Security Breach

Security Breach

A weekly discussion of new developments and the latest cybersecurity threats, including ransomware, malware, phishing schemes, DDoS attacks and more, facing the U.S. industrial sector.

Episodes

September 20, 2022 21 min

Today we’re going to discuss an evolving vulnerability in the industrial sector – the security of cloud data and networks. We’re obviously talking about the use of IT infrastructure that’s not physically located within the plant or facility. 

It’s a platform that is continuing to see an uptick in use. In fact, Netwrix, a leading cloud network security solutions provider, recently cited in their latest Cloud Data Security Report, tha...

Share
Mark as Played

When discussing the industrial sector’s threat landscape, we often detail events that result from vulnerabilities discovered by hackers probing for soft spots within an organization’s networks, connected infrastructure or data storage centers.

However, taking a look at Nuspire’s latest Threat Landscape Report reiterates the need for manufacturers to keep their defenses up even when working with documents, files or websites that woul...

Share
Mark as Played

When the Eastern European hacker group DarkSide shut down the Colonial Pipeline in May of 2021, the ramifications were felt across numerous landscapes.

In addition to impacting air travel and triggering panic over gasoline availability, the six-day interruption of fuel to much of the Eastern United States led to one of the highest profile ransomware payments in recent history.

Although law enforcement was able to track down and recov...

Share
Mark as Played

Tenable recently released their Ransomware Ecosystem white paper. So we sat down with Satnam Narang, a research engineer focused on security response at the company, to discuss some its findings, including:

  • The FBI estimates that between 2013 and 2019, ransomware groups collectively earned over $144 million. That number skyrocketed in in 2020 with these groups reportedly raking in $692 million collectively.
  • According to U.S. governme...
  • Share
    Mark as Played
    July 19, 2022 18 min

    A great deal of cybersecurity attention, and rightfully so, is paid to the role of defending against and responding to outside attackers. However, just as important to establishing and reinforcing cyber plans is ensuring that internal vulnerabilities are not created or made easier to detect through systems, networks and new technologies that are introduced to the industrial infrastructure, albeit with the best of intentions.

    However...

    Share
    Mark as Played

    What else can we say as it relates to the industrial sector and the cybersecurity threats that continue to present themselves, other than – the battle wages on.

    The value of the sector’s IP, the plethora of personal information and the vital need to maintain uptime makes manufacturing a favorite target of hackers. And as those in the financial and healthcare markets know all too well, recognition of the threat only seems to spur the...

    Share
    Mark as Played

    The rise in ransomware attacks throughout the industrial sector has led to a surge in another, related activity – the purchasing of cyber insurance to help soften the blow of these attacks.

    But today’s guest emphasizes that beyond just insurance to cover the costs of these intrusions, the manufacturing sector needs to implement more proactive strategies that encompass prevention and recovery.

    I’m pleased to welcome Allen Jenkins, VP ...

    Share
    Mark as Played

    JBS Foods is a $30B meat processor that most people didn’t know about until they paid ransomware attackers REvil $11M last June in order to get plants in the U.S. and Brazil up and running, and prevent what is believed to be up to 5 TB of data from being leaked.

    According to SecurityScorecard.com, the hackers obtained leaked credentials from employees in Australia and began probing the company’s network and extracting data three mon...

    Share
    Mark as Played

    There were a lot of trends emanating from the mid-1980s that thankfully died out over time, but one of them has not only persisted, but thrived. Although there were numerous samples of malware impacting early computer networks, the one that captured both headlines and the admiration of cyber criminals was the PC-Write Trojan virus. 

    Iterations would follow, with perhaps the best known example of industrial malware – Stuxnet – being ...

    Share
    Mark as Played

    The surge in cyberattacks experienced by the industrial sector has been credited to a number of issues ranging from outdated security software to lagging protocols surrounding data access and storage. But, according to today’s guest, one of the main reasons we’ve seen an uptick in these attacks could simply be because they’re more profitable.


    Joel Burleson Davis is the CTO of SecureLink – a leading provider of secure access manageme...

    Share
    Mark as Played
    May 17, 2022 18 min

    You’ve probably heard a number of reports citing ransomware as the leading attack strategy within the industrial sector. In some instances, it’s been reported that ransomware groups are focusing as much as 70 percent of their activity on manufacturing enterprises. 

