Breaking Down the IDC Top 10 IoT Predictions for 2017

January 24, 2017


A new IDC FutureScape offers top 10 predictions for the Worldwide IoT in 2017.  The research evaluates 10 emerging trends and ranks them in terms of their likely impact across the enterprise and the time it will take each prediction to go mainstream (meaning the middle of bellcurve of adoption). 

We took a close look and found that the list provides an excellent starting point for enterprises – particular industrials - that are steadily getting pulled toward the Industrial Internet and need to learn more.  Let’s break it down.

Read More

Hacking Too Close to Home: Why the Vermont Electric Grid “Laptop” Malware Matters

January 02, 2017

The recent political furor over state sponsored hacking took an ugly and dangerous turn, on the morning of December 30th when a tiny Vermont electric utility reported that Grizzly Steppe – the spear-fishing process used to access DNC emails – had been found on one of their systems.

Vermont Governor, Peter Shumlin issued a statement accusing Vladimir Putin of attempting to hack Vermont’s electrical grid, and many others follow suit.

And there appears to be a good chance that the malicious code found on a Burlington Electric laptop is evidence of a state sponsored cyberattack.

Read More

ICS-CERT Alert Addresses New Malware Attacks on Industrial Controls Systems

October 29, 2014


Bayshore Blog Post

by Francis Cianfrocca, Founder & CEO Bayshore Networks

October 29, 2014

Yesterday, ICS-CERT issued an alert regarding an "Ongoing Sophisticated Malware Campaign Compromising ICS."

The attacks described in the advisory are of an extremely worrisome kind. It's commonplace for industrial control-system software to be deployed on Windows machines (servers and workstations), and this won't change soon because these software products are very slow to evolve. Typically, workstations that run control software are dual-homed (one leg in the machine network and one on the IT side), but without very careful controls, even this defense model is easily defeated by advanced malware.

The old saw is still true: the most dangerous threats are the ones carried in data streams themselves. Even the most effective firewalling and malware detection schemes will miss many attacks.

The defense-in-depth techniques recommended by CERT and others are an essential first step. But the real answer is to combine them with content-aware policy enforcement systems that can actually filter unsafe control signals right out of the machine-level traffic.

Read More

Categories