Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
10.03.24Last Wednesday, CISA issued an advisory two days after Arkansas City, Kansas, revealed that a Sunday morning cyberattack forced it to switch its water treatment facility to manual operations. In the alert, CISA urged OT/ICS operators in critical infrastructure sectors to apply the recommendations listed in Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity to… Read more »
05.23.24On Monday, the U.S. Environmental Protection Agency (EPA) issued an enforcement alert outlining the cybersecurity threats and vulnerabilities facing community drinking water systems. It details the necessary steps these systems must take to comply with the Safe Drinking Water Act (SDWA). The EPA issued this alert due to the rising frequency and severity of threats… Read more »
05.07.24Industrial control systems have a big job to do for a single facility’s OT environment – but if you’re operating multiple facilities spread across the U.S. or the world, those systems have a far larger workload, and the security risks inherent in their function get larger too. What no critical infrastructure or industrial corporation wants… Read more »
10.16.23Our recent OT security assessment at a private water utility illustrates how no industry is safe from security threats. Regardless of sector, all industries, from education, to finance, to water treatment, are susceptible to bad actors taking advantage of their internally-overlooked vulnerabilities. While water utilities have historically lagged behind other industries in OT security, the… Read more »
08.24.23Welcome to a new series of DirectDefense blog posts about hardware and IoT penetration testing! The goal of this 101 series is to shed light on common hardware I/O interfaces, associated protocols, and the multitude of vulnerabilities that can arise when they are left unprotected. While hardware reconnaissance will be briefly discussed, this particular article… Read more »
06.13.23How DirectDefense uncovered weaknesses in a municipality’s SCADA systems and a need for SCADA network segmentation A large municipality enlisted the services of DirectDefense to perform a Critical Infrastructure Assessment of the SCADA network controlling their water and electric services. During the SCADA assessments, our team identified several weaknesses that demonstrated the need for SCADA… Read more »
03.08.23Smartphone Snooping Without Microphone Access Can your smartphone sensors still enable apps to eavesdrop on your conversations even after the app has been denied microphone access? It does seem possible. We dug into this question based on two research papers, “AccEar: Accelerometer Acoustic Eavesdropping with Unconstrained Vocabulary”, and “Side Eye: Characterizing the Limits of POV… Read more »
01.16.23What We Can Learn From an Examination of the Misapplication of Cryptography In this post, I present my thoughts and learnings from a research paper focused on cryptography use cases demonstrating misapplication. The authors undertook a study building on some previous work by other authors, going further to study the prevalence of false positives in… Read more »
01.12.23A Deep Dive into ThirdEye and What Researchers Found In this post, I present my thoughts and learnings from a research paper about ThirdEye, an automated Android application testing tool that was created by the paper’s authors. While this tool does not appear to have been released to the public at the time of publication,… Read more »
10.06.22DirectDefense conducted cyber penetration tests for a municipality and found some significant gaps within the SCADA network.