    In one report from ICS security specialist Dragos, it was reported that 65 percent of all attacks thrown at the industrial sector were of the ransomware variety. And acco...

    Share
    Mark as Played

    The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. 

    Just as you continue to develop new strategies to respond to hacks and protect you digital presence, the...

    Share
    Mark as Played

    The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. 

    Just as you continue to develop new strategies to respond to hacks and protect you digital presence, the...

    Share
    Mark as Played
    May 16, 2022 13 min

    While rogue individuals with an agenda and advanced cybersecurity skills are still prevalent, most headline-grabbing hacks are now originating from well-organized, highly talented groups or organizations. Not only does this dynamic provide access to a greater pool of talent, but it makes stopping a multi-faceted attack more difficult.

    One of the most notorious of these cyber terrorist groups is BlackByte. The Ransomware-as-a-service...

    Share
    Mark as Played

    Whether it's the infamous Colonial Pipeline ransomware attack last summer, or an ongoing number of water treatment facility hacks, there’s no doubt that infrastructure facilities have become a favorite target of cyber criminals.

    In fact, according to a recent report from Skybox Security, the first half of 2021 saw a 46% year-over-year increase in new OT vulnerabilities within organizations charged with running and maintaining ke...

    Share
    Mark as Played

    In this episode we welcome Theo Zafirakos, the Chief Information Security Officer at Terranova Security, to discuss is company's recently report indicating that the success of phishing schemes continues to escalate. Their findings include data showing that:

  • Nearly one in every five end users (19.8 percent) who received a phishing simulation email clicked on the initial message’s phishing link. 
  • 14.4 percent of all end users faile...
  • Share
    Mark as Played

    Regardless of the report, survey or research, all data related to industrial cybersecurity makes one thing very clear – the last two years have presented a dangerous uptick in the number of cybersecurity attacks, and the severity of them.

    So, if knowing is half the battle, the other half is identifying tools to help accomplish the mission. With this in mind, we welcome David Nosibor, Platform Solutions Leads at UL – the well-known l...

    Share
    Mark as Played

    If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.

    Well, that’s what we have with this episode. I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streamin...

    Share
    Mark as Played
    May 16, 2022 17 min

    If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.

    I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streaming subscription service devoted to providing c...

    Share
    Mark as Played

    In this episode of Security Breach, we're joined by Brian Vecci, the Field CTO of Varonis,  - a leading provider of cyber threat detection and response compliance software.

    Varonis recently published their 2021 Manufacturing Data Risk Report, which offered analysis on threats, trends and potential solutions for a number of market sectors – including manufacturing. Included in their findings was that manufacturing was the fifth m...

    Share
    Mark as Played

    Popular Podcasts

      Serial is a podcast from Serial Productions, a New York Times company, hosted by Sarah Koenig. Serial unfolds one story - a true story - over the course of a whole season. The show follows the plot and characters wherever they lead, through many surprising twists and turns. Sarah won't know what happens at the end of the story until she gets there, not long before you get there with her. Each week she'll bring you the latest chapter, so it's important to listen in, starting with Episode 1. New episodes are released on Thursday mornings.

      Crime Junkie

      If you can never get enough true crime... Congratulations, you’ve found your people.

      Morbid

      It’s a lighthearted nightmare in here, weirdos! Morbid is a true crime, creepy history and all things spooky podcast hosted by an autopsy technician and a hairstylist. Join us for a heavy dose of research with a dash of comedy thrown in for flavor.

      The Official Game of Thrones Podcast: House of the Dragon

      Welcome to the Official Game of Thrones Podcast: House of the Dragon produced by HBO Max and iHeartRadio. This show is the go-to audio destination to unpack and discuss everything Game of Thrones for casual and die-hard fans alike, starting with the new HBO Original series, House of the Dragon. Join our hosts Jason Concepcion (X-Ray Vision) and Greta Johnsen (WBEZ's Nerdette podcast) every week as they share insights, fan questions, exclusive interviews with the cast and crew, and a whole lot of thoughts and opinions. It’s the only podcast with the inside scoop on all things Game of Thrones. It is also produced in association with Crooked Media.

      Dateline NBC

      Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    Advertise With Us

    For You

      Music, radio and podcasts, all free. Listen online or download the iHeart App.

      Connect

      © 2022 iHeartMedia, Inc.