Connect with us

Press Release

A cyberattack in an industrial system is already game over

Avatar photo

Published

on

03 May 2021
This interview was originally published in the French magazine L’Usine Nouvelle and translated to English for your convenience. You can read the original interview in French here.

Guy-Philippe Goldstein

Researcher and consultant on cyber-security and cyber-defence issues.

As a researcher and consultant on cyber-security and cyber-defence issues, Guy-Philippe Goldstein is a speaker at the School of Economic Warfare, a contributor to the academic journal of the Institute for National Security Studies in Tel Aviv and a Strategic Advisor for the venture capital fund ExponCapital. He is also a fiction author: his novel, Babel Minute Zéro, which was read in some government circles in Israel, was one of the first to describe a scenario of cyber-conflict between China and the United States.

Production systems are less mature in preventing cyber threats

The last twelve months have been marked by an unprecedented upsurge in ransomware attacks (see here), including in the industrial sphere. At the same time, the cybersecurity of industrial systems (Operational Technology) is a different field from the cybersecurity of so-called general-purpose computing (Information Technology), even if it has many of the same problems. In the interest of further discussion, this blog will talk to certain specialists. This week we will begin with Danny Bren, former head of the military’s cybersecurity in Israel and founder of Otorio, an Israeli-Austrian firm specializing in cybersecurity of industrial systems, who is often asked these types of questions by the Israeli media.

Question: Is the current ransomware crisis linked to the Covid crisis or are there other contributing factors at play?

OTORIO CEO Daniel Bren

Danny Bren: There is no doubt: The COVID-19 pandemic has had an enormous impact on ransomware targeting industrial organizations and their operational technology (OT). One of the underlying reasons is the speed at which networks have opened up. This rapid pace has not always made it possible to introduce the appropriate security measures. And it didn’t take long for cybercriminals to take advantage of it.

However, as early as 2019, we saw an exponential increase in OT/IT ransomware attacks. Several factors explain this trend. On one hand, the race for digitization and automation (also known as Industry 4.0). On the other, IT-OT convergence (note: the most extensive communication between industrial systems and so-called general-purpose computing).

In addition, OT networks have developed differently from computer networks and have been slower to open up to the Internet.

So is the OT network a better target for cybercriminals?

Yes. While computer cybersecurity is quite mature, OT security is really only developing now. The OT network therefore offers an easy target for cybercriminals. This is especially true because industrial companies are more susceptible to ransomware attacks due to their direct impact on the company’s ability to make money. When a production line is shut down, there is no “backup” to restore operations. The systems need to be brought back fully “online”. This makes industrial companies more likely to pay a hefty ransom – and attackers know it. Finally, criminals are more sophisticated. We are dealing with organized cybercrime, which uses advanced tools that until recently were often only available to nation-state actors.

The crisis has increased the use of remote access tools, including by suppliers. This poses major security problems. What should be done?

Remote maintenance has become fundamental. However, industrial organizations must have total control over access to their production environment, otherwise they are simply “giving the keys” to their most sensitive operations to their subcontractors. It is therefore necessary, among others, to use tools that monitor, audit and control the connections of remote access tools; to verify that these tools are themselves updated, for example by using vulnerability databases such as B&R Vulnerability or mB Connect Vulnerability; to continue to ensure the cybersecurity quality of subcontractors, in particular by remembering that a supplier without known vulnerabilities is not necessarily secure – and that the machines of a third party … may sometimes contain elements of a fourth!

What factors would make it possible to finally solve the above-mentioned problem of speed and maturity of the OT environment?

Senior executives in industrial companies need to understand that they are risking legal liability for the damage caused by cyber attacks, especially with regard to human security. A recent report from Gartner predicts that 75% of CEOs will be personally responsible for cyber-physical security incidents in 2024. This prediction has the potential to radically change the status of cybersecurity in OT environments. At the same time, operational managers should be able to provide comprehensive reports on security status to stakeholders, clearly highlighting the business impact of the risk. They will have to ensure that the risk posture does not become too expensive – or too complicated to manage.

The other side of the coin involves cybersecurity solution providers. They need to understand that trying to protect “OT” networks with “IT” tools will not work. Cybersecurity solutions for OT must be developed with industrial engineers and operational managers in mind.

Is a shift in posture also needed?

Yes, there is a need to move from a reactive approach, where you try to detect the threat once it is in the systems – to a proactive approach. Because once the threat is already there, in the industrial environment, it is already “game over” and the costs in terms of stopped production, as well as the high risk to human security, become too important and serious. Multiple actions are needed. In addition to what has already been mentioned on remote actions and on the key elements of preparation that are common to OT & IT environments, I would also mention the need to listen well and help teams of OT experts, who are in the best position to manage the situation on the production chain, simplifying cybersecurity management and providing clear remediation guides; or to automate surveillance as much as possible, as the industrial environment has become simply too complex for manual surveillance. This also includes the cyber risk assessment of OT networks, which should be continuous and automated as much as possible.

