Claim Ownership

Author:

Subscribed: 0Played: 0
Share

Description

 Episodes
Reverse
Today we’re going to discuss an evolving vulnerability in the industrial sector – the security of cloud data and networks. We’re obviously talking about the use of IT infrastructure that’s not physically located within the plant or facility. It’s a platform that is continuing to see an uptick in use. In fact, Netwrix, a leading cloud network security solutions provider, recently cited in their latest Cloud Data Security Report, that organizations expect to increase the amount of work done in the cloud from 41 percent to 54 percent by the end of 2023.More specifically, this means an increased reliance on cloud storage for corporate financial information and intellectual property.And while this is good news to cloud service providers, they’re apparently not the only ones enjoying this trend. Netwrix also cited that 53 percent of those surveyed suffered a cyberattack targeting their cloud network within the last 12 months.But perhaps the most frightening statistic from the report is that despite these findings, 78 percent said they were satisfied with their cloud security. Joining us to discuss these findings and the current state of industrial cybersecurity is Dirk Schrader, VP of Security Research at Netwrix.For more information on the work Netwrix does, you can go to netwrix.com
When discussing the industrial sector’s threat landscape, we often detail events that result from vulnerabilities discovered by hackers probing for soft spots within an organization’s networks, connected infrastructure or data storage centers.However, taking a look at Nuspire’s latest Threat Landscape Report reiterates the need for manufacturers to keep their defenses up even when working with documents, files or websites that would appear to have limited interest from hackers and no connection points to outside parties.Nuspire reported a 28 percent increase in malware attacks – or about 52,000 detections a day during the second quarter of 2022. While many are being detected and blocked before being seen by the user, some are getting through by disguising themselves as add-ons or support tools for Microsoft Office documents. Once the user clicks for additional information within these software programs, which contain embedded on-line connections in providing legitimate support and downloadable tools, the malware is downloaded, providing a gateway to any and all of that user’s network, cloud, system and software connections.During this same period, the company reported a 100 percent increase in botnet activity – reaching a rate of nearly 20,000 attacks per day. This form of malware attaches itself to web pages and emails. Once it is unintentionally downloaded via the targeted user clicking on a link or agreeing to download a false asset, the bug can log keystrokes in stealing login and other personal information that often feeds into ransomware attacks.Joining us to discuss these ongoing threats is Mike Pedrick, VP of Cybersecurity Consulting for Nuspire – a leading managed security services provider.
When the Eastern European hacker group DarkSide shut down the Colonial Pipeline in May of 2021, the ramifications were felt across numerous landscapes.In addition to impacting air travel and triggering panic over gasoline availability, the six-day interruption of fuel to much of the Eastern United States led to one of the highest profile ransomware payments in recent history.Although law enforcement was able to track down and recover more than half of the $4.4 million in Bitcoin that Colonial paid the ransomware attackers, two critical points had been made: the U.S. industrial sector was vulnerable, and they were willing to pay to restore operations.In support of the increasing concerns facing the industrial sector’s cybersecurity needs, IBM recently reported that manufacturing overtook financial institutions and insurance providers in becoming the most targeted industry by cyber criminals in 2021.Joining us to discuss this ongoing threat is Eric Ervin, Global Director for Utilities and Manufacturing at 1898 & Company, a leading provider of data management and business consulting services. 
Tenable recently released their Ransomware Ecosystem white paper. So we sat down with Satnam Narang, a research engineer focused on security response at the company, to discuss some its findings, including:The FBI estimates that between 2013 and 2019, ransomware groups collectively earned over $144 million. That number skyrocketed in in 2020 with these groups reportedly raking in $692 million collectively.According to U.S. government data, the first half of 2021 saw ransomware payments reach just under $600 million in the first six months, which included a record amount of $40 million paid out by an insurance company. And you can probably guess that these reported amounts are a fraction of the true total being paid to ransomware attackers and groups.Additional data is available by downloading the white paper here.For more information on the work Tenable does, you can go to www.tenable.comTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
A great deal of cybersecurity attention, and rightfully so, is paid to the role of defending against and responding to outside attackers. However, just as important to establishing and reinforcing cyber plans is ensuring that internal vulnerabilities are not created or made easier to detect through systems, networks and new technologies that are introduced to the industrial infrastructure, albeit with the best of intentions.However, the influx of handheld devices and mobile computing power can lead to the unintentional injection of numerous cybersecurity issues. One only needs to look at the history of the Stuxnet virus for proof of how something as simple as a USB stick can lead to massive and often irreparable damage. To help lend some insight on such potential security issues is Todd Greenwald. He serves as the president of Heartland – a McHenry, Illinois-based company that works with the industrial sector to improve business operations through technology integration, process implementation and network redesign. Heartland’s specialties include wireless infrastructure, network security, mobile computing, automated data collection systems, and more. For more information on the work Heartland does, you can go to www.heartland-usa.com. 
What else can we say as it relates to the industrial sector and the cybersecurity threats that continue to present themselves, other than – the battle wages on.The value of the sector’s IP, the plethora of personal information and the vital need to maintain uptime makes manufacturing a favorite target of hackers. And as those in the financial and healthcare markets know all too well, recognition of the threat only seems to spur the creation of new and better weapons focused on wreaking havoc. So, joining us today to discuss some of the latest threats to hit the industrial sector is Lauren Podber – she’s a Principal Intelligence Analyst at Red Canary, firm that specializes in managing cybersecurity endpoint detection, planning and response. They were also among the first to assess the first threat we’re going to discuss – Raspberry Robin. For more information on the work Red Canary does, you can go to www.redcanary.com
