If 2020 has been the year of unprecedented disruption on a global scale, 2021 will be the one when many people begin picking up the pieces. The COVID-19 pandemic caused unexpected and rapid change on all fronts. With virtually no warning, energy companies had to shift most of their staff into a “work-from-home” mode. Meanwhile, …
Challenges 2021 holds for cybersecurity in Australia’s energy sector Read More »
FREMONT, Calif.—Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, today announced that the company was awarded a commercialization fund project from the U.S. Department of Energy (DOE) Office of Technology Transitions (OTT) Technology Commercialization Fund (TCF) for building out a Deception Defense Platform for Cyber-Physical Systems. With matching funds from the Pacific Northwest National Laboratory (PNNL), the project is designed to improve critical infrastructure cybersecurity capabilities.
The energy industry is particularly vulnerable to cyber-attacks due to increased interconnectivity of energy systems, but what can be done to protect these systems? Umar Ali speaks to Tony Cole, CTO at cybersecurity company Attivo Networks, about a technology that could provide a solution.
Delivering energy has centered on the fundamental tenant of being reliably available. As energy providers strive to maintain that availability, they all too often push security to the backburner. Many unsafe practices have fallen into place for the sake of speed and efficiency, including the use of default and shared passwords, open access, and little oversight. Many systems have been put into production and stayed in place well beyond the vendor’s intended support lifecycles. This situation has resulted in systems that are end-of-life, no longer receiving patches or updates despite known security flaws. Unfortunately, many organizations have also built security around the assumption of air-gapped networks, which is proving to be insufficient as more and more devices become interconnected.
Written by: Carolyn Crandall – Chief Deception Officer – We expect ongoing operations of our infrastructure, as it plays a vital role in our daily lives. Unfortunately, it’s also an attractive target for attackers
Utility-backed venture capital firm invests in company to secure energy operations and security infrastructure Fremont, CA – March 21, 2019 – Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, today announced that Energy Impact Partners (EIP), a leading utility-backed energy investment and innovation firm, has become a strategic investor in the company. The funding enables Attivo Networks to expand its portfolio of energy sector-specific deception technology and increase its go-to-market activities to broaden its customer base of utility companies around the world.
Written by: Carolyn Crandall, CMO & Chief Deception Officer – Most companies have invested heavily in perimeter defenses, but there remains a gap in detection, which leaves risk and exposure to attack. Internal network monitoring remains a challenging task, and while there are many ways to tackle this, most of them involve resource-intensive solutions. Whether it is monitoring all internal network traffic and looking for anomalies, deploying internal IDS sensors and hoping to get signature alerts, or using analytics to identify bad actors, many solutions require time, effort, and resources to implement, tune, and maintain, with no guarantee of accurate alerting with no false positives. A different approach is needed and this is where organizations are turning to deception technologies to help.
Written By: Carolyn Crandall, CMO & Chief Deception Officer -Recently, SC Magazine published an article covering several vulnerabilities that Positive Technologies found in GE supervisory control and data acquisition (SCADA) systems where an attacker could intercept passwords and disrupt utility and factory operations. While this particular vulnerability is limited to GE Proficy and Cimplicity SCADA systems, other manufacturers face similar issues. Such vulnerabilities are troubling because most companies are unable to reliably monitor the networks where SCADA systems communicate, nor are they consistently patched and updated. SCADA systems were meant to be open, robust, and easily operated and repaired, and as such, security is not natively part of their design. Many of these solutions also run on older XP operating systems, where security patches are no longer available and given the cost and complexity to upgrade, are kept in production. As a result, they continue to be vulnerable to typical network attacks and possess a strong need for efficient early detection.
Attivo Networks updated BOTsink software that provides continuous threat detection SCADA devices used to monitor and control most manufacturing operations as well as critical infrastructure such as natural gas, oil, water, and electric power distribution and transmission systems around the world. Instead of relying on signatures or known attack patterns, Attivo uses deception technology to lure the attackers to a BOTsink engagement device.
SCADA devices and networks remain a prime target for cyber attacks. Everything I’ve written has approached cybersecurity from a different angle. This is the first solution that has come my way that uses a deception approach.
