Several years ago Stuxnet made the public aware of the reality of critical infrastructure cyber-attacks by a nation-state. It was also one of the earliest examples of an IoT attack where the PLCs that connected to the system were infected. In 2015 an attack of the Western Ukraine electrical grid left 230 000 people without […]
Read more →
In the world of IT/OT cybersecurity, there is no silver bullet. What you can do in your organization is to minimize the attack surfaces and threat vectors, and be vigilant and proactive in your defense against adversaries. To that end, we suggest that you implement a multilayered defense-in-depth cybersecurity strategy and stop the cyber threat […]
Read more →
As Operational Technologies (OT) for the Industrial Internet of Things (IIoT) proliferate and converge with enterprise IT systems, CSOs and CIOs need to assess the risks with their growing attack surface. Top of the list should be looking at the potential threats and cyber attacks emanating from the network, given the convergence of OT and […]
Read more →
To many people, the Internet of Things (IoT) seems like a new concept. They run around with the idea that IoT is a recent collection of Wi-Fi-enabled Internet-accessible gadgets, from coffee makers, soda machines and refrigerators to Google Glass and FitBits®. Though these are fun toys with some usefulness, most deliver limited utility. These devices are placed on the Internet […]
Read more →
Hello IIoT World readers, and thanks for engaging with my column. Over the course of the next few months, I plan to write on a number of topics that are, individually, highly relevant to the IIoT Security realm. Perhaps more importantly, many of these topics can be viewed as being all inter-related in a way that […]
Read more →
Industrial espionage is nothing new. Theft of trade secrets and corporate intellectual property (IP) such as proprietary manufacturing processes, formulas, recipes, and product designs has been happening for decades. And you probably already know this if you work in industries such as manufacturing, pharmaceuticals, and chemicals. What is industrial espionage? Industrial espionage is sometimes credited […]
Read more →
If you’re following industrial cyber security trends you know that industrial networks, endpoints and control systems typically have inherent weaknesses that make them insecure and vulnerable to compromise through digital methods. With 5.6 million newly connected devices added per day in 2016 and an estimated 21 billion online by 2020, these current growth trends only […]
Read more →
Since the mid-1990s, many industrial companies have interconnected their industrial control systems (ICSs) to improve productivity, maintenance, and safety in the operational environment. Some of this interconnectivity was to the Internet. While, this connectivity helped to improved the efficiency, security was at best a minimal consideration. The lack of adequate security planning has resulted in […]
Read more →
Less than 6 weeks after the WannaCry attack, a new ransomware called “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows — the same bug that was exploited in May. How to Protect Yourself against Petya ransomware and why Ukraine was the first […]
Read more →
There are lots of terms thrown around these days, such as: Internet of Things (IoT), Industrial Controls Systems (ICS), Operational Technology (OT). What this means is that there are billions of interconnected consumer devices and industrial systems, not running a traditional computer operating system. This number dwarfs the number of traditional computer systems and it […]
Read more →
The National Cybersecurity and Communications Integration Center (NCCIC) is aware of public reports from ESET and Dragos outlining a new, highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine. As reported by ESET and Dragos, the CrashOverride malware is an extensible platform that could be […]
Read more →
Recently there was a global ransomware cyberattack as never seen before. This single attack affected more than 200 000 computers and wreaked havoc on financial institutions, healthcare organizations and transportation to name just a few. This is the kind of attack that utilities and other critical infrastructure operators must guard against. “To put the problem […]
Read more →
Virtual • Dec 10–11, 2025
Free registration now open — limited tickets!
Webinar | Sponsored by HighByte
Nov 5, 2025 • 10:00 AM ET
1-hour virtual session — Free to attend!