iT4iNT SERVER Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid http://dlvr.it/TQchFm VDS VPS Cloud
Text
Rockwell Automation Launches SecureOT Suite for Enhanced Industrial Cybersecurity
Rockwell Automation has rolled out SecureOT, a comprehensive industrial-cybersecurity suite designed specifically for operational-technology (OT) environments. The offering combines the SecureOT Platform, professional services and managed security from a dedicated OT SOC/NOC, delivering real-time asset visibility, risk prioritisation, vulnerability management and continuous 24/7 monitoring to safeguard complex manufacturing and critical-infrastructure systems.
Text
Hacktivists Target Critical Infrastructure — But Hit a Decoy Instead
In a striking example of cyber deception done right, a pro-Russian hacktivist group known as TwoNet thought they had successfully breached a water treatment facility—only to find out later that their “victory” took place inside a honeypot built by cybersecurity researchers.
Within just 26 hours, the attackers moved from initial access to full-blown disruption attempts, giving experts an unprecedented look at how fast hacktivists are evolving from simple DDoS tactics to operational technology (OT) and industrial control system (ICS) intrusions.
From DDoS to Disruption
TwoNet emerged as one of many pro-Russian hacktivist collectives focused on DDoS attacks against Western entities supporting Ukraine. But according to new findings from Forescout, the group has taken a sharp turn toward targeting critical infrastructure.
In September, TwoNet claimed to have compromised a water treatment plant—unaware that the system they breached was a decoy facility operated by threat researchers. The trap was designed to mimic real-world OT environments to observe adversarial tactics in a safe, controlled setting.
Inside the Attack
Forescout’s monitoring revealed that at 8:22 AM, the attackers gained access using default credentials—a reminder of how dangerous weak authentication remains. Over the next several hours, they attempted to enumerate the system’s databases and eventually succeeded after refining their SQL queries.
The attackers created a new user account named “Barlati” and exploited a cross-site scripting (XSS) vulnerability (CVE-2021-26829) to display a message on the Human Machine Interface (HMI) reading “Hacked by Barlati.”
But the intrusion didn’t stop there. TwoNet disabled real-time updates by removing programmable logic controllers (PLCs) from the data source list and manipulated PLC setpoints—actions that, in a real-world scenario, could disrupt physical operations like water flow or chemical balance.
Forescout noted that the attackers did not escalate privileges or compromise the host operating system, focusing entirely on the web application layer. Their final login occurred the next morning at 11:19 AM.
A Broader Campaign
Beyond this honeypot incident, TwoNet has reportedly expanded its operations to target HMI and SCADA systems in what they call “enemy countries.” The group has shared sensitive information on intelligence and police personnel, and even offered cybercrime services—from ransomware-as-a-service (RaaS) to initial access sales for SCADA systems in Europe.
Forescout researchers observed that TwoNet’s evolution reflects a wider trend: hacktivist collectives are shifting from digital vandalism and DDoS toward ICS-focused operations that can cause real-world disruption.
Defense Through Deception and Prevention
While this incident ended safely thanks to the decoy environment, the lessons are serious. To defend against similar intrusions, Forescout advises critical infrastructure operators to:
• Strengthen authentication — Disable or replace default credentials immediately.
• Restrict public exposure — Keep OT systems off the open internet.
• Segment networks — Separate production and corporate networks with strict IP-based access controls.
• Deploy protocol-aware monitoring — Use tools that can detect unauthorized configuration changes or exploitation attempts.
The Takeaway
TwoNet’s failed strike on a fake facility underscores a larger reality: the line between hacktivism and cyberwarfare is blurring. What began as protest-driven cyberattacks are now veering into territory that can endanger lives and infrastructure.
As the digital and physical worlds continue to merge, defenders must think not just in terms of data protection—but process integrity, deception, and resilience.
Text
Rockwell fixes major security holes in factory systems
Critical bugs in Rockwell’s FactoryTalk, Micro800, and ControlLogix platforms could let attackers seize control of industrial systems—prompting fresh advisories from both Rockwell and CISA.
