OT Security Blog Articles
Insights on Resilience, Vulnerability Management, and More
Misjudging OT security risk: The case of “active” vs. “passive” scanning
If you have followed the marketing buzz in the OT security software space, you cannot have missed the hype around "passive network scanning", which is a hallmark of network anomaly detection products. Interestingly, this buzz expects you to ignore the following...
Die fünf besten Schutzmaßnahmen gegen Cyber-Angriffe und Schadsoftware
Wer die Medien verfolgt, weiß: Ausgefeilte und umfangreiche Cyber-Angriffskampagnen nehmen zu. Das führt gemeinhin zu zwei unterschiedlichen Reaktionen. Einige Beobachter verfallen in Fatalismus, da gegen staatliche Angreifer aus Russland, China usw. wohl ohnehin kein...
Was steckt hinter dem Cyber-Angriff auf das Triconex-Safety-System?
Nun ist es also passiert: Erstmals wurde mit voller Absicht ein Safety-System in einer chemischen Anlage im Produktivbetrieb mit Schadsoftware angegriffen. Der Angriff wurde rechtzeitig erkannt, bevor Schaden angerichtet werden konnte. Kein Grund zur Entwarnung jedoch...
Siemens S7 als Proxy-Server für Cyber-Angriffe in das Prozessnetz
Dreizehn Jahre hat es gedauert, bis chinesische Hacker herausgefunden haben, wozu man die Step7-Kommunikationsbausteine TCON, TSEND und TRECV gebrauchen kann: Um eine S7 in einen Proxy-Server umzufunktionieren, von dem aus sich Cyber-Angriffe in das Prozessnetz...
Combinatorial failure modes and coordinated malfunction: Why we need to upgrade safety wisdom in a digital world
If you are working in the field of industrial safety, you know two things to be true: Safety is built on solid engineering principles and has an incredibly successful track record. For complex environments, it is getting more and more difficult to fulfill the promise...
Tactical OT Security, or: how to make a difference at the execution level
Tactical OT security is an approach that can make your OT security efforts more effective. Here is how. If you are working in OT security, you will probably have noticed that most organizations struggle to gain any momentum with their security efforts. Some might not...
How can you get a solid OT/ICS security plan for free?
A leading cause of inefficient and frustrating OT security efforts is the lack of a top-down approach that starts with top management and a solid high-level cyber security plan. Such a plan is a comprehensive yet brief breakdown of all the major activities the...
Why a cyber strike against North Korean nuclear assets is unlikely
Several media people have inquired if we should expect a cyber strike against the North Korean nuclear program, or why such strike didn't happen already. Here is my answer. A cyber strike against North Korean nuclear assets is highly unlikely, and here is why. I don't...
Why we don’t use network traffic anomaly detection in OT-BASE
OT-BASE is our strategic software product that helps customers to build a reliable and safe IIoT, and to ensure that IT/OT convergence is efficient and smooth rather than a culture clash. In many