The world's most capable, rugged and secure
industrial control system...

Introducing Bedrock OSA® Remote

  • Intrinsically-secure PLC and RTU control
  • 10 or 20 channels of universal I/O
  • Free IEC 61131-3 engineering software
  • -40ºC to +80ºC temperature range
  • Rugged, all-metal case 5.4 in x 8.9 in x 2.3 in
Learn More

Industry News

Cyber Attacks
 

NSA and CISA Warn of Immediate Cyber Threats to Unauthenticated PLCs and other Operational Technology  

July 31, 2020
Robert Bergman

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have urged critical infrastructure facilities to take immediate action to secure their operational technology assets. Prompting the warning are the following recently observed hacking tactics, techniques, and procedures.

 

  • Connecting to Internet Accessible PLCs [T883] requiring no authentication for initial access.
  • Spearphishing [T1192] to obtain initial access to the organization’s information technology (IT) network before pivoting to the OT network.
  • Deployment of commodity ransomware to Encrypt Data for Impact [T1486] on both networks.
  • Utilizing Commonly Used Ports [T885] and Standard Application Layer Protocols [T869], to communicate with controllers and download modified control logic.
  • Use of vendor engineering software and Program Downloads [T843].
  • Modifying Control Logic [T833] and Parameters [T836] on PLCs.

The NSA/CISA recommendations are extensive, including developing a resilience and response plan should they get hacked, inventory vulnerable assets and risks, harden their networks, and implement vigilant monitoring. Read the full report here.

 
Cyber Attacks

U.S. Agencies Warn About New Malware Threat Exploiting Proxy Server Vulnerabilities

August 4, 2020
Robert Bergman

The CISA, the FBI, and the DoD have issued a malware report warning about the dangerous new TAIDOOR malware variant. […]

Cyber Attacks

Driving Costs out of Upstream Oil & Gas Operations with Open Secure Automation

July 31, 2020
Robert Bergman

A recent study from Rystad Energy Group estimates that automation and digitalization can save upstream operators $100 billion in the […]

Cyber Attacks

Limited Scalability Challenges ROI for Bolt-on OT Network Cyber Security

July 31, 2020
Robert Bergman

Writing in a recent issue of helpnetsecurity.com, SCADAfence CEO Elad Ben-Meir calls attention to a significant drawback of bolt-on industrial […]