Source: SecurityWeek | CISA
Read more: CyberSecBrief
Text
🔐 Andres Prieto Anton: Guarding the Future of Critical Infrastructure ⚙️🌍
What happens when cybersecurity expertise meets industrial innovation? You get leaders like Andres Prieto, redefining how we protect OT (Operational Technology) and Industrial Control Systems (ICS). 💡💻
From traditional IT roots to becoming a specialist in OT security, Andres bridges the complex world of real-time operations with next-gen cyber defense. His mission? To secure what matters most—from energy grids to factory floors—with people-first, risk-aware strategies. 🏭⚠️
🔹 Championing AI-driven threat detection
🔹 Advocating for tailored training for OT personnel
🔹 Leading with proactive, not reactive cybersecurity
🔹 Promoting cross-functional collaboration between IT & OT
His advice for aspiring professionals?
✅ Learn both IT & OT fundamentals
✅ Build trust across disciplines
✅ Stay curious, stay committed
✅ Balance innovation with empathy
🙌 As Andres says: “Cybersecurity is about more than systems—it’s about people, purpose, and progress.”
👉 Explore more about:- https://www.allaroundworlds.com/journey-of-andres-prieto-anton/
Text
OT/Industrial Control Systems (ICS) Security protects critical infrastructure by safeguarding industrial networks, SCADA systems, and operational technology from cyber threats. It ensures system integrity, prevents disruptions, and mitigates risks in manufacturing, energy, and utilities.
Text
Key Security Measures for Protecting OT/ Industrial Control System (ICS) Security
The security of our essential infrastructure has never been more important. At the heart of this worry is a critical question: what is ICS security? Industrial Control System (ICS) security is the first line of defense for the systems that control our electricity grids, water treatment facilities, manufacturing units, and other critical industrial operations. As cyber threats emerge and attack these essential systems with increasing complexity, understanding ICS security has become significant for corporations, governments, and security professionals.
All industrial sectors use technology and automation technologies to increase productivity and ROI on processes. Industrial Control Systems (ICS) are critical for automating and controlling manufacturing, production, and data-collecting processes. However, as digital complexity increases, industrial control systems present a variety of security issues. In this blog, we will discuss what OT/industrial control systems are, the security measures for ICS, and market insights into growing cyber threats.
What is OT/Industrial Control Systems (ICS) Security?
QKS Group defines an OT/Industrial Control Systems (ICS) Security as the protection of operational technology (OT) systems that monitor critical infrastructure and industrial processes. That includes protecting systems that provide energy, water, manufacturing, and more. These systems process sensor data from across industrial enterprises, enabling alerting and management of processes. ICS usually refers to systems that manage and operate infrastructure-supporting functions like water, power, transportation, manufacturing, and other critical services. With the increased digitization of nearly all aspects of commercial and public business, these systems often depend on software, computers, endpoints, and networks—all of which must be secured for the safety of the system, the people operating it, and those it serves.
Security Measures for OT/Industrial Control System (ICS) Security
Each industrial sector is unique and must leverage specialized ICS security requirements. In this technology-driven era where automation is the key to seamless progress, industries must implement ICS security measures to protect the entire system. According to QKS Group’s “Market Share: OT/Industrial Control Systems (ICS) Security, 2023, Worldwide” and “Market Forecast: OT/Industrial Control Systems (ICS) Security, 2024-2028, Worldwide” reports Let’s explore the security measures industries need for enhanced security.
- Establish an incident response plan: Most companies consider how to respond once an incident occurs. That leaves the architecture, systems configuration, and activity logs misaligned. Thus, organizations should create incident response plans to identify how to manage and recover from any incident.
- Enable network visibility and continuous monitoring: Formerly effective industrial technology and control automation systems may eventually fail. As a result, enterprises should constantly test their network and Industry Control Systems design by employing security visibility techniques.
- Implement a vulnerability management program: Vulnerabilities in industrial systems and IoT devices can pose serious risks to the enterprise. Organizations should develop risk management strategies by repairing patches and filling holes in the various elements of the ICS.
- Enforce ICS security policies: If companies properly implement industry security measures, that will work great for all industries. Security professionals should lay out a plan to evaluate, obey, and execute multiple best practices. Operations, security professionals, and management should work together to implement the policies.
- Implement the principle of least privilege: The least privileged access limits user access rights. It provides the bare minimum privileges and ownership required to perform any task.
