UK will propose law to ban ransom payments for critical infrastructure entities. EPA outlines enforcement measures to protect water utilities against cyberattacks. Rockwell advises customers to disconnect ICS devices from the internet. Senator Vance asks CISA for information on Volt Typhoon. Guest Kimberly Graham of Dragos joins Dave to discuss regulatory compliance issues. Programming Note. Control Loop is going on a temporary hiatus. Thank you for being a loyal listener. N2K CyberWire will be ...
Jun 05, 2024•18 min•Season 2Ep. 51
US Defense Department warns of Russian hacktivists targeting OT devices. The US government establishes safety and security board to advise the deployment of AI in critical infrastructure sectors. Vulnerabilities affect CyberPower UPS management software. US congressmen put forward water system cybersecurity bill. Encore guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. The ...
May 15, 2024•25 min•Season 2Ep. 50
Mandiant ties OT attacks to Sandworm. Russia-linked hackers target Texas water utilities. Belarusian hacktivists hit fertilizer company. CISA issues eight ICS advisories. Dave Bittner's Caveat podcast co host Ben Yelin joins him to discuss pending legislation with potential to affect critical infrastructure, as well as the Department of Energy’s assessment of the potential risks and rewards from AI. The Learning Lab is on a hiatus this episode, and will be returning soon! Control Loop News Brief...
May 01, 2024•24 min•Season 2Ep. 49
Chinese-manufactured devices in US networks see a 41% YoY increase. Ukraine-linked hackers deploy ICS malware against Russian infrastructure company. A look at cyberattacks that had physical consequences in 2023. Lessons from NERC’s GridEx exercise. Extension requested for comment period on CISA’s incident reporting rule. Guest Kate Ledesma, Senior Director Government Affairs at Dragos, talks about the Cybersecurity Incident Reporting for Critical Infrastructure Proposed rule (CIRCIA). The Learn...
Apr 17, 2024•47 min•Season 2Ep. 48
Sellafield nuclear waste site to be prosecuted for alleged cybersecurity failings. CISA issues draft proposal for cyber incident reporting by critical infrastructure entities. Threat actor targets Indian government and energy entities. Suspicious NuGet package appears to target developers in the industrial sector. Guest Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, shares their CIRCIA Notice of Proposed Rulemaking. The Learning Lab returns! Mark Urban and Josh Hanrahan ...
Apr 03, 2024•34 min•Season 2Ep. 47
Researchers discover a way to hijack web-based PLCs. Threat actor targets manufacturing entities in North America. US Department of Defense launches CORA program. CISA issues ICS advisories. Guest Aura Sabadus, Senior Journalist at ICIS, joins us to discuss how energy insiders are approaching the renewed risks of China's ramp up toward potential attacks on critical infrastructure and what the energy industry is saying about these risks. The Learning Lab is taking a break and will return soon. St...
Mar 20, 2024•29 min•Season 2Ep. 46
NIST releases Cybersecurity Framework 2.0. Biden administration issues executive order on maritime cybersecurity. Suspected Chinese threat actor continues to exploit Ivanti vulnerabilities. ThyssenKrupp sustains ransomware attack. Guests Liz Martin, Global Advisory Solution Architect at Dragos, and Blake Benson, Senior Director at ABS Group, talk through the latest Maritime Executive Order. The Learning Lab is taking a break and will return soon. Stay tuned. Control Loop News Brief. NIST release...
Mar 06, 2024•29 min•Season 2Ep. 45
Five Eyes publish report on Volt Typhoon. Volt Typhoon targets emergency management services in the US. Siemens and Schneider Electric issue patches. Guest is Magpie Graham, Principal Adversary Hunter Technical Director at Dragos, sharing the findings of Dragos Cybersecurity Year in Review report. The Learning Lab segment will return next episode. Control Loop News Brief. Five Eyes publish report on Volt Typhoon. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critic...
Feb 21, 2024•32 min•Season 2Ep. 44
Volt Typhoon targets US critical infrastructure. Ransomware attacks in the OT sector. Ransomware attack against Johnson Controls cost $27 million. Bill would add ICS security to President’s Cup Cybersecurity Competition. Guest is Dragos CEO and Founder Robert M. Lee from the hearing before the U.S. Congressional Subcommittee on Cybersecurity and Infrastructure Protection on February 6, 2024. We share Rob’s opening statement before the committee. On the Learning Lab, we have the concluding part o...
Feb 07, 2024•29 min•Season 2Ep. 43
An analysis of cyberattacks against Danish energy infrastructure. US government outlines threats posed by Chinese-manufactured drones. Vulnerability in Bosch thermostats. OIG says CISA needs to improve collaboration with the water sector. Guests Mark Stacey of Dragos and Charles Kano from WestCap discuss cyber insurance as an important part of your organization's security plan. On the Learning Lab, we have the first part of a 2-part discussion on building community in OT that Dragos Mark Urban h...