The United States seems to remain the primary target of ransomware attacks against industrial systems. What about Europe?

Our most recent research shows that ransomware attacks have mostly targeted major industrial centres – the United States, Germany, France, Japan and India (Author’s note: notice that these are western centres). The Persian Gulf states, as energy production hubs of the world economy, have also been targeted by industrial ransomware. We believe that this geographic targeting will continue in the years to come. However, we expect attacks on OT systems to become more serious if geopolitical tensions increase.

…and France?

France is the seventh largest economy in the world, the second in the European Union and one of the most important industrial centres on a global scale. In spite of this, the French industrial ecosystem does not always necessarily have an “early adopter” profile on industrial cybersecurity issues. This combination of factors may attract cybercriminals … In addition, the French industrial ecosystem is structured by very large global industrial groups with smaller suppliers. That makes France a market with fewer targets, but the impact of such attacks could be systemic. This concentration is true for many sectors, including automotive, defense and aerospace, energy, pharmaceuticals, chemicals and to a lesser extent, food. It is therefore no accident that the National Cybersecurity Agency of France (ANSSI) takes the threat seriously and is imposing increasingly drastic standards on certain areas.

Please contact Otorio.com the industrial cybersecurity company

Continue Reading

Press Release

Seoul City Transforms Transport System by Deploying V2X Systems Powered by Autotalks

Avatar photo

Published

on

Seoul City can now offer its citizens an advanced public transport system able to intelligently alert drivers of a pedestrian collision, school, and silver zones, as well as road and weather conditions warnings

Autotalks, a world leader in V2X (Vehicle-to-Everything) communication solutions, announced the completion of its role in the Seoul City C-ITS flagship deployment as part of the South Korean capital’s plan to establish a unique V2X and ADAS (Advanced Driver Assistance System) test platform supporting Autonomous Driving Level 4.

With Autotalks V2X systems installed across its bus fleet and infrastructure, Seoul City can now offer its citizens an advanced public transport system able to intelligently alert drivers of a pedestrian collision, school, and silver zones, as well as road and weather conditions warnings, among other alerts.

The V2X system, which is based on Autotalks’ chipset, was deployed in nearly 2,000 buses operating in Sangam Digital Media City (DMC) and along Seoul City’s expressways. The project was spearheaded and jointly funded by Seoul City and the South Korean Ministry of Land, Infrastructure, and Transport (MOLIT).

With thousands of systems deployed, the project in Seoul is one of the most extensive of any modern city, showing Korea’s commitment to take mobility in public transportation to the next level.

“Autotalks applauds Seoul City and MOLIT for advancing their vision of a smart and safe city,” said Ram Shallom, VP Business Development and Marketing in APAC at Autotalks. “By taking a bold move towards developing a modern city and placing their confidence in an innovative V2X OBU system, the city is setting the standard for others to follow. This move by Seoul City will be seen as a game-changer for those cities and regions still grappling with technology decisions, allowing their indecision to hamper the future of mobility.”

About Autotalks

Autotalks (www.auto-talks.com) is a V2X chipset market pioneer and leader, which helps reduce collisions on roadways and improve mobility with its automotive qualified chipsets. The company’s chipsets offer the most advanced, truly secure, and highest performing global V2X communication solution designed for autonomous vehicles. Autotalks’ advanced technology, to be mass deployed in the coming years, complements the information coming from other sensors, specifically in non-line-of-sight scenarios, rough weather, or poor lighting conditions. It significantly improves overall road safety, effectively coordinating vehicles, self-driving cars, motorcyclists, and pedestrians.

Continue Reading

Press Release

Perineal Massage Made Easy with new Perimom Device

Avatar photo

Published

on

September 2021 planned launch for the Perimom Perineal Massager, designed to condition the perineum for childbirth

Queens, New York – A new innovation – the Perimom Perineal Massager – is to offer expectant mothers a new-easy-to-use, simplified approach to how perineal massage is performed today.

Perimom, created by a midwife and doula, is designed to empower moms-to-be to do perineal massage entirely on their own, whenever they want, and to start conditioning their perineum for childbirth within minutes.

The medical device, which the FDA has cleared, will be launched in the U.S. starting in September 2021.

About the Perimom Perineal Massager

Perimom lets any pregnant woman reach around the baby bump without having to be ultra-flexible and without having to ask a partner to help. It offers her the peace of mind that she is doing her best to prepare for childbirth.