- Secure all remote access: Many staff and operational team members want remote access to operate ICS assets across geographical locations. ICS systems should have strong authentication procedures, such as a robust encryption protocol that avoids unwanted remote access.
Market Insights: Rising Demand for OT/ICS Security Amid Growing Cyber Threats
The OT/ICS security market is forecast to expand rapidly by 2028, compelled by the growing need to protect key infrastructure and industrial processes from sophisticated cyber-attacks. This growth has been fuelled by heightened awareness among multinational corporations, utility companies, and manufacturing sectors about cybersecurity resilience and compliance with stringent regulations.
Using sophisticated technologies like machine learning (ML), artificial intelligence (AI), and advanced encryption methods in OT/ICS security systems improves threat identification, incident response, and secure remote access. Regions with above-average adoption rates include the United States, Canada, and Japan, while Western Europe and the Asia-Pacific region are also investing heavily in cybersecurity measures.
Industries in these areas emphasize deploying advanced security solutions to protect against cyberattacks, assure operational continuity, and comply with regulatory requirements such as NIST, NERC CIP, and ISA/IEC 62443. This holistic approach to OT/ICS security emphasizes its vital role in ensuring industrial stability and resilience in an increasingly linked and digital environment.
The OT/Industrial Control Systems (ICS) Security market is growing rapidly, driven by the growing need to secure key infrastructure and industrial processes from increasingly sophisticated cyber-attacks. Companies plan to invest extensively in OT/ICS security solutions to maintain operational continuity, protect against cyber-attacks, and meet severe regulatory requirements.
Conclusion
As industrial processes become increasingly digitized, the need for robust OT/ICS security measures has never been greater. Protecting essential infrastructure from increasing cyber threats requires a combination of proactive security strategies, cutting-edge technologies, and compliance with industry regulations. With growing investments in cybersecurity and the adoption of AI, ML, and advanced encryption, businesses can strengthen their resilience against cyberattacks.
Text
OT/Industrial Control Systems (ICS) Security: Safeguarding Critical Infrastructure
Electricity, usually taken for granted, is the lifeblood of our modern world, powering daily life, economies, and industries. However, the complicated systems that generate, share, and circulate vital resources are vulnerable to various threats, from natural disasters to cyberattacks. Ensuring the power grid’s reliability, safety, and security is crucial.
A breach could disrupt day-to-day life and pose significant national security threats. By analyzing OT/ICS security, we will discuss the meaning of OT/Industrial Control Systems (ICS) Security, how it works & its importance that helps in enhancing the monitoring with ICS-specific IDS and Incident Response. We will carefully examine power systems’ risks and vulnerabilities and the severe consequences of compromised infrastructure.
What is OT/Industrial Control Systems (ICS) Security?
QKS Group defines an OT/Industrial Control Systems (ICS) Security as the protection of operational technology (OT) systems that monitor critical infrastructure and industrial processes. That includes protecting systems that provide energy, water, manufacturing, and more. These systems process sensor data from across industrial enterprises, enabling alerting and management of processes. ICS usually refers to systems that manage and operate infrastructure-supporting functions like water, power, transportation, manufacturing, and other critical services. With the increased digitizat ion of nearly all aspects of commercial and public business, these systems often depend on software, computers, endpoints, and networks—all of which must be secured for the safety of the system, the people operating it, and those it serves.
How Industrial Control System Security Works?
ICS security prioritizes the operation of machinery by ensuring the processes that support it are well-protected from cyber threats. The emphasis is on incident prevention, but in some cases, when worker’s or the public’s safety is at risk following an occurrence, employees may be able to dial an ICS security number for rapid help.
ICS security also ensures that ICS administration is efficient. This may entail providing complete insight into the functioning of machines on the factory floor from a control room or center via a series of dashboards that display crucial information.
Why ICS Security Is Critical to Organization Operations?
What does ICS security mean in terms of guaranteeing the safety of people and systems? In some ways, industrial control system security is more vital than traditional cybersecurity. This is to ensure the physical safety of those working with and benefiting from the systems it safeguards.
If the security of your industrial control systems is inadequate, ordinary folks may lose access to critical services. Employees who operate the systems may also suffer fatal injuries if industrial machinery fails.
Because ICS security encompasses safeguarding the components used in goods manufacturing, securing your infrastructure ensures that your operations run smoothly and efficiently.