JBS Foods is a $30B meat processor that most people didn’t know about until they paid ransomware attackers REvil $11M last June in order to get plants in the U.S. and Brazil up and running, and prevent what is believed to be up to 5 TB of data from being leaked.According to SecurityScorecard.com, the hackers obtained leaked credentials from employees in Australia and began probing the company’s network and extracting data three months prior to issuing their demands.SecurityScorecard estimates that over 20 percent of food companies have a known vulnerability, and nearly 400 have suffered a breach and/or attack. To help shed some light on these vulnerabilities, and how to prevent or respond to them, we’re excited to welcome Matt Parsons, Director of Network and Security Product Management at Sungard Availability Services to the program. Sungard is a leading provider of network and cloud computing security services.
The rise in ransomware attacks throughout the industrial sector has led to a surge in another, related activity – the purchasing of cyber insurance to help soften the blow of these attacks.But today’s guest emphasizes that beyond just insurance to cover the costs of these intrusions, the manufacturing sector needs to implement more proactive strategies that encompass prevention and recovery.I’m pleased to welcome Allen Jenkins, VP of Cybersecurity Consulting at InterVision to this episode of Security Breach. InterVision is a leading provider of services focused on enterprise network security. For more information on the work InterVision does, you can go to www.intervision.com
There were a lot of trends emanating from the mid-1980s that thankfully died out over time, but one of them has not only persisted, but thrived. Although there were numerous samples of malware impacting early computer networks, the one that captured both headlines and the admiration of cyber criminals was the PC-Write Trojan virus. Iterations would follow, with perhaps the best known example of industrial malware – Stuxnet – being introduced about 25 years later. It would be topped by WannaCry Ransomware just seven years after that. In all these cases, bad actors were able to probe vulnerabilities, identify weak spots, and exploit these lapses in erasing data, eliminating access, or promising more extensive damage if their monetary demands were not met. These viruses, worms and malicious coding is still present today, and those armed with this malware have gotten smarter, their attacks more complex, and their search for victims more intense. The industrial sector and municipal utilities, with their combination of lucrative IP, essential production models and lagging security protocols, have become a favorite target. Joining us today to help navigate this minefield of bad actors is Marty Edwards. He’s the Vice President of OT Security at Tenable – a leading provider of infrastructure and cloud network software and security solutions. 
The surge in cyberattacks experienced by the industrial sector has been credited to a number of issues ranging from outdated security software to lagging protocols surrounding data access and storage. But, according to today’s guest, one of the main reasons we’ve seen an uptick in these attacks could simply be because they’re more profitable.Joel Burleson Davis is the CTO of SecureLink – a leading provider of secure access management solutions. He notes that in addition to manufacturing being the second-most targeted sector, it offers the largest average payout for ransomware attacks. So the industrial sector now faces the multi-faceted realities of attacks that are more complex, Russian hackers more emboldened by the Ukrainian conflict, and a greater number of vulnerabilities stemming from an uptick in connected devices throughout manufacturing.
You’ve probably heard a number of reports citing ransomware as the leading attack strategy within the industrial sector. In some instances, it’s been reported that ransomware groups are focusing as much as 70 percent of their activity on manufacturing enterprises. In one report from ICS security specialist Dragos, it was reported that 65 percent of all attacks thrown at the industrial sector were of the ransomware variety. And according to this episode's guest, cybersecurity attacks like these are never a one-and-done occurrence, meaning on-going vigilance against ransomware criminals and the like require on-going security diligence. Greg Scasny is the CTO of Blueshift Cybersecurity, a provider of security solutions focused on helping small and medium-sized enterprises develop and maintain a security posture that simultaneously defends against attacks while working to preserve ongoing operations.
The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. Just as you continue to develop new strategies to respond to hacks and protect you digital presence, these bad actors are continuing to update and enhance their schemes in order to improve the success rate of their attacks. In an effort to help counter these bad actors and stay a step ahead, NETSCOUT Systems recently unveiled their bi-annual Threat Intelligence Report. It offers insight on the continued threats presented by Distributed Denial of Service and ransomware attacks. To help walk us through the report and offer additional insight on some of the new tactics being utilized to carry out these legacy cybersecurity attacks is NETSCOUT’s Threat Intelligence Lead, Richard Hummel.For more information on the work NETSCOUT does, you can go to netscout.com. And to get a look at their recent report, you can go to https://www.netscout.com/threatreport
The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. Just as you continue to develop new strategies to respond to hacks and protect you digital presence, these bad actors are continuing to update and enhance their schemes in order to improve the success rate of their attacks. In an effort to help counter these bad actors and stay a step ahead, NETSCOUT Systems recently unveiled their bi-annual Threat Intelligence Report. It offers insight on the continued threats presented by Distributed Denial of Service and ransomware attacks. To help walk us through the report and offer additional insight on some of the new tactics being utilized to carry out these legacy cybersecurity attacks is NETSCOUT’s Threat Intelligence Lead, Richard Hummel.For more information on the work NETSCOUT does, you can go to netscout.com. And to get a look at their recent report, you can go to https://www.netscout.com/threatreport
Know Your Enemy

