Advice Avalanche: Practical Steps for Wastewater Treatment Plants

Put the Avalanche of Advice Into Action: Wastewater plants face escalating cyber threats. Prioritise strong user identities with single sign-on and multi-factor authentication, abandon the outdated “air gap” concept, and embrace a practical zero-trust approach.
CityNews The Mike Farwell Show Interview

This morning I was interviewed on the Mike Farwell Show (CityNews). You can check the interview here @ 54:50.
SolarWinds Gives Federal Agencies Labour Day Present

SolarWinds Web Help Desk CVE-2024-28986 (rated 9.8 our of 10) is now included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog, indicating its active use in cyber attacks, giving affected agencies until September 5, 2024 to fix the flaw under Binding Operational Directive 22-01. How fun.
Operate Your Plant Virtually with Agilicus AnyX

The demand for remote plant operation is increasing. It’s easier than ever to manage, monitor, and control plant operations remotely.
10 Billion Reasons Shared Passwords Are Bad: RockYou2024

Shared password bad. 10 billion passwords leaked. Your team installed some shadow IT remote access solution with a shared password.
Get Thee From BGP Rockwell: Ethernet/IP Is not Internet

You wouldn’t download a PLC, would you? Rockwell Automation alert on public access to PLC, and a Shodan search to fact check it.
Fast, Simple, Secure: Implement CISA et al HMI (practically) recommends Agilicus AnyX

CISA, CSEC et al issue guidance on protecting VNC HMI in Operational Technology. Aligned with Agilicus AnyX.
Windows Update Breaks VPN, Good Riddance #zerotrust

Microsoft Windows Update Breaks VPN for Windows 10 and 11. 3rd party VPN’s have known exploited vulnerabilities. Let’s talk about VPN alternatives!
Industrial Supply Chain Matryoshka Risk

Last weeks hyper-critical NGFW vulnerability is this weeks embedded operational technology challenge due to nested risk and supply chain.
Quis custodiet ipsos custodes: When Good Firewalls Go Bad

Recently Palo Alto announced a 10.0 CVE in the Global Protect feature of their PAN-OS firewall. “Unauthenticated attacker [can] execute arbitrary code with root privileges on the firewall”. Well, that is not good. But, how “not good” is it? It’s terrifyingly bad ungood in fact.
CISA: 8 Top Cyber Actions for Securing Water Systems

CISA this week issued a Fact Sheet 8 Top Cyber Actions for Securing Water Systems giving a set of “do it now” practical actions for securing water and wastewater systems. Let’s talk about ‘Exposure’ to the Public-Facing Internet
Three Strategies To Help: Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits

Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits. Do you have one running on autopilot in your plant somewhere? Maybe between the IT and OT network? Maybe running the DMZ?
Multiple Connections Inbound Access Challenge

Multiple Internet connections can create inbound connectivity issues for remote industrial connectivity. The Multiple Connections Inbound Access Challenge.
Ground Hog Day: Fortinet VPN Edition

Another day, another VPN letting the world in to snoop around and fondle your crown jewels: Fortinet edition.
Dutch Defence Detail Dastardly Dirty Deed

The Netherlands ministry of defence just published the cliff-hanger document TLP:CLEAR MIVD AIVD Advisory COATHANGER regarding a remote access attack of their Fortinet FortiGate VPN by “a state-sponsored actor from the People’s Republic of China”. CVE-2022-42475 was the weakness. One thing that is unusual about the report is the direct attribution: this is rare.
Howto: Open Source Intelligence and your Digital Footprint

Let me show you a very simple means of Open Source Intelligence (OSINT) on yourself. If I can do this, anyone can do this, and if anyone can do this, someone bad can do this.
US sanctions Iranian officials for cyber-attacks on water plants

A group named Cyber Av3ngers affiliated with the IRGC targetting, modifying the HMI of publuc water systems. Today the individuals are sanctioned under anti-terrorism executive order.
VPNs in Industrial Environments: Old Yeller

VPNs in Industrial Environments: Old Yeller. It was a faithful friend for years, and now its time to shoot it before it bites you.
Begone Ivanti Industrial VPN Sayeth CISA

ED 24-01 directs agencies to instantly remove Ivanti Industrial VPN from industrial operations. Defence In Depth, Zero Trust give you more time to react.
Inbound HMI: Cyber Army of Russia Targeting US water facilities

Cyber Army of Russia Targeting US water facilities. Zero Trust Cybersecurity for VNC to prevent.
From Smoke Stacks to Smartscapes: Evolving Industrial Operations in the Digital Age

Smoke Stacks to Smartscapes. Past, Present, Future, the evolution in-place of the industrial control system, and the airgrap that once protected it.
Off-Grid Agricultural Cyber Physical Systems

The “John Deere Business Model” of taking something traditional and making it subscription. Starlink and its complex remote access needs due to CGNAT. And, cybersecurity, notably Cyber Physical Systems with their scary downsides of being able to move and cause damage.
Hard Industrial Cybersecurity is hardly secure, nuclear waste edition

One thing all industrial control installations have in common, they straddle the complexity of modern information technology with the dangers of operational technology and its inherent control of things which can go bump and boom. Hard Industrial Cybersecurity
Your Logo: Theming Agilicus AnyX

Agilicus AnyX supports personalising the sign-in and usage environment to match your corporate brand. This is more than just asthethic: a consistent look and feel helps train users to reduce the likelihood of a successful spear-phishing attack.
Avoid Exploitation of Unitronics PLCs used in Public Water Systems

Exploitation of Unitronics PLCs used in Public Water Systems for political purposes. Recommendations.
Attainable Municipal Zero Trust

Attainable Municipal Zero Trust: Key insights from recent Zero Trust implementations by Municipalities. Why, How, What ROI, Lead use cases.
Using Zero Trust to Enable Secure Remote Access to SCADA for Water Systems

This blog post explores the challenges of securing remote access to SCADA systems and how Zero Trust can act as a solution.
Zero Trust vs. VPN: A Comprehensive Comparison for Secure Remote Access

In this blog post, we’ll dive into the Zero Trust vs. VPN security model differences and why the former is ultimately the far superior choice for secure, seamless remote access.
SSH for Remote Access: Every User, Every Device, Every Application

In this blog post, we’ll delve into the challenges of enabling SSH for remote access and how you can do so without compromising security through Zero Trust.
Simplifying Secure Access: Enabling Rockwell Automation Remote PLC Access Without a VPN

In this post, we’ll explore the limitations of VPNs and delve into how to enable Rockwell Automation remote PLC access.

Learn. Do. Teach.