cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Shlomi_Feldman
inside SCADA Solutions Saturday
views 65 1
Employee+

A funny approach what is PLC

Many times I think that the ICS/SCADA cyber security subject, is too serious based on doomsday imagination. this is why I like such comic publication, as it explain us the subject but still don't save us from all the fear aspects. small spoiler, I never thought that the first ICS cyber attack took place in the star-wars movies
Shlomi_Feldman
inside SCADA Solutions 2 weeks ago
views 66
Employee+

Schneider Electric Modicon Controllers

2 days ago the US ICS-CERT released a vulnerability notification related to Schneider electric Modicon Controllers. you can find the notification attached. While Schneider offer to M580 and M340 controllers owners, a firmware update which solves the vulnerability. Schneider don't offer any practical solution for Quantum and Premium controllers owners and the only solution is to replace these old controllers with the new models. as controllers upgrade is not a simple nor cheap process, most of the owners will not make it and will remain unprotected. Schneider recommend to mitigate risks associated with this vulnerability, users should immediately set up network segmentation and implement a firewall to block all unauthorized access to Port 502/TCP. This is the first time we notice a vendor of Schneider scale, recommend about specific active Firewall policy to BLOCK to block all unauthorized access to Port 502/TCP.
Shlomi_Feldman
inside SCADA Solutions 2019-06-04
views 557 2
Employee+

How an integrated Firewall on a PLC looks like

just wanted to share with you, so you will know how it is look like.   
Valeri_Loukine
inside SCADA Solutions 2019-05-13
views 324 2
Admin

White Paper - Deploying 1200R Security Gateway with Zero Touch Cloud Service

Author Jon Goldman @Jon_Goldman Abstract: In recent years SCADA and ICS systems have increasingly relied on basic Ethernet, TCP/IP and Windows for all communications, specifically most of the environments use MODBUS, DNP3 SCADA network protocols. Many of these protocols have known shortcomings that make them susceptible to attack. 1200R is a solid-state appliance is specifically designed to secure SCADA (supervisory control and data acquisition) protocols and OT (operational technology) equipment that operates under harsh environmental conditions. Check Point 1200R includes Stateful inspection Firewall, IPS and Application Control software blades. It complies with industrial specifications IEEE 1613, IEC 61850-3, IEC 60068-2 for heat, vibration and immunity to electromagnetic interference (EMI). The purpose of this document is to provide step by step guide on how to deploy multiple 1200R appliances using Zero Touch Cloud Service. For the full list of White Papers, go here.
Valeri_Loukine
inside SCADA Solutions 2019-05-08
views 1345 1
Admin

White Paper - Securing Industrial Control Systems - Check Point AAD

Securing Industrial Control Systems Check Point AAD (Anomaly and Asset Detection) Mapped to NISTIR 8219 Behavioural Anomaly Author @Mark_Barnes Abstract: The US National Institute of Standards and Technology (NIST), National Cybersecurity Center of Excellence (NCCoE), in conjunction with NIST’s Engineering Laboratory (EL) recently released a draft paper, Interagency Report 8219 - named: “Securing Manufacturing Industrial Control Systems: Behavioural Anomaly Detection (BAD)”, putting forth the idea that anomaly detection is an essential tool for owners of Industrial Control Systems (ICS) to identify, mitigate and remediate Cyber threats to Operational Technology (OT) environments. The goal of this document is to raise awareness of a Check Point tool, Asset and Anomaly Detection (AAD), available to ICS owners, both government and commercial and to compare the Check Point solution to the ideas put forth in the NIST paper. For the full list of White Papers, go here.
Shlomi_Feldman
inside SCADA Solutions 2019-05-05
views 1579 3 1
Employee+

Global ICS Vendor Cyber security "best practie"

