![Veridify | The IoT Security Blog](https://i1.feedspot.com/4626543.jpg?t=1608551319)
Veridify | The IoT Security Blog
1,142 FOLLOWERS
Veridify Security, formerly SecureRF, delivers fast, small footprint, ultra-low-energy, and quantum-resistant public-key security tools for low-resource processors powering the IoT. Check out the Veridify IoT Security Blog for exploring security and privacy solutions for embedded systems--keeping products smart and secure in the Internet of Things.
Veridify | The IoT Security Blog
10h ago
Heat and Hot Water Disrupted to over 600 buildings, about 100,000 people, for 48 Hours A cyberattack occurred on a heating utility (also known as district heating) in the Ukrainian city of Lviv, the largest city in western Ukraine, in January 2024. The malware, named FrostyGoop, is one of the few identified in the field…
The post Modbus Vulnerabilities Used for Cyberattack on Heating Utility appeared first on Veridify Security ..read more
Veridify | The IoT Security Blog
6d ago
Operational Technology (OT) systems in buildings, which include HVAC, lighting, access control, and other critical infrastructure, are increasingly becoming targets for cyber threats. The rise in attacks on these systems underscores the importance of robust cybersecurity measures to protect them. Here’s a look at how to safeguard building OT systems from cyber threats.
Understanding the Threat Landscape
Building OT systems are integral to the smooth functioning of modern facilities. However, their increasing connectivity and integration with Information Technology (IT) systems make them vulne ..read more
Veridify | The IoT Security Blog
1M ago
How is Zero Trust for OT Security Different from Traditional IT Security?
Zero Trust for operational technology (OT) security differs significantly from traditional IT security models in several ways. Here are some key differences:
Security Method
Traditional IT Security
Zero Trust OT Security
Trust Model
– Assumes that everything inside the network can be trusted.
– Relies heavily on perimeter defenses like firewalls and intrusion detection systems (IDS).
– Assumes that no one, whether inside or outside the network, can be trusted by default.
– Requires continuous verification of ..read more
Veridify | The IoT Security Blog
1M ago
Introduction
This is the podcast audio, highlights, and key insights from a Lunch and Learn session about the importance of improving cyber-physical security in building automation systems, highlighting the challenges and solutions in the industry. The event was hosted by KMC Controls.
Podcast Audio – Improving Cyber-Physical Security
Your browser does not support the audio tag.
Download MP3
Highlights
Importance of cyber-physical security in building automation systems.
Collaboration of experts from various fields to address security concerns.
Challenges in implementing cybersecurity mea ..read more
Veridify | The IoT Security Blog
1M ago
The FBI released its annual Internet Crime Report for all complaints reported through its Internet Crime Complaint Center (IC3). From the report, cybercrime losses increased 21% from 2022. Cybercrime refers to criminal activities carried out using computers or the internet. These crimes can range from hacking and spreading malware to stealing personal or financial information, conducting online scams, identity theft, cyberbullying, and even cyberterrorism.
Data for the past several years is included in the table and chart below.
Year
Cybercrime Losses
$ Increase
% Increase
2020
$4.2B ..read more
Veridify | The IoT Security Blog
1M ago
DNP3 Cybersecurity Risks
DNP3 (Distributed Network Protocol version 3) is a widely used communications protocol for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. While DNP3 provides several features designed to enhance the reliability and efficiency of communication between control devices and data acquisition systems, it also poses certain security risks, especially when deployed in critical infrastructure environments. Some of the key security risks associated with the DNP3 protocol include:
Lack of Authentication: Traditional versions of DN ..read more
Veridify | The IoT Security Blog
2M ago
Water Utilities Cyberattacks
Hacker groups from Russia, China, and Iran have all taken credit for recent cyberattacks on water utility companies in recent months, the EPA even warning smaller communities to take action. Water utility companies are on notice during federal inspections over the last year. Roughly 70% of them violated standards meant to prevent data breaches or cyberattacks. Some failures as simple as using default passwords are allowing former employees to access sensitive systems.
Source
PRC hackers are targeting our critical infrastructure. Our water treatment plants, our ele ..read more
Veridify | The IoT Security Blog
3M ago
Exposed OT/ICS Devices
Recent data from several tracking sources indicates there has been an increase in the number of public IP addresses with accessible devices using standard OT/ICS protocols – BACnet, Modbus, Fox, Ethernet/IP, S7, and more. Data from three different sources – Censys, ShadowServer, and Shodan – give insight into the number of publicly exposed IP addresses that have devices using OT/ICS protocols.
The data is different depending on the source, but overall it highlights the problem of exposed OT/ICS devices that can have increased vulnerability to compromise or a cyberattack ..read more
Veridify | The IoT Security Blog
3M ago
A strong cybersecurity posture is essential for Building Management Systems to mitigate the risks associated with interconnected devices and systems. Building Management System Overview
A Building Management System (BMS), also known as a Building Automation System (BAS) or Building Control System (BCS), is a computer-based control system that manages and monitors the mechanical, electrical, and plumbing systems in a building. These connected components include heating, ventilation, and air conditioning (HVAC) systems, lighting, access control, elevators, life safety, and more. BMS systems are ..read more
Veridify | The IoT Security Blog
3M ago
The Internet of Things (IoT) has revolutionized the way we live and work. With billions of connected devices, from smartphones to home appliances, building controls and industrial machinery, our world is more interconnected than ever before. However, this connectivity also brings with it significant security risks.
Cybersecurity plays a crucial role in ensuring that data from IoT devices are secure and protected from malicious attacks. In this blog post, we will explore the challenges faced in securing IoT communications and how organizations like Veridify are leading the way in providing cyb ..read more