Blog

The big news today is the Spectre and Meltdown bugs. These vulnerabilities let attack code such as Javascript steal passwords, encryption keys and session cookies from kernel memory and/or browser windows on nearly all modern computers. The performance hits and code changes needed to fix...

TRITON/TRISIS is the fifth industrial malware found in the wild and the third malware specifically designed to cause damage to physical equipment and jeopardize safety. The malware warrants a stern warning to owners and operators: segment networks properly or face the consequences. The target of the malware...

Waterfall Security Solutions is of course an industrial cybersecurity technology provider, but technology is only part of any industrial security program – policies, procedures and training are also essential. This means that the advancement of security education has always been essential to Waterfall’s mission to...

Recently, a major Canadian company suffered a targeted ransomware attack and was forced to pay $425,000 to restore the encrypted data of both its production base and back-up servers. We have spoken and warned of ransomware in the past, particularly in the aftermath of the...

Recently, Waterfall announced a global partnership with intelligence-led security company FireEye, in a push to deliver comprehensive cybersecurity solutions for businesses with industrial sites. The partnership seamlessly integrates FireEye’s cloud-based Threat Analytics Platform (TAP) with reliability-critical and safety-critical industrial control system (ICS) networks via Waterfall’s...

Recent reports of cyber attacks on U.S. nuclear reactors have brought upon public doubt on the strength of cyber protections at nuclear power plants. The response from nuclear plants has resoundingly been "no need to panic, nothing to see here," but other pundits are saying...

I recently attended the NERC CIP Emerging Technologies Round Table meeting on Cloud & IoT, where a primary focus was Bulk Electric System (BES) Cyber Systems in the cloud. BES Cyber Systems are systems with an adverse effect on the BES within 15 minutes of...