Jan 24, 2024•43 min•Season 2Ep. 42
Responses to Aliquippa water authority attack. Predatory Sparrow disrupts Iran’s gas stations. MITRE launches a threat model for critical infrastructure embedded devices. Guest Dawn Cappelli, Head of Dragos's OT-Cyber Emergency Readiness Team shares details about the launch of Dragos’s free community initiative to protect small utilities that serve majority of Americans. Learn more about the Dragos Community Defense Program that includes Dragos Platform and Neighborhood Keeper. On the Learning L...
Jan 10, 2024•40 min•Season 2Ep. 41
Rockwell Stratix routers vulnerable to Cisco zero-day. SecurityWeek’s ICS Cyber Security Conference. Malware attacks against IoT devices increase by 400%. Nuclear power plant operator cited over cybersecurity plan. CISA’s ICS advisories. Guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. On the Learning Lab, Mark Urban shares the second part of his conversation about cyber t...
Dec 27, 2023•43 min•Season 2Ep. 37
Iranian hacktivists hit Pennsylvania water utility. Attacks against water systems are an instance of a larger threat. Supply chain vulnerabilities in the electrical sector. Guest Nick Sanna of the FAIR Institute and Safe Security talks about the challenges the White House faces in attempting to harmonize critical infrastructure regulations. The Learning Lab has part 2 of the 3-part discussion on building automation systems that Dragos Mark Urban had with colleagues Daniel Gaeta and Zach Spencer....
Dec 13, 2023•41 min•Season 2Ep. 40
GRU's Sandworm implicated in campaign against Danish electrical power providers. Paris wastewater agency hit by cyberattack. LockBit hits Boeing. Bletchley Declaration represents a consensus starting point for AI governance. The US Executive Order on artificial intelligence is out. Guest Austin Reid of ABS Group discusses Ship and Shore challenges for security and the current and emerging regulatory landscape. On the Learning Lab, Dragos Mark Urban part 1 of 3 discussing building automation syst...
Nov 29, 2023•38 min•Season 2Ep. 29
A cyber incident disrupts Australian ports. Sandworm and Ukraine's power grid: 2022 attacks. Department of Energy hosts simulated cyberattack competition. CISA, FEMA, and Shields Ready. Cyber and electronic threats to space systems. Four cyber phases of a hybrid war. Guest Austin Reid of ABS Group discusses cyber risk and threats to Maritime Transportation Systems (MTS). On the Learning Lab, catch an encore of Dragos CEO Robert M. Lee and Mark Urban about the five critical controls for ICS. Cont...
Nov 15, 2023•37 min•Season 2Ep. 38
Rockwell Stratix routers vulnerable to Cisco zero-day. SecurityWeek’s ICS Cyber Security Conference. Malware attacks against IoT devices increase by 400%. Nuclear power plant operator cited over cybersecurity plan. CISA’s ICS advisories. Guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. On the Learning Lab, Mark Urban shares the second part of his conversation about cyber t...
Nov 01, 2023•43 min•Season 2Ep. 37
Microsoft on the state of OT security. Israeli and Palestinian hacktivists target ICS. Coinmining as an (alleged, potential) front for espionage or stage for sabotage. EPA withdraws water system cybersecurity memorandum. Colonial Pipeline says new ransomware claims are due to unrelated third-party breach. Most organizations are struggling with IoT security. CISA views China as the top threat to US critical infrastructure. Improving security for open-source ICS software. CISA ICS advisories. Gues...
Oct 18, 2023•53 min•Season 2Ep. 36
Johnson Controls sustains cyberattack. Nearly 100,000 ICS services exposed to the Internet. FBI anticipates an increase in Chinese and Russian targeting of the energy sector. Joint advisory warns of Beijing’s “BlackTech” threat activity. CISA's push for hardware bills of materials. Cybersecurity in the US industrial base. Guest Michael Toecker, Cyber Security Advisor at the United States Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, continues his discus...
Oct 04, 2023•42 min•Season 2Ep. 35
Redfly cyberespionage targets a national grid. DHS Threat Assessment looks at critical infrastructure threats. A look at the ICS threat landscape. DoE grants for research into distributed energy cybersecurity. CISA offers free vulnerability scanning for water infrastructure. CISA issues ICS advisories. Guest Michael Toecker, Cyber Security Advisor at the United States Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, discusses community defense. On the Lear...
Sep 20, 2023•36 min•Season 2Ep. 34
Crude "cyberattack" on rail control systems stops Polish trains. Energy One discloses cyberattack against its corporate systems. NIAC calls for a National Water Strategy. Department of Energy holds contest to provide cybersecurity funding for rural utilities. Researchers aim to secure US military’s power grids. A technical issue grounds the UK’s air traffic control system’s automated features. Guest Mark Ryland, Director of the Office of the CISO at Amazon Web Services, joining us as part of a D...
Sep 06, 2023•38 min•Season 2Ep. 33
Radiation sensor reports from Chernobyl may have been manipulated. South African power generator hit with malware. APT31 linked to attacks on industrial systems in Eastern Europe. Environmental regulation and increased maritime cyber risk. CISA Director warns of Chinese infrastructure attack staging. Threats to the power grid. CODESYS vulnerabilities. Today's guest is Dragos’ Lesley Carhart, sharing their RSAC 2023 talk on real world stories of incident response and threat intelligence. The Lear...
