Created with Sketch.
Aperture: A Claroty Podcast
40 minutes | Jan 12, 2022
Tom VanNorman on OT Cybersecurity Skills Gap
ICS Village cofounder Tom VanNorman joins the Aperture podcast to discuss the recently announced Cybersecurity & Industrial Infrastructure Security Apprenticeship Program that aims to improve cybersecurity knowledge within operational technology. ICS Village is part of a consortium behind this apprenticeship program along with Siemens Energy, SANS Institute, and a number of academic institutions. The aim is to integrate academic classes, training, and real-world job rotations at leading industrial companies. Tom also discusses the next iteration of ICS Village at the upcoming RSA Conference in June.
39 minutes | Nov 28, 2021
Claroty, JFrog on Fuzzing BusyBox
Claroty researcher Vera Mens and JFrog researcher Shachar Menashe join the podcast to discuss a recent research collaboration between the two companies that looked at the security of BusyBox. Busybox is a popular embedded Linux utility suite, and is found everywhere in operational technology, including in devices such as PLCs, HMIs, and RTUs.The researchers published a paper that describes 14 vulnerabilities uncovered in BusyBox—all of which were patched—and the custom fuzzing harnesses used to trigger the bugs. The harnesses were released to open source by Claroty and can be found on GitHub.
36 minutes | Nov 15, 2021
ZDI's Dustin Childs on Pwn2Own Miami
Dustin Childs of the Zero Day Initiative (ZDI) joins Claroty's Aperture podcast to discuss the upcoming Pwn2Own Miami hacking contest. This is the only hacking contest focused on finding zero-day vulnerabilities in industrial control systems (ICS) and operational technology (OT), and it will be held during the S4 conference in January. Childs is a veteran of the security industry and Pwn2Own, which is 16 years old. Pwn2Own Miami will be the second such event with an ICS focus. Researchers will compete for a prize pool over more than $300,000; four technology categories are in scope at this year's event: control servers, OPC servers, data gateways, and HMIs. Childs explains Pwn2Own Miami's hybrid approach that will allow competitors to enter either virtually or on-site, how Pwn2Own works, and what the disclosure process is like with affected vendors once a zero-day is demonstrated.
42 minutes | Nov 10, 2021
Exploring and Navigating OT for CISOs
Splunk OT security strategist Chris Duffey and Global Advisory CISO Doug Brush join Claroty's Aperture podcast to discuss how CISOs can and must navigate the world of industrial control system (ICS) and operational technology cybersecurity. Digital transformation and convergence have forced IT and OT under the same umbrella for many industrial enterprises and critical infrastructure. For many CISOs, managing OT cybersecurity is a whole new world of risk management strategies, technologies, and vendors. Duffey and Brush explain some of the success stories they've experienced with CISOs who have had to close knowledge, technology, and experience gaps in order to meet OT security challenges head-on. There are numerous considerations from both an operational and strategic point of view, and Duffey and Brush share their experiences.
39 minutes | Oct 27, 2021
Gary E. Miller on the GPSD Bug
Gary E. Miller, principal maintainer of GPSD, joins the Aperture Podcast to discuss a bug in this service that potentially could have caused some disruptions on devices that rely on global positioning systems for precise time-keeping. GPSD is a service daemon that extracts time information from GPS appliances. GPSD can be found in anything from mobile phones, to submarine navigation systems, and satellites. There are also industrial applications that reply on GPS for timing, including flow meters in pipelines, for example. A bug was discovered earlier this year in the GPSD code that could have rolled back time on GPS-reliant devices starting Oct. 24 to March 2002. Such an event could have affected data integrity with systems dependent on timestamps, for example. Some sensors transmit data regularly and are part of larger systems that take actions based on sensor readings. Miller explains how GPSD works, the intricacies of the bug, and why there haven't been incidents related to the bug since Oct. 24.
40 minutes | Sep 28, 2021
Top 20 Secure PLC Coding Practices List
Martin Scheu and Dirk Rotermund of the Top 20 Secure PLC Coding Practices project join Claroty's Aperture podcast to discuss how engineers can integrate secure coding practices into PLC programming. The group's list of secure coding practices was released earlier this year and is available as a free download. It’s a 44-page document that includes not only the list of secure coding practices, but also detailed guidance for each, and where they map to on certain frameworks such as MITRE ATT&CK. In this discussion, you'll learn more about how this project came together, the current state of PLC security by design, where current cybersecurity gaps exist, and how engineers can best make use of the guidance provided in the list of secure coding practices.
