Call us! 512-349-0334 or (877) INDUSOFT

Make Sure You’re On the Most Recent Version of InduSoft Web Studio for Security Updates

The best way to ensure that your HMI or SCADA application is as secure and stable as possible is to keep up to date with the most recent version of the software. The current version of InduSoft Web Studio is version 8.1 + SP1 or 8.1.1. Continue reading

Throwback Thursday: Protecting Infrastructure from Zero Day Exploits and Cyberwarfare

While reporting for an upcoming documentary called “Zero Days” by Alex Gibney, a little-known secret Pentagon program named Nitro Zeus was uncovered. Nitro Zeus was created as a fallback plan in the event that nuclear talks between the United States and Iran failed. Under the program, the United States had a contingency plan to use cyber espionage to disable Iran’s air defenses, and communications and power grid. A refined version of the program would focus on the Fordo nuclear enrichment site. Continue reading

State-Sponsored Attacks are Testing Industrial Automation Facilities – Some Tips for Defense

Per a recent US-CERT alert, Russian government-sponsored cyber ‘threat actors’ have been systematically targeting and attacking critical US infrastructure facilities, such as nuclear, water/wastewater, electric grids, and other energy related facilities. These attacks, while not new, are being attributed clearly … Continue reading

The Growing Ransomware Economy and How To Defend Against It

Last year, Ransomware payments reached a billion dollars – an increase of over 4,000% from the previous year. We learned in Carbon Black’s recent report on the ransomware economy that those staggering numbers may only represent the tip of the iceberg.  Continue reading

The NIST Cybersecurity Framework from an Automation and Control Systems Perspective

When reading about the NIST (National Institute of Standards and Technology) directive by Executive Order 13636 to improve critical infrastructure cybersecurity, many, if not most, Control System Engineers and System Integrators just glaze over and turn the page in order to get to a more interesting topic. They may not think it’s their job, or even that learning about the subject might be in their best interest. The current thinking about Control System Security from the point of view of some engineers is to “not think about it” and it will go away… or to “give it to IT” and not worry about it again, or “the customer didn’t pay for it, so I am not going to address it because it is outside the project scope”. Continue reading

Five ways to improve SCADA Security for Critical Infrastructure

In anticipation of our upcoming Cybersecurity Webinar in just under two weeks, we wanted to expand on some measures that should be implemented in order to make SCADA Systems and Industrial Control Systems (ICS) controlling critical infrastructure inherently more secure. We expect that the majority of our customers may have already investigated using most or all of these methods in their security configurations, but we’ll discuss them and expand on them as necessary, using current industry guidance recommendations. Continue reading

Best Practices for Protecting Systems from Ransomware Attacks

As we learned last week, Ransomware has reached Industrial automation. With companies such as Renault and Toyota taking hits from the recent spread of the WannaCry ransomware worm (also called WannCrypt and Wanna Decryptor), it’s become clearer than ever that companies should have a protocol in place for safeguarding systems. There should also be schedules for frequent updates to software, which ensures that patches are always in place. Continue reading

Companies that Don’t Take Security Precautions May be Liable for Breaches

The hack of Sony not only resulted in huge losses of data, but it revealed how poorly that data was protected. Now, employees who had their identities exposed as a result of the hack have banded together. A U.S. district court judge has given them approval to sue Sony Pictures Entertainment for their poor protection of personal information. Continue reading