The Perimom has an ergonomic design, allowing you to bypass the bump easily; it has a smooth tip for less friction and easier massage and has a dedicated oil channel to reduce spills.

The easy-to-use device can be ready in minutes. Massage oil is poured into a specially designed channel to reach the perineum with less mess and then massaging the perineum can begin. Once finished, Perimom is washed in soapy water, dried and stored until the next time. It’s that easy.

About Perineal Massage

Perineal massage during the late stage of pregnancy has been used for generations to prepare the perineum for delivery. It loosens the tight perineal muscles, which softens and flexes the birth canal.

Healthcare organizations recommend perineal massage. Many studies have shown that it successfully reduces perineal trauma during birth and can even allow you to recover faster, with less pain.

The Perimom story
The Perimom Perineal Massager was created by Vered Dalal, a midwife and doula, who saw the benefits of doing perineal massage in the weeks leading up to childbirth. After being involved in more than 20,000 births over 25 years, she noticed that women who did the massage had better outcomes than those who did not.

Often, women would tell her they wanted to do it but couldn’t: They were not flexible enough to reach their perineum on their own. And, even if they had a partner, it was often awkward and embarrassing to ask for their help. So, she came up with the idea for the Perimom Perineal Massager and the journey to make perineal massage accessible to women began.

For more information about Perimom:
contact@perimom.com
Website: https://www.perimom.com/

Continue Reading

Photography

Phase One Introduces Next-Generation Aerial Systems

Welcome to the future of aerial technology! Phase One is thrilled to unveil its latest creation – next-generation aerial systems that are set to revolutionize industries across the board. Whether you’re an avid photographer, a surveyor in need of accurate data, or simply someone fascinated by cutting-edge innovation, our new range of aerial systems will leave you awe-inspired. Get ready to soar through the skies with us as we dive into what makes these groundbreaking devices so extraordinary. Join us on this exhilarating journey as we explore the endless possibilities that await us in this exciting new era of airborne exploration and capture.

Avatar photo

Published

on

PAS 280 & PAS 150
Faster, More Productive Image Capture

COPENHAGEN, 13 April 2021 – Phase One, a developer of digital imaging technologies, has
introduced its next-generation Phase One Aerial Systems (PAS). Among its many enhancements,
PAS is now supported by the new iX Controller series which incorporates an Applanix GNSSInertial unit, making airborne mapping more efficient with the possible use of direct
georeferencing.
Designed for increased productivity in shorter flight time, the PAS 280MP is setting new
standards in RGB large-format aerial imaging in terms of image quality and return on
investment. The high image capture rate of 2fps and 20,000-pixel swath combined with
advanced blur control motion compensation technology ensures sharp image collection at high
flight speeds. The system’s high dynamic range and improved light sensitivity mean more flight
hours per day and year.
In addition, the PAS 280MP is light and compact, allowing it to be easily installed in a wide
range of aircraft. The large-format aerial systems offer an optional 4-Band configuration for
simultaneous RGB color and near-infrared (NIR) image collection used in agriculture, forestry,
and vegetation mapping applications. The PAS 150MP provides the same accuracy and
versatility at 150MP resolution.
“We are proud to introduce our next-generation PAS with the addition of AP+, the latest GNSS
technology from Applanix, enabling direct georeferencing without the use of ground control
points – a major cost saver. The complete integration with the iX Controller, enables our
geospatial clients to complete their aerial mapping projects faster and more efficiently,” said Dov
Kalinski, VP of Geospatial Business.
The PAS 280MP and 150MP are delivered fully integrated with the new iX Controller MK5,
serving as a computerized command center onboard the aircraft, supporting a variety of accuracy
levels.

About Phase One
Phase One A/S is a leading researcher, developer and manufacturer of medium format and large
format digital cameras and imaging Systems.
Founded in 1993, Phase One is a pioneer of digital photography. Phase One has developed core
imaging technologies and a range of digital cameras and imaging modules, providing the world’s
highest image quality in terms of resolution, dynamic range, color fidelity and geometric
accuracy. As such, Phase One has grown to become the leading provider of high-end imaging
technology across many demanding business segments, such as aerial mapping, industrial
inspection and cultural heritage digitization, as well as serving the world’s most demanding
photographers.
Based in Copenhagen, Denmark, and with regional offices in New York, Denver, Cologne, Tel
Aviv, Tokyo, Beijing, Shanghai and Hong Kong, Phase One nurtures long-term relationships
with customers, technology partners and its global network of distributors, often playing the role
of digital imaging partner to customers with special requirements. It is with this passion for
service that Phase One continually exceeds expectations and drives the imaging industry
forward.
Learn more at https://geospatial.phaseone.com

Continue Reading

Trending