42 minutes | Sep 20, 2021
Dennis Fisher on 'When Bug Bounties Went Boom'
Decipher Editor in Chief Dennis Fisher joins the podcast to discuss a series he recently published on the history and evolution of bug bounties. In the series, Dennis talks to the hackers and researchers who took an idea and turned it into one of information security's most well-known and lucrative industries. In this episode, Fisher covers the early days of bug bounties, the No More Free Bugs movement, the legal landmines researchers faced doing vulnerability research—essentially for free—the gray markets for bugs and exploits, and how pioneers such as Katie Moussouris worked tirelessly to make bug bounty programs a reality not only at Microsoft, but also within the Pentagon. Read the three-part series at Decipher:"Lawyers, Bugs, and Money: When Bug Bounties Went Boom, Part 1""Uprising in the Valley: When Bug Bounties Went Boom, Part 2""Drive it Like You Stole It: When Bug Bounties Went Boom, Part 3"
49 minutes | Aug 22, 2021
Tom Pace on SBOMs for ICS and OT
Tom Pace, founder of security company NetRise joins Claroty's Aperture Podcast to discuss SBOMs, or software bill of materials, and how they can be leveraged to improve industrial control system and operational technology cybersecurity. SBOMs are analogous to ingredient labels on food products, or parts lists for automobiles. Yet for ICS and OT equipment, they are a rarity. That lack of visibility into software and firmware components puts organizations at risk in the event of an incident, or can hamper risk management efforts. Pace discusses the value proposition of SBOMs, how they can be created and consumed inside industrial enterprises, and takes down some misconceptions vendors and buyers may have around SBOMs giving attackers a network roadmap, or leaking intellectual property secrets. Pace also covered this subject in a talk at the recent ICS Village at DEFCON.
37 minutes | Aug 10, 2021
Tony Baker on OT Cybersecurity Challenges, CIP Security
Rockwell Automation Chief Product Safety and Security Officer Tony Baker joins the Claroty Aperture podcast to discuss the rash of cybersecurity challenges facing critical infrastructure and industry owners and operators. Baker is a Rockwell veteran and has specialized in cybersecurity for the last eight years. He shares his insight on some of the challenges and resource gaps defenders are facing today, as well as the short- and long-term impact of the high-profile industrial cybersecurity incidents that have dominated headlines in 2021. Baker also discusses the evolution and adoption of CIP Security, a critical defense-in-depth technology that brings authentication, integrity, and confidentiality to messaging between industrial devices.
34 minutes | Jul 2, 2021
Inside the Water Sector Cybersecurity Survey
Michael Arceneaux, managing director of the Water Information Sharing and Analysis Center (WaterISAC), joins Claroty's Aperture podcast for a deep dive into the results of the recently released Water Sector Coordinating Council's cybersecurity survey. In short, the water sector needs cybersecurity help from industry organizations and the federal government. Respondents, identified four critical areas of need ranging from training, to improved cybersecurity tools and threat information, to money allocated from the federal government via loans and grants. While there were encouraging signs around the amount of risk assessment happening within the sector, that's offset by data that shows a lack of visibility into connected IT and OT assets. Water utilities are exposed to threats from threat actors, and respondents want to minimize the exposure of control systems, identify and remediate vulnerabilities, and secure remote access to OT systems.
43 minutes | Jun 25, 2021
Adm. Mike Rogers on Ransomware and OT
Retired Adm. Mike Rogers, former NSA Director and U.S. Cyber Command Commander, joins Claroty's Aperture Podcast to lend his insight and expertise into the rash of ransomware attacks starting to impact operational technology (OT) environments and critical infrastructure. Rogers covers the risk assessments that industrial enterprises are undertaking to handle the ransomware threat, and how to best response in the event of an incident. The discussion also ranges into:Cyber resilience in OT environmentsThe debate on whether to pay extortion demands or ransomsThe role of cyber-insurance is playing in defensive strategies, How the government should be working with private sector critical infrastructure operators. Rogers is also the chairman of Claroty's board of advisors.
42 minutes | Jun 8, 2021
Mandiant on Low-Sophistication OT Attacks
Mandiant Threat Intelligence Senior Manager Nathan Brubaker joins the Aperture Podcast to discuss the growing trend of low-sophistication attacks targeting operational technology and industrial control systems. Nathan coauthored a recent Mandiant report on the subject, identifying a number of trends worth monitoring as industrial enterprises continue to connect OT to the internet and converge IT and OT systems internally. Attackers are exploiting connectivity to sometimes interact with industrial processes, but more often to capitalize financially on their access through ransomware, or to gather information about exposed assets that can be shared or sold. Nathan also discusses some of the commodity tools attackers are using to compromise control systems and industrial assets, and what organizations can do to lock down OT systems and reduce risk to industrial processes.
33 minutes | May 18, 2021
E-ISAC on Biden 100-Day Plan for Power Grid Cybersecurity
Manny Cancel, CEO of the Electricity-ISAC, joins the Aperture podcast for a wide-ranging discussion on cybersecurity issues affecting electricity utilities and critical infrastructure. Cancel shares his thoughts on the Biden Administration's recent announcement of a 100-day plan to improve electricity and power grid cybersecurity. Specifically, the plan calls for the identification and deployment of technologies and systems that improve situational awareness and response capabilities for electricity providers. Cancel also discusses threats facing electric utilities, threat actors targeting the sector, and what technology and human-resource gaps exist. Finally, Cancel describes how the E-ISAC works with its members on information-sharing, and activities among its 1,100 members.
