cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Danish training stopped from running

HI All

 

This appears to be endless, people making poor decision about critical infrastructure and people's lives.

 

https://www.securityweek.com/cyberattack-causes-trains-stop-denmark

 

Regards

 

Caute_Cautim

1 Reply
dcontesti
Community Champion

Sad to see but reinforces the need to "Audit/Review" all third party providers security posture.

 

Unfortunate that more and more OT (ICS) attacks are happening.  These attacks present a risk to human life and the attackers do not really seem to care....just another way to make money.  Can you read that I am disgusted?  yes, I am.

 

Similar to outsourcing data to the Cloud, corporations need to develop a checklist/standards that can be applied to any third party vendor.  It should include things like but not limited to:

 

- A review of their last audit

- rules and regulations if they need to come on site

- revision history (plans)

 

We should also remember that even though the software being provided by any external vendor can be problematic especially when they update/patch software or do not patch.

 

d