Name: AMNESIA:33: Understand & mitigate the impact on millions of IoT, OT & IT devices
Start: 2020-12-04T16:00:00Z
End: 2020-12-04T16:00:44.000Z
Location: BrightTALK
Rating: 0

The Forescout platform provides organizations with complete situational awareness of their extended enterprise and the ability to orchestrate actions to reduce cyber risk.
 
Learn more about our products, hear about new cybersecurity trends and see how Forescout helps you address these.

Ohio's South Central Power Company (SCP) sought to improve its network security but lacked insight into its device count and data accuracy. Despite recognizing the potential of Zero Trust, they were cautious about adding another standalone solution. Join our "Zero Trust Success: SCP's Network Security Transformation" webinar with SCP's Jeff Haidet, as he shares their journey to a platform providing full visibility and effective Zero Trust policy enforcement. 

Key takeaways include: 

-The benefits of comprehensive device visibility and successful Zero Trust policy enforcement. 

-Continuous enforcement and least-privileged NAC monitoring. 

-Strategies for streamlined network segmentation. 

-Enhancing the overall effectiveness and value of SCP's security infrastructure.

Zero Trust Success: SCP's Network Security Transformation

Explore the dynamic landscape of cyber threats with our in-depth analysis of R4IoT ransomware. This sophisticated threat capitalizes on IoT devices for initial access, targets IT infrastructure for ransomware deployment, and exploits OT security weaknesses to physically disrupt business operations. R4IoT redefines the threat landscape by infiltrating assets across IoT, IT, and OT domains. In this webinar, discover how to: 

- Develop and implement a comprehensive security strategy to counter R4IoT and similar multi-device threats 

- Strengthen your organization's defenses in response to evolving cybersecurity challenges 

- Arm your team with the knowledge and strategies required to effectively mitigate the risks posed by R4IoT

Securing IoT and OT Against Ransomware: R4IoT Report Insights

In this webinar, we unveil our latest research findings on the most high-risk devices found within enterprise networks in 2023. Our investigation adopts a data-centric approach, leveraging Forescout's Device Cloud, and employs Forescout's multifactor risk scoring methodology, as outlined in our recently published report.

To circumvent conventional endpoint security measures, malicious actors have increasingly targeted devices that provide easier initial access. In order to effectively manage risks and exposure in the modern landscape, it is imperative to address devices across all categories, thereby mitigating risks throughout the entire organization.

Discover the most perilous IT, IoT, OT, and IoMT devices of 2023, gain insights into their inherent risks, and learn actionable strategies to effectively mitigate these risks within your own organization.

Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT

威脅偵測與即時高威脅應變處理已成為當今最重要課題，資安事件造成的：財務損失正在不斷增加？攻擊頻率直線上升？ 

專業資安人才難求？擁有許多資安工具卻無法有效關聯告警？ 

有別於市場上的解決方案達不到客戶的期許，Forescout XDR 增強資安中心 450倍的威脅偵測與回應效率。 

此次研討會將聚焦於 Forescout XDR 解決方案的應用與價值，並深入探討如何提升企業的威脅檢測和應對能力 。 

活動議程：  

在這個50分鐘的網絡研討會中，您將： 

◾了解如何真正對企業中每個管理和非管理的連線設備全面檢測 

◾發現先進的大數據科學如何實現450倍更好的檢測 

◾了解如何通過對網路和設備的實時監控以高效應對威脅 

◾探索改善SOC效率、降低風險和增強可視性的關鍵應用案例

Forecout XDR 線上研討會：將SOC效率提升450倍

脅威の検出と対応はますます重要になり、経験豊富で大規模な SOC チームをもってしてもますます困難になっています。 従来のXDR（拡張検出および対応）ソリューションを含む現在のアプローチでは、日々の大量のアラートから、真の脅威を忠実度高く適切な検出に移行していくことはできません。また、SOC チームが企業全体 (IT、OT IoTおよびIoMT) にわたる対応プロセスを自動化することもできません。 

Forescout XDR は、他の Forescout ソリューションと組み合わせることで、これらの課題に独自に対処します。 この 30 分間のウェビナーでは、以下の内容について含みます： 

企業全体のすべての管理対象および管理対象外の接続デバイスに検出を真に拡張する方法 

高度なデータ サイエンスがどのように 450 倍優れた検出を可能にする方法 

ネットワークとデバイスをリアルタイムで制御することで、脅威に適切に対応する方法 

SOC 効率の向上、リスク軽減、可視性の強化のための主要なユースケース

SOCの効率を 450倍  向上させるために

For more than two years, Forescout Research - Vedere Labs has been finding, disclosing, and helping to detect and fix critical vulnerabilities that can be used by attackers to take control of IT, IoT and OT devices. Project Memoria revealed a host of problems with TCP/IP stack implementations, while OT:ICEFALL highlighted the insecure-by-design nature of OT equipment.   