Schneider Electric recommend their customers the following best practices to secure their industrial networks • Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.• Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.• All controllers should reside in locked cabinets and never be left in the “Program” mode.• All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.• All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.• Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.• Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.• When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices. we can notice immediately that above the physical security solutions, the vendor recommend the use of Firewall for segmentation, threat detection and VPN for remote connectivity. that proves once again how our core solutions are more than relevant to improve cyber-security in OT networks.
Shlomi_Feldman
inside SCADA Solutions 2019-05-05
views 376 1
Employee+

Our IPS team wins once more, with new exclusive signatures for the ICS world

About 10 days ago the US-DHS and US-NIST published the following medium range vulnerability related to Rockwell automation PLCs. https://nvd.nist.gov/vuln/detail/CVE-2019-10955 https://ics-cert.us-cert.gov/advisories/ICSA-19-113-01 Vulnerability details: the vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. in this short period of time, our team managed to investigate and to develop an IPS protection which is capable to prevent an attack exploiting this vulnerability. The protection was released today and at the moment none of our competitors obtain equivalent protection for this vulnerability.
Shlomi_Feldman
inside SCADA Solutions 2019-04-27
views 684
Employee+

Interesting research about Universal Serial Bus (USB) threat vector to ICS networks

These are interesting times for Universal Serial Bus (USB) security. With increasing pressure to limit network access to industrial control systems, industrial plant dependence upon USB removable media to transfer information, files, patches and updates has been greater than ever. At the same time, past research into USB threats has shown that portable USB drives are one of the top threat vectors impacting industrial control systems. the research was done by Honeywell, which is one of the largest ICS global OEM hope you will find it interesting
Shlomi_Feldman
inside SCADA Solutions 2019-04-22
views 1563 1
Employee+

Library of Resources for Industrial Control System Cyber Security

Hi Checkmates, I wanted to share with you this website https://scadahacker.com/library/index.html#sites which can provide you lots of resources for the ICS cyber security domain. I hope you will find it useful
Shlomi_Feldman
inside SCADA Solutions 2019-04-21
views 349 1
Employee+

ICS tailored malware

Hi Checkmates, we all know that ICS/SCADA cyber security is a big and complicated issue. however anyone of you have any estimation how many ICS tailored malware were found? holding for your comments
Bob_Bent
inside SCADA Solutions 2019-04-20
views 11600 7 5
Mod

ICYMI, see the new ICS Security User Guide

ICS Enforcement Using Application ControlCheck Point's ICS/SCADA cyber security solutions provide advanced Threat Prevention to ensure vital systems such as power generation facilities, traffic control systems, water treatment systems and factories are never compromised.Our Next-Generation Firewall enables granular functional control of ICS protocols.Log ICS protocols and commands for forensic analysis of incidents in your operation networks.Application Control allows you to apply various industrial control system (ICS) applications in the Rule Base. You can apply a security policy on specific ICS protocols, or use more granular ICS commands.Thanks Eyal Zaidman for this new SecureKnowledge asset.View the online user guide or download the PDF
Jirao_Wang
inside SCADA Solutions 2019-04-04
views 1064 2
Employee

Do we have a security checkup guide for SCADA device?

Hi, I think it will be more efficient if we can have a security checkup admin guide specifically for SCADA(1200R)? If someone have it please let me know since I cannot find that in the support center. Thank you guys!
Shlomi_Feldman
inside SCADA Solutions 2019-04-04
views 396
Employee+

Thru the Eyes of the Attacker Designing Embedded Systems for ICS

An interesting session explaining attack process on ICS system from A-Z
Patrick_Tuttle1
Patrick_Tuttle1 inside SCADA Solutions 2019-03-20
views 673 5 1

Rugged appliance with full Gaia code?

Hello CheckMates; Anyone know if Check Point is planning on adding to the list of rugged appliances? The 1200R I believe is embedded Gaia ?-pat
Shlomi_Feldman
inside SCADA Solutions 2019-03-20
views 678 1 1
Employee+

how a global massive cyber attack looks like - Norsk Hydro

http://webtv.hegnar.no/presentation.php?webcastId=97819442