Unfettered Blog

May 21, 2024

Cybersecurity is being addressed but without adequate safety engineering to account for unexpected system interactions

Unfettered Blog

The 2024 RSA Cybersecurity Conference: What wasn’t addressed can hurt you

Joe Weiss

May 17, 2024

Was the real scope of control system cyber incidents properly addressed?

Unfettered Blog

The origin of 'The original ICS/SCADA system cybersecurity conference'

Joe Weiss

April 30, 2024

The ICS Cybersecurity Conference started in 2002 as a cybersecurity conference for the control system engineers

Unfettered Blog

Guardians of critical infrastructure: Where are the control systems?

Joe Weiss

April 25, 2024

Infragard will be holding a session “Cyber Defenders: Guardians of Critical Infrastructure”, but there are critical issues with seminar’s agenda

Unfettered Blog

Could the Dali container ship incident have been a control system cyberattack?

Joe Weiss

April 10, 2024

Improving the security, safety and resilience of U.S. commercial shipping vessels and maritime infrastructure

Unfettered Blog

Exploiting remote access: The ultimate living off the land attack

Joe Weiss

March 20, 2024

Remote access can be a double-edged sword providing needed reliability improvement but also a potential vehicle for LOTL attacks

Unfettered Blog

The U.S. electric industry is not responding to cyber-vulnerable Chinese equipment

Joe Weiss

Feb. 29, 2024

The utility sector continues to ignore the cyber threat from Chinese equipment

Unfettered Blog

False process sensor data can be catastrophic but are not adequately addressed

Joe Weiss

Feb. 6, 2024

Although process sensors are the eyes and ears of industrial processes, they are often not included in cybersecurity programs

Unfettered Blog

Why is CISA not addressing the PLCs in the Unitronics PLC attack?

Joe Weiss

Dec. 13, 2023

The IRGC attack could be wider spread, as Unitronics PLCs may be rebranded and appear as different manufacturers and companies

Unfettered Blog

CISA’s response to Iran hacking control systems in US critical infrastructures is inadequate

Joe Weiss

Dec. 4, 2023

The U.S. is in an undeclared cyber war with Iran, including Iran cyberattacking U.S. control systems and IT networks

Unfettered Blog

OTORIO webinar on proactive measures to enhance cybersecurity ROI in OT/ICS environments

Joe Weiss

Nov. 29, 2023

Proactive measures to enhance cybersecurity in OT/ICS environments, emphasizing tangible ROI and aligning these efforts with broader business goals

Unfettered Blog

Iran hacks US water system: Observation and implications of a terrorist attack on US soil

Joe Weiss

Nov. 27, 2023

An Iranian-backed cyber group recently launched an attack on the Municipal Water Authority of Aliquippa, Pennsylvania

Unfettered Blog

Cyber-related rail incidents have killed more than 490 people

Joe Weiss

Nov. 15, 2023

The government and industry cybersecurity guidelines have often failed to address the control system cyber issues that have resulted in catastrophic control system cyber rail ...

Unfettered Blog

Forecasting where a hacker will go once inside an OT network

Joe Weiss

Nov. 2, 2023

Work is ongoing in identifying cyber threats, vulnerabilities and locating hacker penetration in electric utility and other OT networks

Unfettered Blog

ISA MLM-38A ‘Identifying Control System Cyber Incidents’ has been issued

Joe Weiss

Oct. 18, 2023

The International Society of Automation (ISA) ISA99, Industrial Automation and Control Systems Security has approved MLM 38A, “Identifying Control System Cyber Incidents”–why ...

Unfettered Blog

Secure-by-design is not the same as safe-by-design – and people are being hurt

The 2024 RSA Cybersecurity Conference: What wasn’t addressed can hurt you

The origin of 'The original ICS/SCADA system cybersecurity conference'

Guardians of critical infrastructure: Where are the control systems?

Could the Dali container ship incident have been a control system cyberattack?

Exploiting remote access: The ultimate living off the land attack

The U.S. electric industry is not responding to cyber-vulnerable Chinese equipment

False process sensor data can be catastrophic but are not adequately addressed

Why is CISA not addressing the PLCs in the Unitronics PLC attack?

CISA’s response to Iran hacking control systems in US critical infrastructures is inadequate

OTORIO webinar on proactive measures to enhance cybersecurity ROI in OT/ICS environments

Iran hacks US water system: Observation and implications of a terrorist attack on US soil

Cyber-related rail incidents have killed more than 490 people

Forecasting where a hacker will go once inside an OT network

ISA MLM-38A ‘Identifying Control System Cyber Incidents’ has been issued