On June 20, we concluded OT:ICEFALL after more than one year of research. In this webinar, we will share the insights we have gained into the current state of OT product security and how that affects vulnerability management for asset owners. We will discuss why many device vendors still lack a fundamental understanding of basic security controls, why many OT patches are broken and lead to new vulnerabilities and how threat actors can leverage the current situation in their attacks.  

Learn what insecure by design vulnerabilities mean for asset owners and, most importantly, how to assess and mitigate risk.

Speaker: Daniel dos Santos, Head of Security Research, Forescout Research - Vedere Labs

OT:ICEFALL – A Year-long Dive into Insecure-by-Design Practices and Patching

Cybercriminals and the threats they pose are becoming more sophisticated than ever, making it crucial to stay updated on the latest trends and techniques employed. Many organizations face a rapidly expanding attack surface that further exacerbates the increased risk as more devices connect to enterprise networks. Managing this growing attack surface requires adopting measures like passive asset discovery, risk-based vulnerability prioritization, and zero-trust network segmentation, to name a few. Join us as we explore the five steps to combating emerging threats with network security. 

Join Joe Thibault, Forescout Solutions Marketing Manager, as he covers: 

◾ How to improve asset discovery and fill in the blind spots of your attack surface.

◾ Going beyond authentication to perform post-connect access control for unmanaged assets. 

◾ How to fight ransomware and extortion with least privileged access controls. 

◾ What your cybersecurity team must do to combat burnout and alert fatigue.  

◾ How to fight fire with fire using automated cybersecurity controls.

5 Steps to Combating Emerging Threats with Network Security

Forescout Vedere Labs recently disclosed three new vulnerabilities on a popular Border Gateway Protocol (BGP) open-source implementation. These vulnerabilities highlight message parsing as an often-overlooked aspect of BGP security and they could be exploited to achieve a denial of service on vulnerable peers, thus dropping all sessions and routing tables.

Recent BGP incidents show that it might take only a malformed packet to cause potentially large disruptions since software suites implementing BGP are used by major networking vendors and found in ISPs and large data centers. Therefore, organizations should not rely only on their ISPs to handle BGP security.

This research shows that modern BGP implementations still have low-hanging fruits that attackers can abuse. Learn how we found the three new vulnerabilities, what their risk is, and what to do to mitigate these risks.

Speaker: Daniel dos Santos, Head of Security Research at Vedere Labs

Finding and mitigating the risk of vulnerabilities in BGP implementations

The year 2022 was quite eventful for cybersecurity. Cyberattacks grew in intensity, sophistication, and frequency, with malicious actors benefitting from growing geopolitical conflicts, economic uncertainty, and rapid digitization. As a result, threat actors have started blurring the lines between traditional IT attacks and emerging OT/IoT threats.

With 2023 bound to accelerate the adoption of new devices into organizations and pose even greater challenges for cybersecurity professionals across the globe, Forescout’s Vedere Labs has analyzed data gathered in 2022 about millions of attacks, hundreds of exploits, and thousands of malware samples to share with the community insights that can help organizations to prepare.

Tune in to understand where attacks are coming from, their top targets, vulnerabilities they exploit, what attackers do after initial access, the most common type of malware dropped, trends in malware evolution, and forecasts for the future.

Most importantly, learn strategies and actions that you can take to prepare for this evolving threat landscape.

2022 Threat Roundup – The Emergence of Mixed IT/IoT Threats

Threat detection and response has become increasingly important, and increasingly difficult, even for seasoned and large SOC teams. Current approaches, including traditional extended detection and response (XDR) solutions, don’t adequately convert the mountain of daily alerts into high-fidelity detections of true threats, nor do they enable SOC teams to automate response processes across the extended enterprise (IT, OT, IoT, IoMT). 

Forescout XDR, combined with other Forescout solutions, uniquely addresses these challenges. In this 30-minute webinar, you will: 

◾Learn how to truly extend detection to every managed and unmanaged connected device across your enterprise 

◾Discover how advanced data science enables 450x better detection 

◾See how you can better respond to threats through real-time control of your network and devices

◾Explore key use cases for improved SOC efficiency, risk reduction, and enhanced visibility

Speakers: Justin Foster, Chief Technology Officer; Virendra Bisht, Director of Data Science; George McTaggart, Chief Marketing Officer

Improving SOC Efficiency by 450x with Forescout XDR

Despite a number of advanced security tools on the market, ransomware, extortion, and other related threats continue to dominate the cybersecurity landscape of 2023. For organizations with siloed security solutions, outdated processes, and ineffective threat detection practices, an expanding attack surface is almost guaranteed – and will leave the door open for attackers to exploit, disrupt, and cost you millions. 