Enhance Monitoring with ICS-Specific IDS and Incident Response
ICS-specific Intrusion Detection Systems (IDS) and Incident Response strategies are essential components in improving the security of ICS and OT. These strategies and methods are adapted to the specific context of ICS, where typical IT security controls may be insufficient.
ICS-specific IDS are intended to monitor network traffic and system behaviors in these contexts, identifying possible threats that would otherwise go undetected by standard IDS solutions.
Incident Response in an ICS context involves a structured approach to addressing and handling the aftermath of any detected security incident, seeking to limit damage and reduce recovery time and costs.
Enhanced monitoring with ICS-specific IDS combined with a well-prepared Incident Response strategy provides a dual layer of security by detecting risks early and preparing you to respond effectively when those threats emerge.
QKS Group’s “Market Share: OT/Industrial Control Systems (ICS) Security, 2023, Worldwide” and “Market Forecast: OT/Industrial Control Systems (ICS) Security, 2024-2028, Worldwide” reports assist in understanding the importance of protecting critical infrastructure and operational technology from cyber threats in industries such as manufacturing, power generation, and transportation.
OT/ICS security, which employs sophisticated technologies like Intrusion Detection Systems, anomaly detection, and secure remote access protocols, seeks to identify and neutralize cyber-attacks in real-time while assuring operational continuity and regulatory compliance. The strategic emphasis on OT/ICS security is motivated by the need to avoid interruptions, preserve productivity, and comply with severe cybersecurity requirements, eventually assuring the dependability and resilience of industrial processes against developing cyber hazards.
Conclusion
As industrial processes become more digitized, securing OT/ICS is essential for maintaining operational stability and national security. Effective Industrial Control System security measures, including advanced intrusion detection systems and incident response strategies, help prevent cyber threats and secure infrastructure resilience. Organizations must prioritize OT/ICS security to protect vital services, safeguard workers, and comply with growing cybersecurity regulations. By implementing proactive security measures, industries can ensure uninterrupted operations and long-term sustainability in an increasingly connected world.
Text
Scan Validation for MetaDefender Kiosk - Discover MetaDefender Media Firewall
In this video, we highlight OPSWAT’s MetaDefender Kiosk, Media Firewall, and Media Validation Agent to elevate cybersecurity in critical infrastructure environments. The MetaDefender Kiosk offers secure, controlled scanning of USB drives and portable storage devices before they enter protected zones, ensuring that only clean, validated media can access sensitive systems.
Text
Hapool Insurance Achieves Almost 100% Reduction in Email Threats with OPSWAT MetaDefender
Hapool Insurance faced increasing cybersecurity challenges as its outdated Content Disarm and Reconstruction (CDR) technology was not able to defend advanced threats like phishing, malware, and encrypted files.
Text
Detonator - The Endless Quest for the Perfect Sandbox
Detonator is the untold journey of Jan Miller and how his relentless pursuit of innovation transformed sandboxing technology from a security tool into a global standard.
Text
Purdue Model for OT Security
What is the Purdue model for OT Security?
The Purdue Enterprise Reference Architecture (PERA) identifies the different tiers of vital infrastructure utilized in manufacturing lines, as well as how to safeguard them. If implemented correctly, PERA could achieve the air gap between OT and IT systems. The Purdue model was adopted from the Purdue Enterprise Reference Architecture model by ISA-99. This model provided a framework for segmenting industrial control system networks from corporate enterprise networks and the internet. It’s segmented into separate levels.
Level 5 – Enterprise Network
This level’s systems are typically corporate-wide and span many locations or factories. They collect data from subordinate systems in specific plants and combine it with other information. The majority of these systems are housed in corporate data centers. Plant production schedules, material usage, shipping, and inventory levels are all controlled by ERP systems present in this level.
Level 4 – Site Business Planning and Logistics
All the IT systems that support the production process in a facility are present here. Web servers, file servers, print servers, business workstations, email clients are a few of the types of systems found in this level. Active Directory networks are also implemented in this level. These systems send production information to corporate systems, such as uptime and units produced, and they collect orders and business data from corporate systems to disseminate to OT and ICS systems.
Read complete blog - https://redfoxsec.com/blog/purdue-model-for-ot-security/