So, you’ve found yourself in a bit of a pickle. Picture this: you’re running a critical bit of infrastructure, maybe a wastewater treatment plant, a place where the smooth flow of data is almost as important as the smooth flow of… well, you know. You’ve got your remote sites all chatting happily with the main plant, sharing all that lovely SCADA goodness. Once upon a time, you might have done this with a trusty 900-MHz radio system, a real workhorse. But then, the airwaves got as crow...| Agilicus
In a previous discussion, I drew parallels between inevitable changes and the world of industrial control systems, suggesting that secure remote access is no longer a question of if, but how. Today, I want to expand on the how, exploring the different methods organisations use to provide remote access to their critical industrial environments. There are four main approaches we see in the field, each with its own set of benefits and drawbacks. Let’s delve into what they are, how they work, a...| Agilicus
For decades, industrial security relied on the "air gap." But like a frog in slowly boiling water, we've missed the gradual erosion of this protection. Today, that gap is more like Swiss cheese, full of holes for vendor access and cloud connectivity. It's time to adapt to this new reality.| Agilicus
In an era where artificial intelligence dominates headlines, its impact extends far beyond futuristic applications into the realm of cyber warfare, profoundly reshaping the threat landscape for critical infrastructure. Recently, I hosted a webinar exploring how AI amplifies cyber risks, making attackers more effective and critical assets more vulnerable. The core message? While AI may not introduce entirely new vulnerabilities in the short term, it significantly enhances the efficiency and re...| Agilicus
In our digital world, trust is everything. When you visit your bank’s website and see the padlock icon, you’re relying on a system of trust to ensure your connection is secure and you’re not talking to an imposter. This system is built on digital certificates, the cryptographic passports of the internet. But what happens when that trust is broken? And more importantly, how do you verify that trust in a network that is deliberately cut off from the outside world? This is the peculiar and...| Agilicus
AI: You don't need to outrun the bear (the most sophisticated attacker in the world); you just need to outrun your neighbour. Let's make sure you're not the slowest hiker in the woods.| Agilicus
“Medusa ransomware gang has infected more than 300 organizations in critical infrastructure sectors such as the medical, manufacturing and technology industries” is not the sort of news you want to hear. Nonetheless, facts are facts. And the facts are not that great for team blue. Medusa gets in via some unpatched CVE, often your firewall or VPN, or sometimes your monitoring tools (e.g. SolarWinds). Medusa uses “Living of the Land” techniques, meaning, it uses the same tools you do. T...| Agilicus
Asymmetric Cost Espionage: A Chinese Advanced Persistent Thread actor used CVE-2024-24919 (a vulnerability in Checkpoint VPN) to gain ongoing access into operational technology networks.| Agilicus
Put the Avalanche of Advice Into Action: Wastewater plants face escalating cyber threats. Prioritise strong user identities with single sign-on and multi-factor authentication, abandon the outdated "air gap" concept, and embrace a practical zero-trust approach.| Agilicus
Last weeks hyper-critical NGFW vulnerability is this weeks embedded operational technology challenge due to nested risk and supply chain.| Agilicus
CISA this week issued a Fact Sheet 8 Top Cyber Actions for Securing Water Systems giving a set of "do it now" practical actions for securing water and wastewater systems. Let's talk about 'Exposure' to the Public-Facing Internet| Agilicus