ICS

February 11, 2019

THREAT RESEARCH

What you can learn from Cisco Talos’ new oil pumpjack workshop

To demonstrate how industrial control systems (ICS) interact with networks, Talos releases a 3-D printed oil pumpjack connected to a simulated programmable logic controller (PLC) supporting two industrial protocols.

OT Intent-Based Security Policies

When implementing security on the plant floor, the friction between IT and OT is mischaracterized as a problem of “control”. The solution depends on two factors – visibility and automation.

April 13, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router

Vulnerabilities have been identified in Moxa EDR-810, an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is designed for Ethernet-based security applications in remote control or monitoring networks.

April 10, 2017

THREAT RESEARCH

From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks

Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks.

December 20, 2016

THREAT RESEARCH

IEC 104 Protocol Detection Rules

IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and...

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary […]