cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
SCADA Solutions

This space covers Check Point's solutions for Industrial Control Systems (ICS) & SCADA Security.

Shlomi_Feldman
inside SCADA Solutions Tuesday
views 73
Employee+

Omron CX-One IPS protections

Hi ICS followers in the last several weeks, we add/improved 2 important protections to our IPS signatures related to Omron CX-One vulnerabilities. https://www.checkpoint.com/defense/advisories/public/2018/CPAI-2018-0484.html https://www.checkpoint.com/defense/advisories/public/2018/CPAI-2018-1210.html why it is so important? that I bother to inform you about it. with the CX-One Omron present unique approach by providing one software suite allows users to build, configure, and program a host of devices such as PLCs, HMIs, motion-control systems and networks using just one software package with one installation and license number. This greatly reduces the hassle of software maintenance and management at both the End-User and OEM level.  While we all can acknowledge the operational benefit of having one software to configure all ICS systems. From cyber perspective it might be extremely dangerous, when this software suffer from vulnerabilities which allow the attacker to damage the projects files outcome.    
Shlomi_Feldman
inside SCADA Solutions Sunday
views 112
Employee+

Operational Technologies Cyber Security Alliance - OTCSA

come and join us at the OTCSA https://otcsalliance.org/ together we can beat the risk!!! If you want further details please contact me
Shlomi_Feldman
inside SCADA Solutions 2 weeks ago
views 194 1
Employee+

A Notorious Iranian Hacking Crew Is Targeting Industrial Control Systems

Hi all ICS/SCADA followers, just wanted to share with you the following published article https://www.wired.com/story/iran-apt33-industrial-control-systems/ It seems that the Iranian team is shifting his focus from IT to OT and critical infrastructures networks. if you have any question please contact me and let discuss it
Shlomi_Feldman
inside SCADA Solutions 4 weeks ago
views 178
Employee+

The Internet of Things Asks: Comfort or Privacy?

a short clip worth load of words..... The future is here, but are we really ready for it? how do we protect our IOT technologies? we at Check Point got a clue, check out our new IOT controller    [video]
Shlomi_Feldman
inside SCADA Solutions 4 weeks ago
views 190
Employee+

Nuclear Power Corporation confirms malware in computer at Kudankulam plant - update

hi just wanted to share with you a publication in Cp blog concerning the incident   https://blog.checkpoint.com/2019/11/07/how-malware-detected-at-indias-nuclear-power-plant-could-have-been-prevented/?utm_source=browser&utm_medium=push-notification&utm_campaign=push-notification-blog  
Shlomi_Feldman
inside SCADA Solutions 2019-10-30
views 199
Employee+

Nuclear Power Corporation confirms malware in computer at Kudankulam plant

Hi SCADA experts, I want to share with you the following publication concerning a cyber incident at a power plant in India https://www.indiatoday.in/india/story/nuclear-power-corporation-confirms-malware-in-computer-at-kudankulam-plant-1614115-2019-10-30   we notice once again that systems that supposed to be segmented or even air-gaped, still getting penetrated. For my point of view the biggest problem is not the event itself, but the fact the NPCIL denied the existence of the event.   I will continue to follow-up and to keep you updated
Shlomi_Feldman
inside SCADA Solutions 2019-10-21
views 206
Employee+

ICS communication types

Hi Checkmates, Just wanted to share with you few options of ICS communication type you might find our there. according to your opinion, what is the best option which offer the highest level of security with the major operational flexibility? holding for your comments          
Shlomi_Feldman
inside SCADA Solutions 2019-10-16
views 209
Employee+

Vulnerabilities Remediation

Hi Checkmates, Almost on weekly bases we get notifications about new detected vulnerabilities related to OT/ICS equipment. In several cases these vulnerabilities make a huge buzz in the market, like we noticed with the VxWorks Urgent/11. In most cases it takes significant amount of time for the vendors to deliver patches to solve the vulnerabilities and on the same time we shouldn’t forget the fact that OT/ICS customers don’t patch their equipment.     Attached you can find the recently released notification by Schneider electric concerning a vulnerability at high-end PLC M580. The reason I share with you the info, is not because this vulnerability is special, but to show you how simple the vendor remediation instructions are and even more important how it correlate with our story.   Set up network segmentation and implement a firewall to block all unauthorized access to port 80/HTTP on the controllers. Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network. All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.   Next time you will need to address this issue with your customers, please don’t forget to show this example for the customer.
Shlomi_Feldman
inside SCADA Solutions 2019-10-16
views 266 3
Employee+

BLUEPRINT FOR SECURING INDUSTRIAL CONTROL SYSTEMS

Hi Checkmates, I want to share with you all the latest document we released concerning ICS security. This is by far one of the most detailed documents currently available in the market which can assist most of us when coming to design a solution for ICS environment. https://www.checkpoint.com/downloads/products/cp-industrial-control-ics-security-blueprint.pdf   Special thanks for Jeroen De Corel for the excellent work writing this paper.
Shlomi_Feldman
inside SCADA Solutions 2019-10-02
views 257 1
Employee+

OT CYBER SECURITY INCIDENTS MATRIX

Hi to all SCADA/ICS followers I found a very interesting article by FireEye research team. I liked how they created categories and classes and what kind of equipment take part of these classes. Further I liked how they took major attacks which occurred, how sophisticated they were and how deep was it impact on OT network.  I hope you will find this information interesting    https://www.fireeye.com/blog/threat-research/2019/09/ontology-understand-assess-operational-technology-cyber-incidents.html      
Shlomi_Feldman
inside SCADA Solutions 2019-10-02
views 365 4
Employee+

Urgent/11 - 11 Zero Day Vulnerabilities Impacting VxWorks, the Most Widely Used Real-Time Operating

In the last several days, we notice a large campaign advising about discovered vulnerabilities concerning VxWorks operating system. some publications claim that the vulnerabilities effect 200 million devices, while other claim it effect up to 2 billion devices. The danger of these vulnerabilities stand in the fact that this operating system is very common in use in s variety large and completely different sectors. in addition, there is no clear visibility which devices exactly uses this operating system. Even the researcher which found the vulnerabilities https://armis.com/urgent11/#/devices are unable to provide exact and detailed list about the effected devices. this lack of visibility pose real difficulty for the users attempting to mitigate this risks. I would be more than happy to get your comments and thoughts about the issue
Shlomi_Feldman
inside SCADA Solutions 2019-09-28
views 282
Employee+

The Cyber Risk to Food Processing and Manufacturing

Every time when ICS/OT topic is discussed, we immediately think about critical infrastructure and utilities, running in our heads the most terrible apocalyptic scenarios.  however we never stop a second to think about the system that responsible to provide us the food we eat.  these system are less critical/important than utilities? what can be a possible effect on our lives and what might be the risks? ICS and IOT technologies are an important part of the food industry and these system should be protected as any other ICS/IOT system. I found this document which focus on the 
Shlomi_Feldman
inside SCADA Solutions 2019-09-25
views 255
Employee+

ThreatCloud - Threatmap

I love to watch the threatmap for hours. however I didn't liked the fact that the most targeted industries are utilities. Understanding the effect of a possible cyber attack on utilities is just terrifying. 
Shlomi_Feldman
inside SCADA Solutions 2019-09-24
views 257 1
Employee+

Rogue 7: Black hat full session

hi SCADA experts, finally released an uploaded to YouTube!!! the full session from Black hat concerning the rogue 7 Siemens S7-1500 vulnerabilities. it amazing to see how vulnerable the latest and most secured PLCs by Siemens are.
Shlomi_Feldman
inside SCADA Solutions 2019-09-08
views 145
Employee+

Developing Cyber Resilient Systems

Hi to you all OT/SCADA/IOT cyber experts I want to share with you the latest document released by the NIST organization. I highly recommend you to go directly to Appendix I and J which directly relate to OT systems and then to return and to read the relevant parts. enjoy