42 minutes | Apr 29, 2021
Katie Moussouris on Dan Kaminsky, Pay Equity, Vulnerability Disclosure Progress
Luta Security founder, security entrepreneur, and vulnerability disclosure pioneer Katie Moussouris joins the Aperture Podcast to talk about influential researcher Dan Kaminsky, who died April 23 at 42 years old. Katie discusses the breadth of Dan's work as a researcher, and his friendship, empathy, and outreach within the security community. Katie also talks about her work advocating for pay, gender and employment equity, and how her mother persevered as a single mother earning significantly less than male counterparts. Katie also explains her return to her hacker roots uncovering two serious vulnerabilities in the audio-based social networking app, Clubhouse, and the state of vulnerability disclosure programs and bug bounties.
44 minutes | Mar 30, 2021
Kaspersky, Claroty on OPC Security Research
On this episode of Claroty's Aperture Podcast, researchers from Claroty and Kaspersky join to discuss security research into the OPC protocol. OPC is a protocol stack that is used for interoperability between disparate vendor communication protocols in the ICS domain. Kaspersky's Evgeny Goncharov and Claroty's Sharon Brizinov and Uri Katz bring their respective experience researching OPC and discuss why it's a critical protocol for OT networks. In 2018, Kaspersky Lab published some of the earliest research into OPC security and disclosed 17 new vulnerabilities in the stack. This year, Claroty followed with its own research and nine vulnerabilities found in three vendor implementations of OPC. The researchers discuss the current state of OPC security, how it can improve, and what vendors should be doing to ensure they're securely implementing OPC.
35 minutes | Mar 17, 2021
Josh Grunzweig on Exchange Zero Days
Josh Grunzweig of Volexity joins the Aperture Podcast to discuss the Microsoft Exchange zero-day vulnerabilities and exploits that have been dominating headlines. Tens of thousands of organizations have already been compromised by attack groups using this bug to dump corporate email, and carry out further attacks such as ransomware or deploying cryptocurrency mining software. Josh's team at Volexity was the first to report in-the-wild exploits of the Exchange zero days, and in this episode, he describes the initial discovery of these attacks, and the short- and long-term implications for enterprises worldwide.
32 minutes | Mar 10, 2021
Mauro Conti on Assessing the Use of Insecure ICS Protocols
Prof. Mauro Conti of the University of Padua, Italy joins the Aperture Podcast to discuss a paper he coauthored last year called Assessing the Use of Insecure ICS Protocols via IXP Network Traffic Analysis. The paper, co-written with Giovanni Barbieri, Nils Ole Tippenhauer, and Federico Turrin of the University of Padua and the Helmholtz Center for Information Security, examines the gaps and exposures presented by connecting industrial control systems to external networks. Many of these networks and devices are communicating over insecure protocols that are insecure by design, lacking encryption or authentication, or are misconfigured. Internet-scanning services such as Shodan are also blind to much industrial traffic, the paper concludes, giving operators an incomplete picture of their exposure. Attackers, meanwhile, can leverage this to intercept and manipulate industrial traffic.
41 minutes | Feb 22, 2021
Water ISAC on Oldsmar Hack, Sector Cybersecurity
Jennifer Lyn Walker and Michael Arceneaux of the Water ISAC join the podcast to discuss the recent cybersecurity incident at the Oldsmar, Fla., water-treatment facility, the state of cybersecurity inside the water & wastewater critical infrastructure sector, and whether organizations are reticent about sharing information about attacks with others in the sector. Walker is a cyber threat analyst with the Water ISAC, while Arceneaux is managing director of the organization. Water ISAC has more than 400 member utilities serving much of the United States.
39 minutes | Jan 21, 2021
Justin Searle on Pen-Testing ICS
Justin Searle, director of ICS security at InGuardians and a SANS Institute ICS security senior instructor, joins the Aperture podcast to discuss penetration testing ICS environments. Justin is a leader in the ICS security community, a 21-year veteran immersed in conducting and teach security assessments worldwide. In this episode, Justin discusses the challenges in pen-testing production industrial environments, the state of pen-testing tooling for ICS, how digital transformation and IT/OT convergence are changing the way cybersecurity is managed inside enterprises, and also industrial cybersecurity threats facing companies.
41 minutes | Dec 17, 2020
Tom Tervoort on Zerologon
Tom Tervoort, a senior security specialist with Netherlands-based Secura, joins the Aperture Podcast to discuss the Zerologon vulnerability in Windows Netlogon. This critical crypto bug in the Netlogon authentication mechanism was discovered by Tom and the Secura team, and patched in August by Microsoft. Since then, exploit code has surfaced and the vulnerability has been used by two separate APT groups. Tom discusses how he "accidentally" discovered Zerologon, the risks posed by successful exploits, how and why APTs might use it, and the resources required to use it in attacks against Active Directory, domain controllers, and other Windows authentication mechanisms.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2022