Aug 23, 2023•34 min•Season 2Ep. 32
The Five Eyes outline the top exploited vulnerabilities. The Brunswick Corporation loses millions to cyberattack. Ransomware in the industrial space. The US Transportation Security Administration (TSA) updates security rules for oil and natural gas pipeline operators. Our guest is Mea Clift of Woodard & Curran sharing her perspective on mentorship, internships, and apprenticeships with an eye on OT security. The Learning Lab has the first part of a discussion about the convergence of OT and ...
Aug 09, 2023•38 min•Season 2Ep. 31
An unnamed APT has a remote code execution exploit for Rockwell Automation ControlLogix communications modules. Court temporarily blocks water system cybersecurity mandate. Industrial controller vulnerabilities pose a risk to critical infrastructure. US Federal government issues voluntary IoT security guidelines. Our guest is Mea Clift of Woodard & Curran discussing how compliance should not be a checkbox activity with an eye on OT security and shares her experience in securing the water/uti...
Jul 26, 2023•36 min•Season 2Ep. 30
Japan’s largest port disrupted by ransomware. Cl0p breaches Schneider Electric and Siemens Energy. Solar panel vulnerabilities. Threats and risks to electric vehicle charging stations. RedEnergy ransomware and information stealer targets industrial sectors. CISA advisories. Our guest is Christopher Ebley from Blackwood returns to discuss the IT/OT cultural divide in the federal space and IT threats that are impacting OT systems. The Learning Lab continues with part 2 of the 3-part discussion bet...
Jul 12, 2023•41 min•Season 2Ep. 29
The US Department of Energy was affected by Cl0p exploitation of MOVEit Transfer. Canada’s oil-and-gas sector is a likely target for Russian cyberattacks. Nuclear weapons cybersecurity is lacking. Access to a US satellite is being hawked in a Russophone cybercrime forum. ICS patches. Today’s guest is Christopher Ebley from Blackwood talking with us about OT cybersecurity concerns for Federal IT leaders. The Learning Lab has part one of a 3-part discussion between Dragos’ Mark Urban and Vulnerabi...
Jun 28, 2023•38 min•Season 2Ep. 28
The Cyberspace Solarium Commission looks at obstacles to public-private collaboration in the industrial sector. Malware in the industrial sector increases. Organizations plan to increase their OT cybersecurity budgets. CISA and its partners have released a Joint Guide to Securing Remote Access Software. And the US DoD holds its Cyber Yankee exercise. Today’s guest is Will Edwards of Schweitzer Engineering Labs discussing cyber awareness syndrome. The Learning Lab has the conclusion off the discu...
Jun 14, 2023•49 min•Season 2Ep. 27
China's Volt Typhoon snoops into US infrastructure, with special attention to Guam. Is CosmicEnergy just red-teaming, or is it a threat straight out of Red Square? Siemens patches a vulnerability endemic to the energy sector. An update on the Vulkan Papers. A cyberattack leads Suzuki to shut down its Indian production line. BlackBasta conducts ransomware attack against Swiss technology company ABB, and claims responsibility for Rheinmetall attack. Food and Agriculture Information Sharing and Ana...
May 31, 2023•40 min•Season 1Ep. 26
Ukraine argues that cyberattacks against civilian infrastructure should be classified as war crimes. The Five Eyes take down Turla and its Snake malware. An Iranian threat actor turns its attention to infrastructure. The Bitter APT may be targeting Asia-Pacific energy companies. A Colonial Pipeline retrospective. ETHOS: a new private-sector OT risk information-sharing platform. CISA requests comment on software self-attestation form. Guest is Patrick Miller, CEO of Ampere Industrial Security, di...
May 17, 2023•44 min•Season 1Ep. 25
Hacktivists versus irrigation. Maritime cybersecurity. JCDC and pre-ransomware notification. Ransomware at Fincantieri Marinette Marine. NSA warns of Russian ransomware disrupting supply chains. Guest Mike Hoffman is Technical Leader Global Services at Dragos & a SANS instructor. Mike will be discussing IT/OT misalignment.. In the Learning Lab, Dragos’ Mark Urban is joined by Dragos’s Senior Product Manager Jordan Wilkerson to dig into ICS network visibility and monitoring, which is the thir...
May 03, 2023•47 min•Season 1Ep. 24
Cyberattacks against Canada’s agriculture sector. Hitachi ransomware incident. Africa’s industrial sector under cyberattack. TSA issues new aviation cybersecurity requirements. Ransomware Vulnerability Warning Pilot supports critical infrastructure operators. Patch Tuesday and OT. Guest JD Christopher, Dragos’ Director of Cyber Risk, discusses ICS security standards and regulations and how efforts finalized in 2022 will shape the OT programs of the next decade. In the Learning Lab, Dragos’ Mark ...
Apr 19, 2023•42 min•Season 1Ep. 23
