colonial Pipeline attack instilled urgency in cybersecurityOT vulnerabilities as credit risk.Operational Technology Cyberattacks Are a Credit Risk for UtilitiesA Cyber Resilience Pledge. Global CEOs Commit to Collective Action on Cyber Resilience Recent threat intelligence findings from Dragos.Dragos ICS/OT Ransomware Analysis: Q1 2022Control Loop Interview.Robert M. Lee, CEO of Dragos, on giving back to the OT cybersecurity community, the idea behind the Control Loop podcast and newsletter, and his candid thoughts on the Pipedream malware and its creators.Follow Rob on LinkedIn and Twitter.Control Loop Learning Lab.Dragos’ Mark Urban and Jackson Evans-Davies on the fundamentals of OT cybersecurity and network architecture.Dragos 2021 ICS Cybersecurity Year in ReviewHow to Build a Roadmap for ICS/OT Cybersecurity: 3 Steps to a Sustainable ProgramManaging External Connections to Your Operational Technology EnvironmentImproving ICS/OT Security Perimeters with Network Segmentation Learn more about your ad choices. Visit megaphone.fm/adchoices

Cybersecurity for Operational Technology and Industrial Control Systems.The Control Loop podcast, hosted by the CyberWire’s Dave Bittner, investigates the latest threat intelligence, security strategies, and technologies that industry professionals rely on to safeguard civilization. Every two weeks, Dave analyzes the biggest stories in OT security with commentary from key industry leaders and operators. Each episode includes new guests who provide the insider’s perspective on major threats and vulnerabilities, novel ideas and solutions, and critical training topics. Control Loop Episode 1 premieres on June 1st, 2022.Listen and subscribe to the podcast wherever you get your favorite shows and subscribe to the newsletter on the CyberWire website. Learn more about your ad choices. Visit megaphone.fm/adchoices