Control Loop: The OT Cybersecurity Podcast 6.1.22
Ep 1 | 6.1.22

Welcome to Control Loop: Giving back to the OT community.

Show Notes

Every two weeks, get the latest in OT news in Control Loop News Brief, an interview featuring a thought leader in the OT space sharing current industry trends, and the Control Loop Learning Lab’s educational segment. A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Headlines include: Russia’s hybrid war against Ukraine. Russian threat actors against industrial control systems. Exploits for Bluetooth Low Energy. Hacktivists claim attacks against Russian ground surveillance robots. New wiper loader. Turla threat actor reconnaissance in Estonian and Austrian networks. Robert M. Lee, CEO of Dragos, talks giving back to the OT community and shares insights on Pipedream malware. Learning Lab has Dragos' Mark Urban and Jackson Evans-Davies talking about the fundamentals of OT cybersecurity.

Control Loop News Brief.

Continuing expectations of escalation in cyberspace.

Microsoft President: Cyber Space Has Become the New Domain of Warfare - Infosecurity Magazine

Cyber Attacks on Ukraine: Not What You Think | PCMag 

Warning: threat actor targets industrial systems.

US warns energy firms of a rapidly advancing hacking threat - E&E News

PIPEDREAM: CHERNOVITE's Emerging Malware Targeting Industrial Environments | Dragos

Pipedream Malware: Feds Uncover 'Swiss Army Knife' for Industrial System Hacking | WIRED

Indestroyer2 and Ukraine's power grid. 

Twitter: @ESETresearch

Industroyer2: Industroyer reloaded | WeLiveSecurity

Russian hackers tried to bring down Ukraine's power grid to help the invasion | MIT Technology Review

Bluetooth vulnerabilities demonstrated in proof-of-concept.

NCC Group uncovers Bluetooth Low Energy (BLE) vulnerability that puts millions of cars, mobile devices and locking systems at risk

Tesla Hacker Proves a Way of Unlocking Doors, Starting Engine - Bloomberg

CISA and its international partners urge following best practices to prevent threat actors from gaining initial access.

Weak Security Controls and Practices Routinely Exploited for Initial Access | CISA

Hacktivists claim to have compromised Russian-manufactured ground surveillance robots.

Did hackers commandeer surveillance robots at a Russian airport?

Twitter: @caucasnet

Politically motivated DDoS attack on Port of London Authority website.

Twitter: @LondonPortAuth

Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack 

New loader identified in wiper campaigns.

Sandworm uses a new version of ArguePatch to attack targets in Ukraine | WeLiveSecurity 

Turla reconnaissance detected in Austrian and Estonian networks.

Russian hackers perform reconnaissance against Austria, Estonia 

TURLA's new phishing-based reconnaissance campaign in Eastern Europe 

SANS ICS Summit is coming to Florida, June 1-9.

ICS Security Summit & Training 2022

Colonial Pipeline’s ransomware attack, one year later.

How the Colonial Pipeline attack instilled urgency in cybersecurity

OT vulnerabilities as credit risk.

Operational Technology Cyberattacks Are a Credit Risk for Utilities

A Cyber Resilience Pledge. 

Global CEOs Commit to Collective Action on Cyber Resilience 

Recent threat intelligence findings from Dragos.

Dragos ICS/OT Ransomware Analysis: Q1 2022

Control Loop Interview.

Robert M. Lee, CEO of Dragos, on giving back to the OT cybersecurity community, the idea behind the Control Loop podcast and newsletter, and his candid thoughts on the Pipedream malware and its creators.

Follow Rob on LinkedIn and Twitter.

Control Loop Learning Lab.

Dragos’ Mark Urban and Jackson Evans-Davies on the fundamentals of OT cybersecurity and network architecture.

Dragos 2021 ICS Cybersecurity Year in Review

How to Build a Roadmap for ICS/OT Cybersecurity: 3 Steps to a Sustainable Program

Managing External Connections to Your Operational Technology Environment

Improving ICS/OT Security Perimeters with Network Segmentation