In this exclusive webinar, Forescout’s Rik Ferguson, VP of Security Intelligence, will take a deep dive into:  

▪How the threat landscape of 2023 might be impacted by the developments of 2022 
▪An in-depth analysis of trending threat attacks and how organizations are being targeted 
▪Best practices to avoid falling victim to ransomware, identity-based attacks, extortion, and more.  

 Speaker: Rik Ferguson, VP of Security Intelligence

Threat Intelligence: 5 Cyber Attacks to Watch for

Several events in 2022 shaped the current threat landscape for critical infrastructure, such as the OT:ICEFALL vulnerabilities highlighting how insecurity by design affects critical devices, new OT/ICS-specific malware showing state-sponsored actors' inclination to cause cyber-physical damage via this insecurity, ransomware groups attacking critical infrastructure for financial gain, and several hacktivists attacking unmanaged devices for their own political agenda. 

We expect this threat landscape to continue expanding in 2023, with even more attacks on critical infrastructure, state-sponsored actors expanding their arsenal with new sophisticated malware, ransomware groups diversifying their extortion campaigns, and more hacktivists adopting OT as a target to spread their message.  

How is this all relevant for asset owners? Tune in to understand: 

• What does the current threat landscape for critical infrastructure look like and what could change in 2023 

• Strategies and actions that asset owners should take to prepare for this evolving threat landscape

The Critical Infrastructure Threat Landscape and How to Prepare for 2023

As today’s threat landscape continues to expand, security teams are being forced to defend against motivated adversaries with new and improved tools, tactics, and procedures to exploit vulnerabilities and unmanaged risks. But the fight doesn’t end with attackers. Analysts, engineers, and SOC teams are also grappling with the disconnect and lack of usability between the products and services they rely on to drive detection, response, and protection capabilities. 

During this exclusive webinar, speakers Justin Foster, Rik Ferguson, and guest speaker Allie Mellen will take a deep dive into rising trends of tool convergence, the security analysts experience, and the historic disconnect between risk and threat-based tools to give an overview of today’s changing threat landscape and how you can manage various tools and skillsets to remain ahead of the curve. 

In this session, you’ll get the latest insight into: 
• Today's threat landscape and the skillset needed to manage the future of security 
• The impact of tool convergence on productivity and security analysis
• The disconnect between risk and threat-based tools for security programs
• The emerging analyst experience (AX) trend for improving SOC

Speakers: 
• Allie Mellen, Senior Analyst, Forrester  (Guest Speaker)
• Rik Ferguson, VP of Security Intelligence, Forescout  
• Justin Foster, CTO & Co-Founder, Cysiv (a Forescout Company)

The Future of Security: Merging Tools with Analyst Experience and Intuition

Ransomware is now the biggest cybersecurity threat. More than 80% of cyber incidents have financial motivation. Forescout’s Vedere Labs released a comprehensive report that includes a detailed playbook describing how organizations can protect themselves against a new type of ransomware that exploits IoT devices, such as video cameras, to deploy ransomware.

The next-generation ransomware described in the R4IoT report uses exposed vulnerable devices, such as an IP video camera or network-attached storage (NAS) device, as the initial access point to the network. It then holds OT devices hostage, thus adding another layer of extortion to an attack campaign. This new attack vector that Vedere Labs predicts will be the next step in ransomware evolution, which will impact all IoT (including IoMT), IT, and OT devices, causing physical disruption of business operations.

Tune in to learn about:
• How a combined IoT/OT ransomware might work
• How this next-generation ransomware would disrupt and impact your organization
• Detailed mitigation steps by TTP and how Forescout can help
• Vulnerable IoT and OT assets being actively exploited and how to prioritize their protection

Speakers:
Shawn Taylor, VP, Threat Defense

R4IoT: When Ransomware Meets Internet of Things

制御機器、医療機器をはじめ、さまざまな機器が組織のネットワークに接続することでシステム運用者が保護するサーフェースは増加しています。フォアスカウトとアリスタは2019年以来デバイス環境が複雑化することを予測し、ネットワーク・セキュリティの変革を推進してきました。豊富なコンテクストから接続するすべての情報資産を可視化し、単一の管理コンソールによりビジネス要件に応じたセグメント・ポリシーを定義、このポリシーはシミレーションを経て組織のネットワーク全体に適用されます。その結果はテレメトリデータにより精緻に可視化されます。

フォアスカウトとアリスタによるこの変革は、クラウドのパワーを活用することでさらなる変革を遂げています。

本ウェビナーでは、クラウドにエンパワーされたForescout ContinuumとArista CloudVisionにより実現するセキュリティ・アーキテクチャの紹介とデモンストレーションをお届け致します。

