News and Events

IT/OT Convergence: Reducing Cyber Exposure of Legacy Assets

In July 2020, the National Security Agency (NSA) and Cybersecurity & Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory recommending “Immediate Actions to Reduce Exposure Across all Operational Technologies and Control Systems.” The advisory emphasized “cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against Critical Infrastructure (CI) by exploiting Internet-accessible […]

January 2021 Newsletter

Cynalytica’s newsletter for January 2021 is now available. This edition focuses on the insufficiency of best practices in OT cybersecurity and the risks Serial-to-Ethernet Converters pose to critical infrastructure.

Reassessing our Critical Infrastructure’s Cyber-Physical Security Posture

I am not sure how many more wake up calls it will take before we all start to acknowledge that we are considerably behind in our protection of Industrial Control System environments for our Nations Critical Infrastructure.  The recent compromise of Solarwinds and the Sunburst Hack should shake this fact into the heart and soul […]

Serial to Ethernet Converters: How Widely Used Industrial Devices are Providing Malicious Threat Actors with a Gateway to Cyber-Physical Assets

In industrial automation, Serial to Ethernet Converters/Gateways and Serial Device Servers are a long-established and widely used method for enabling remote communications and monitoring of devices that only support serial interfaces such as RS-232, RS-485, and RS-422 to name a few. The devices are typically used to convert serial to ethernet protocols (and vice versa) […]

The Security Gap that ICS Cybersecurity Companies Refuse to Talk About

Cyber attacks on critical infrastructure’s Industrial Control Systems (ICS) are still on the rise due, for the most part, to the increase in cybercrime and geopolitical tensions – tensions that ironically were fueled by a barrage of cyber campaigns focused on compromising essential services over the past decade.  Exacerbating the problem is the rate at […]