How Does Triton Attack Triconex Industrial Safety Systems?
In this technical report, Cisco's IoT Security Lab describes one of the most famous attacks on Triconex industrial systems. Learn how your industrial operations could be exposed.
IT and OT Cybersecurity: United We Stand, Divided We Fall
IT-OT collaboration is mandatory for securing industrial networks. But what’s in it for both teams? How can they build this partnership? What does converged IT/OT security operations actually mean?
Ripple20: Critical Vulnerabilities Might be Putting Your IoT/OT Devices at Risk
Ripple20 are critical vulnerabilities targeting IoT and OT assets. Learn how Cisco Cyber Vision and ISA3000 can help you detect them and protect your industrial operations.
What you can learn from Cisco Talos’ new oil pumpjack workshop
To demonstrate how industrial control systems (ICS) interact with networks, Talos releases a 3-D printed oil pumpjack connected to a simulated programmable logic controller (PLC) supporting two industrial protocols.
OT Intent-Based Security Policies
When implementing security on the plant floor, the friction between IT and OT is mischaracterized as a problem of “control”. The solution depends on two factors – visibility and automation.
Vulnerability Spotlight: Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router
Vulnerabilities have been identified in Moxa EDR-810, an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is designed for Ethernet-based security applications in remote control or monitoring networks.
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks
Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks.
IEC 104 Protocol Detection Rules
IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and...
HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments
The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary […]