The Radiflow Cyber-Security Blog

Liron Benbenishti, Cyber Security Researcher at Radiflow, analyzes the 2015 Ukraine power grid attack using the ISA/IEC 62443-3-3 standard, which determines the actual security levels and evaluates the required security level that could have prevented the attack.

Ilan Barda, Radiflow CEO, reviews the state of OT cyber-security in 2020 and extrapolates the trends in 2021 and beyond, including WFH, the SolarWinds attack, ransomware in OT, OT-MSSPs and governing standards (e.g. IEC62443).

Radiflow CEO Ilan Barda discusses the key takeaways and trends regarding the SolarWinds security attack, and proposes guidelines for protecting industrial networks against such supply-chain type attacks.

Radiflow’s next-generation industrial security monitoring systems provide a fully automated suite for asset data collection, data-driven analysis and transparent risk metrics calculation.

Takeaways from our expert panel, with guests from Forrester & Siemens, on the importance of IEC62443-compliant risk assessment & management toward optimizing OT cybersecurity.

Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture.

Steganography-based attacks on ICS networks are on the rise, some using the interconnectivity between the organization and its vendors/suppliers. Mitigation includes OT/IT network segregation; raising awareness among employees; and installing an IDS (e.g. Radiflow iSID) to detect anomalous network behavior.

Radiflow CEO llan Barda’s presentation at zenonIZE 2020 focuses on Analysis of Gaps and Mitigations in an OT network for IEC62443 compliance, and namely streamline the flow of security alerts between the security system (IDS) and the operations personnel and IT professionals.

The new iSID v5.7 introduces over a dozen improvements including automatic asset identification, threats prioritization using dynamic risk calculation and refined Deep Packet Inspection (DPI) across an expanded suite of OT protocols.

Evidence related to recent cyber-attacks against Honda and the Enel Group using the EKANS/SNAKE malware suggests that the attackers in both cases took advantage of both companies’ move to grant employees remote network access.

BleepingComputer had recently reported about highly-targeted steganography-based attacks on industrial enterprises, by means of sending malicious payloads hidden in ordinary images to supply chain vendors and 3rd-party collaborators.

Radiflow CPO Michael Langer discusses the context of a cyber-attack on an Iranian seaport that had been attributed to Israeli operatives as retaliation to an attack against Israeli water facilities attributed to Iranian operatives.

A leading Israeli news outlet recently reported that water/wastewater facilities in Israel were subject to cyber attacks. Radiflow CPO Michael Langer presents his analysis of the incident based on available information and prior attacks on water facilities, as well as recommendations for mitigation and network hardening.

This case study covers a deployment at a large Central European power plant, consisted of the iSID Industrial (OT) Threat Detection & Analysis System, iSAP Smart Collector and iSEG-3180 DPI-Firewall/Secure Gateway.

Securing an offshore rig introduces logistical challenges involving physical access and communications. Radiflow’s solution, included its iSID Industrial Threat Detection and Analysis System and iCEN Central Management System.