Know Your Enemy

2022-05-1613:58

While rogue individuals with an agenda and advanced cybersecurity skills are still prevalent, most headline-grabbing hacks are now originating from well-organized, highly talented groups or organizations. Not only does this dynamic provide access to a greater pool of talent, but it makes stopping a multi-faceted attack more difficult.One of the most notorious of these cyber terrorist groups is BlackByte. The Ransomware-as-a-service group recently made headlines by hacking the National Football League’s San Francisco 49ers right before the league’s biggest weekend – the most recent Super Bowl.The group was able to exploit a vulnerability in the team’s Microsoft Exchange server and implement a tool called Cobalt Strike. Users were then sent hourly ransom notes via a print bomb to all printers connected to the infected machine. While the 49ers have downplayed the impact of the hack, it did result in the release of financial documents that BlackByte posted to a site on the dark web. No ransom demands were made public, but the amount of data actually stolen remains unknown.The growing reach, ability and boldness of these groups should give everyone in the industrial sector pause – regardless of your role or job title. If they can access data from a billion-dollar franchise, your IP and financial data is, at least, just as vulnerable.The good news is that we have people like Lauren Podber, Principal Intelligence Analyst at Red Canary, to help guide us in getting ahead of groups like BlackByte. Lauren and her cohorts at Red Canary specialize in managing cybersecurity endpoint detection, planning and response. She recently sat down to discuss BlackByte, the importance of having a response plan at the ready, and what hacks to look out for over the next 12-18 months.
Regardless of the report, survey or research, all data related to industrial cybersecurity makes one thing very clear – the last two years have presented a dangerous uptick in the number of cybersecurity attacks, and the severity of them.So, if knowing is half the battle, the other half is identifying tools to help accomplish the mission. With this in mind, we welcome David Nosibor, Platform Solutions Leads at UL – the well-known leader in global safety certification.Presented with the frightening increase in the number of cyberattacks, the organization recently launched the SafeCyber platform to help organizations improve the cybersecurity of connected products throughout the entire lifecycle. This includes identifying current and future vulnerabilities and providing guidance to some of the obstacles currently preventing these issues from being addressed.
Whether it's the infamous Colonial Pipeline ransomware attack last summer, or an ongoing number of water treatment facility hacks, there’s no doubt that infrastructure facilities have become a favorite target of cyber criminals.In fact, according to a recent report from Skybox Security, the first half of 2021 saw a 46% year-over-year increase in new OT vulnerabilities within organizations charged with running and maintaining key portions of the U.S.'s infrastructure.   In this episode of Security Breach, Alastair Williams, vice president of worldwide systems engineering at Skybox Security,  joins us to help break down some of the social and market factors driving these troubling cybersecurity dynamics. We also discuss ransomware attacks, Log4J challenges, and what he sees as the biggest cybersecurity trends to consider for 2022.
If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streaming subscription service devoted to providing comprehensive cybersecurity training.What follows is the second of two episodes featuring JohnE. Here he talks about some of steps companies can take in guarding against any number of cyberattacks.
If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.Well, that’s what we have with this episode. I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streaming subscription service devoted to providing comprehensive cybersecurity training.What follows is the first of two episodes featuring JohnE. Here he talks about some of the basic, yet vitally important measures every employee can take in guarding against any number of cyberattacks.
In this episode we welcome Theo Zafirakos, the Chief Information Security Officer at Terranova Security, to discuss is company's recently report indicating that the success of phishing schemes continues to escalate. Their findings include data showing that:Nearly one in every five end users (19.8 percent) who received a phishing simulation email clicked on the initial message’s phishing link. 14.4 percent of all end users failed to recognize the simulation’s resulting webpage as unsafe,  and clicked on the malicious file’s download link.This means that the number of initial clickers who ended up downloading the phishing simulation’s webpage file exceeded 70 percent. The growing number of remote workers, combined with the amount of personal and enterprise-level data that can be obtained makes the industrial sector an increasingly appealing target. Going forward, the security firm feels that the industrial sector will need to do more to increase worker awareness of these attacks in understanding how to respond, or more importantly, how not to react to the messages these attackers use.
In this episode of Security Breach, we're joined by Thierry Aubry, a Sales Executive at Open Systems. Open Systems recently offered a look inside a phishing scheme and potential malware attack experienced by one of their customers. While this global manufacturer of home and commercial appliances will remain anonymous, Thierry will walk us through how the attack was instigated, how Open Systems was able to respond, and what steps you can take to avoid and respond to potential attacks against your systems and proprietary data.
Comments 
Download from Google Play
Download from App Store