ブラウザとインターネット接続環境があれば、どこからでもご参加可能なWebセミナー形式です。是非、お気軽にお申し込みください。

Forescout & Arista共催ウェビナー『IT/OT混在環境のセグメンテーション戦略』

Forescout 的 Vedere Lab資安實驗室與美國國土安全部網路安全暨基礎安全局（CISA）漏洞揭露程式合作，於2022年6月21這天，揭露56 個漏洞，其中來自 10 家知名工控設備（OT）廠商,並將其命名為 OT:ICEFALL

這是有史以來單一次最大宗工控設備漏洞揭發事件,且這些因不安全設計造成的漏洞直接影響 了OT工控設備。
由Digital Bond 執行的Basecamp專案已經持續十年了-該專案主要在評估一組具有乙太網接口特性的工業控制系統 (ICS) 現場設備的安全性，以應對一組常見的漏洞。該專案調查了關鍵的 OT 設備和協議在設計上是如何不安全的。 從那時起，實際環境中的 OT 惡意程式，包括 Industroyer、TRITON、Industroyer2 和INCONTROLLER，透過濫用不安全設計的功能面產生了巨大影響

在過去的十年中，隨著工控資安議題越來越受到重視，OT 漏洞揭露的數量一直在逐步增加，透過Forescout安全情資快報線上研討會，我們將進一步提供緩解措施及如何避免類似攻擊，與您分享如何確保護這些設備和協議的安全性。

工控資安OT重大風險出爐: ICEFALL

Forescout 的 Vedere Labs 於六月份發布一份含有詳細攻擊腳本報告，該報告提出單位該如何自我保護免於受 Ransomware for IoT或簡稱為 R4IoT的侵害“。R4IoT是目前第一個分析勒索軟體會如何影響及利用物聯網的研究項目，根據預測勒索軟體及攻擊手法的演變，當今駭客正更廣泛的利用物聯網的可受攻擊面，對組織帶來威脅。

Forescout Vedere Labs 安全研究主管 Daniel dos Santos強調：「我們看到駭客組織在論壇上討論對物聯網的訪問，當今企業需用知識武裝達到自我防禦，利用預測來達到企業提升主動式防禦的能力，並確保企業物聯網設備與其關鍵的 IT 和 OT 基礎設施，擁有足夠的隔離能力，這才是當務之急。」

根據此報告實作概念性驗證，先藉由暴露在外的 IP camera 或 NAS 設備作為起始點，進入IT 網路中後橫向移動，再透過現今 IT-OT 混合環境，劫持 OT 設備，造成業務營運實際環境中斷; 

透過Forescout安全情資快報線上研討會為各位進一步探討針對這種專攻 IoT 設備的新型勒索軟體，提出緩解措施及如何避免遭受類似攻擊的說明

R4IoT: 駭客進化比你想像的快！當勒索軟體找上OT及IoT設備

Introducing the new Forescout Continuum Platform, a powerhouse of cybersecurity automation.

In this 45-minute session you’ll learn how: 

- Continuum’s automated discovery delivers a single, comprehensive source of truth for all connected assets across your entire digital terrain. 
- To leverage Forescout’s Device Cloud - the most comprehensive source of device intelligence available - to power the accurate classification and automated assessment of each connected asset’s status and risk posture.
- Shrinking your attack surface to minimize the impact of potential breaches scales to protect your entire digital terrain using the power of automated governance and orchestration with your existing cybersecurity investments.
- To identify genuine threats within your constantly changing asset inventory and leverage Continuum’s multifactor risk scores to provide insightful information, focus, and assistance on what to prioritize.

Forescout Continuum Platform: Mapping Your Digital Terrain (APJ Timezone)

Forescout Research Labs discovered 33 vulnerabilities, four that are critical, lurking in millions of enterprise IoT, OT and IT devices. These vulnerabilities can cause memory corruption and affect four open-source TCP/IP stacks in widespread use across devices from over 150 vendors. Cybercriminals can target these vulnerabilities to perform remote code execution, cause denial of service and expose sensitive information.

Watch this webinar to learn more about:
• The AMNESIA:33 vulnerabilities and how they impact the uIP, picoTCP, FNET and Nut/Net open-source TCP/IP stacks
• The widespread use and proliferation of these stacks in embedded components, IoT, OT systems, network equipment and IT devices
• How these vulnerabilities can be used to target organizations worldwide, including retail, manufacturing, healthcare and critical infrastructure
• Best practices for organizations that are at risk of being targeted by cyberattacks exploiting these vulnerabilities
• How Forescout can help identify and mitigate the risk from these vulnerabilities to protect enterprise networks

AMNESIA:33: Understand & mitigate the impact on millions of IoT, OT & IT devices

Vulnerabilities

Cyber Attacks

Cyber Crime

IoT Security

Medical Devices

Cyber Defence

Breach Detection

Attack Vectors

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

AMNESIA:33: Understand & mitigate the impact on millions of IoT, OT & IT devices

Presented by

About this talk

More from this channel