Author: Lior Frenkel

The CEO of TSMC - the manufacturer of key chipsets for Apple's iPhones, and for many other global companies - reported Monday that the company was forecasting a drop of 2% in Q3 revenues, or about $160M, due to an infection of its manufacturing facilities by a variant of the Wannacry ransomware.  The malware entered the manufacturing network when a new piece of fab tool equipment was installed. The malware appears to have spread rather quickly, as the CEO indicated that at the peak of the infection, 10,000 machines were impaired at several manufacturing sites. The CEO maintained that the

OT remote access is efficient and convenient - for attackers Remote access might look like a good idea. Every computer on an enterprise network certainly has some sort of Remote Desktop capability: tech support takes control of my laptop routinely to install new software or to fix issues. Sometime our vendors have remote access into our servers and other systems, to provide remote support. When we are talking about the enterprise network, this is a great capability, reducing costs, reducing headcount per campus, sometimes even reducing travel time. When migrating to the OT world of industrial networks, this type of solution does

Waterfall Security Solutions is of course an industrial cybersecurity technology provider, but technology is only part of any industrial security program – policies, procedures and training are also essential. This means that the advancement of security education has always been essential to Waterfall’s mission to improve industrial cybersecurity. The potential consequences of malicious misoperation of industrial processes can have thoroughly unacceptable consequences for property, the environment, workers at industrial sites, and public safety. To improve one’s security posture, it is required to have a wider awareness of modern risks, threats and cyberattack techniques, in addition to a deeper understanding of modern

"WannaCrypt" or “WannaCry” is the latest ransomware variant responsible for shutting down countless organizations, including critical infrastructures and manufacturing sites as large as Renault and Nissan. The cybersecurity advice most probably followed by all these sites was to use firewalls to keep their networks “safe” and to always install the latest security updates. It has been exactly two months since Microsoft issued the MS17-010 fix for the "EternalBlue" vulnerabilities that WannaCrypt exploits, and frankly that’s not enough time for every device in every site, factory and hospital to verify the patch, test, approve the changes and update all of their operational

Recently we’ve received a lot of interest from water and waste management facilities regarding our Unidirectional Security Gateway- which is making me wonder what’s brought this on?  Let’s look at the facts. The primary source for cyber risks in water and waste management facilities comes from the use of wide-area-networks (WANs) for monitoring and the collection of data. A typical water site has two primary WAN connections: One to the corporate network, and through that network to the Internet, and customers, partners and vendors. The other WAN is connected to pumping stations and remote sensors to gather important data that