Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
How DirectDefense uncovered weaknesses in a municipality’s SCADA systems and a need for SCADA network segmentation A large municipality enlisted the services of DirectDefense to perform a Critical Infrastructure Assessment of the SCADA network controlling their water and electric services. During the SCADA assessments, our team identified several weaknesses that demonstrated the need for SCADA… Read more »
12.12.22What We Can Expect in 2023 Based on the Past Year’s Threat Landscape As we gear up for the holidays and new year, it is that time of the year again to review this year’s security-related events and examine the themes for future security challenges we can expect in the coming year that may affect… Read more »
DirectDefense assessed the security of MQTT traffic – the transfer of data to a SCADA system, ultimately controlling critical infrastructure.
Avoid these three pitfalls that are inherent to most SCADA systems that manage critical infrastructure. A multinational corporation enlisted the services of DirectDefense to perform a security assessment of the organization’s newly-developed battery energy storage control (BESS) that would enable the company’s vendors and integrators to manage the voltage and power output for massive batteries.… Read more »
Security company Qualys has uncovered a dangerous PolicyKit vulnerability. Learn how to remediate and patch Linux.
12.09.21What to Know, How to Prepare, and How We Got Here When 2021 began, everything from the pandemic to the economy felt uncertain. Security threats increased both as a result of those uncertainties and the ever-growing sophistication of the threat landscape. In this post, we’ll review the events that created security threats in 2021 and… Read more »
07.26.21Newsflash: Most networks utilized for Supervisory Control and Data Acquisition (SCADA) were not designed to be secure. Yes, you read that correctly. Kind of a scary thought, especially when your municipal water utility is reliant on this SCADA network to ensure the availability and safety of the drinking water supply! This is why the management… Read more »
The Colonial Pipeline shutdown should be seen as a serious incident pointing to the precariousness of critical infrastructure security.
02.09.21If you don’t want to issue the dreaded boil-water advisory then make sure your wireless network is hacker- proof. How our team was able to drive up to a municipal water utility, join the wireless SCADA network and gain the access needed to do some major damage to the water supply – all in 10… Read more »
