Control Loop: The OT Cybersecurity Podcast

ICS/OT incident response plans: Don't get caught unprepared.

The NOTAM outage was reportedly caused by a corrupted file. The World Economic forum sees geopolitical instability as a source of cyber risk. The Copper Mountain Mining Corporation is working to recover its IT systems following a ransomware attack. DNV's fleet management software sustains a ransomware attack. Ukrainian hacktivists conducted DDoS attacks against Iranian sites. And a cyberattack against a Nunavut power utility.Our interview segment is part one of two from Dragos’ Ask the ISACs discussion led by Dawn Cappelli, Dragos’ Head of OT-CERT, with panelists Tim Chase from the MFG-ISAC, Eugene Kipniss from MS-ISAC, Jennifer Lyn Walker from Water ISAC, and Matt Duncan from E-ISAC. On part 1 of 2 in the Learning Lab, Dragos’ VP Product & Industry Market Strategy Mark Urban speaks with Lesley Carhart, Dragos’ Director of Incident Response for North America, about creating an ICS/OT specific incident response plan.

Transcript

Shifting into the OT space.

A Canadian mining company shuts down its mill following a ransomware attack. The Port of Lisbon has sustained a cyberattack, with the LockBit ransomware gang claiming credit. Rail company Wabtec begins notifying victims of data breach following a ransomware attack. New York’s governor signs legislation seeking to secure power grids. And an upcoming NATO study will analyze hybrid warfare. Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, returns for the second part of his interview to discuss the transition from the military and Intelligence Community to the OT space. The Learning Lab segment will return in our next episode.

Transcript

Cyber threat intelligence in the OT space.

Microsoft offers predictions for Russia’s war in Ukraine. A wiper targets the diamond industry. New version of Babuk ransomware hits manufacturing company. Cyberattacks against the manufacturing industry. Cybersecurity for farming equipment. CISA issues ICS advisories. Guest Kaleb Flem, Senior Cyber Threat Intel Analyst at Southern California Edison, discusses maximizing threat intelligence at a utility. And, in Part 2 of 2 on the Learning Lab, Mark Urban and Dragos’ CISO Steve Applegate talk about starting an OT cybersecurity program.

Transcript

Preparing for the electrical grid of the future.

The US Government Accountability Office issues a report on offshore oil and gas cybersecurity. The Oak Ridge National Laboratory seeks to secure power grids. Boa web server vulnerabilities used to target energy organizations. CISA updates its Infrastructure Resilience Planning Framework. And CISA issues advisories for ICS vulnerabilities. Guests Mara Winn and Guohui Yuan join us from the Department of Energy to discuss their report, "Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid.” In Part 1 of 2 on the Learning Lab, Mark Urban and Dragos’ CISO Steve Applegate talk about starting an OT cybersecurity program.

Transcript

Looking to the future of the OT space.

The US Department of Energy seeks to improve visibility into ICS environments. NIST has issued a proposal for upgrading cybersecurity at water plants in the US. A patch has been issued for a critical vulnerability that affects flow computers from ABB. Guest Ashif Samnani of Cenovus Energy shares insights from his nearly two decade career in the OT world. In the Learning Lab, hear the third in a series with Mike Hoffman, a Principal Industrial Consultant at Dragos, teaching infosec professionals how to think about OT security. This segment discusses looking at crown jewel analysis and understanding what really matters within your environment.

Transcript