Het Coronavirus (COVID-19) treft ons allemaal in de dagelijkse werkzaamheden en vereist maatregelen om verspreiding te voorkomen. De gezondheid van onze medewerkers, klanten, relaties en partners blijft onze eerste prioriteit. We volgen daarom strikt de richtlijnen op van de overheid. Onze producten en diensten, zoals we deze dagelijks uitvoeren, worden zo veel als mogelijk decentraal […]
The US Cert has reported on multiple critical vulnerabilities in Rockwell Automation PLC’s. The affected systems are: MicroLogix 1400 Controllers, MicroLogix 1100 Controllers, RSLogix 500 Software The bugs could allow an attacker to gain access to sensitive project file information, including passwords. Rating 9.8 out of 10 on the CVSS v3 severity scale, the bugs […]
This week it became public that multiple industrial facilities had interrupted operations due to ransomware attacks. This led to a disruption of human-machine interfaces (HMIs), data historians, and polling servers, which were no longer able to process data from low-level industrial control systems (ICS). Human operators could no longer monitor processes, but the attack did […]
CR-Team has presented at the latest edition of the FERM-Rotterdam Port Cyber Café about the “impact of cyber on the OT domain”. After the difference between IT and OT security was explained using the CIA triad the focus shifted to the challenges of securing OT. The well known Triton attack was used to demonstrate and […]
Every year the number of reported ICS vulnerabilities increases with about a third. In an IT world that is cumbersome but can be solved with an -automatic- patch round or scheduled update. In OT however we are not this flexible and need to work with our vulnerable systems for a longer period, until the impact […]
A recent research paper about an ICS honeypot is great in several ways: It shows how easy it is to set up a fake company. These ‘companies’ can then be used for fraud and phishing (terminal spoofing for example) but also for malware distribution. You learn which vulnerabilities attract attackers. It describes perfectly how hackers […]
Had a great day with colleagues from CR-Team and KH-Engineering at Emerson’s innovation day “Industry 4.0 in action”. They showcased some great developments and clearly develop their products with security in mind. So, all good? Well between acquisition and actual implementation an awful lot can go wrong… Make sure that shortcuts in architectural design and […]
The International event ‘Cyber security for critical industries was on the 26th and 27th of March in Amsterdam. Interesting was the different approach in Europe for this matter. In these two days event people from different countries paid contributions to the presentations and discussions. The consultant of the Cyber Resilience Team was present and available […]
On the 29th of November 2018 our consultant Ewald Coenraad gave a awareness presentation about cyber security for Operational Technology (OT). Together with a speaker of DCMR, Ewald informed the members of Deltalinqs about the threats in the Industry and the relation with process safety. For more information about this presentation or how your company […]
