Send a text

Although discussing the military activities currently taking place in Iran runs the risk or bringing up polarizing political views, the cybersecurity realities simply can’t be ignored. And they absolutely have to be discussed.

One of these realities is that Iran has a legacy of supporting organizations involved with cyberattacks on networks, infrastructure and companies in Israel and the United States. Companies that utilize industrial control systems. Companies like yours.

In light of current events, there is absolutely no question that these groups will escalate their efforts. Although the bombs are falling thousands of miles beyond U.S. borders, know that U.S. manufacturing is a primary target.

Historically, many of the groups carrying out these types of cyberattacks were hacktivists or outliers, operating independent of any government or country. They followed their own agenda in realizing personal or political goals.

However, as highlighted by the war in Ukraine, these groups have begun to pick sides. They’re embracing financial support from nation states and successfully executing attacks meant to shut down, steal data, extort money and/or disrupt critical production or infrastructure operations – regardless of size, sector or location.

Thankfully, there are also guys like our guest for today’s episode. JP Castellanos is the Director of Threat Intelligence at Binary Defense. Watch/listen as he discusses:

• The evolving hacktivist community and what recent events could mean for industrial cybersecurity.
• How manufacturers can prepare and respond to an inevitable uptick in attacks.
• How IT/OT silos perpetuate these attacks and make manufacturing a more lucrative and appealing target.
• The motives and operational strategies of state-sponsored Iranian hacker groups.
• The soft spots in your defenses that these groups take advantage of in targeting the industrial sector.
• The simple solutions that can have far-reaching and extremely positive impacts on your defenses.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send a text

Last December the Cybersecurity and Infrastructure Security Agency, or CISA, issued an advisory warning manufacturers, operators of critical infrastructure, and really anybody associated with industrial control systems about the threats being presented by pro-Russian hacktivist groups.

The advisory, issued in conjunction with numerous federal and international agencies, called out groups like the Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057 and Sector16 for taking advantage of insecure connection points and other vulnerabilities that allowed these state-sponsored actors to infiltrate, shut down, and ransom their targets in the United States.

Historically, many manufacturers would find it hard to believe that their mid-size business in the heartland of America would be on the radar of foreign terrorist groups, but as our guest for today’s episode explains, that is exactly the case.

Will Dixon is a senior executive of Government & Law Enforcement at Intel 471 – a leading authority on the OT threat landscape. Watch/listen as he explains:

• How these group’s initial plans to disrupt water treatment and other critical infrastructure has evolved into the strategic targeting of the U.S. manufacturing sector.
• Why hacktivist no longer applies to these "strategically aligned state groups."
• Why AI will not be as impactful for either side as many think.
• How these groups are part of Russia's bigger plans against the West.
• The important role vendors and suppliers can play in establishing cyber defenses.
• The ongoing challenges of breaking down IT-OT silos, and how hackers are using this dynamic against you.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

When we talk about the challenges presented to those trying to secure the operational landscape of manufacturing, it’s tough to avoid what I’d call the usual suspects - endpoints, connection points, credentials, vulnerabilities, silos and, of course, the impact of artificial intelligence.

And just as there are benefits to discussing these individual aspects, it’s equally important to look at things from a bigger picture in tying them all together. This not only helps us strengthen the chain, but appreciate the significance of reinforcing each of those links.

Perhaps no one has helped tie all of these different players together better than our guest for this episode. Vinod D’Souza leads the manufacturing and industry vertical for Google Cloud’s Office of the CISO. Watch/listen as we discuss:

• Emerging vulnerabilities and response plans.
• Segmentation challenges in the era of constant technological expansion.
• New-age approaches to patching.
• The connected fibers of artificial intelligence and the human factors of cybersecurity.
• Addressing IT and OT silos.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.