The flaws affect at least 25 different products made by more than a dozen organizations, including Amazon, ARM, Google Cloud, Samsung, RedHat, Apache and others.
Kristin Sanders, chief information security officer for the Albuquerque Bernalillo County Water Utility Authority, revealed how New Mexico’s largest water and wastewater utility has been addressing the security challenge by leveraging a series of software solutions, sensors and internet-of-things technology.
The plan, which encourages owners and operators of industrial control systems to "implement measures or technology that enhance their detection, mitigation, and forensic capabilities," was not released in full to the public — or to many vendors who might be instrumental in actualizing key objectives.
Columnist Elad Ben-Meir of SCADAfence writes that critical infrastructure have become more vulnerable than ever to a cyberattack. Security perimeters have been stretched at a time when industrial operating systems are increasingly operated remotely, opening up new threat vectors and numerous entry points for attackers.
A technique known as radio frequency (RF) fingerprinting could be leveraged to give unique ID to the billions of rogue IoT devices lurking within home and business networks.
The attack on the Oldsmar, Fla., water treatment plant earlier this year raised the profile of operational technology events and attacks on critical infrastructure. Today’s columnist, Duncan Greatwood of Xage, offers insights into how organizations can adopt a Zero Trust approach to protect against similar attacks.
