Security Market Segment LS
  • Home
  • Business IT
  • Security
  • Team82, Claroty’s new research arm, discovers vulnerabilities in cloud-based ICS management platforms
Tuesday, 27 July 2021 11:35

Team82, Claroty’s new research arm, discovers vulnerabilities in cloud-based ICS management platforms

By Claroty
Team82, Claroty’s new research arm, discovers vulnerabilities in cloud-based ICS management platforms

COMPANY NEWS Claroty, a leader in industrial cybersecurity, launches Team82, its new research arm dedicated to threat research reports, policies, and disclosures. It recently published a report that details vulnerabilities in cloud-based management platforms and the need to secure implementations.

Claroty launches Team82, its new research arm that provides vulnerability and threat research to customers and defenders of industrial networks.

Team82 recently released a report on critical vulnerabilities found in cloud-based management platforms for industrial control systems (ICS). The report highlighted the rise of ICS in the cloud and the growing need to secure cloud implementations in industrial environments.

Team82, in its latest report, Top-Down and Bottom-Up: Exploiting Vulnerabilities in the OT Cloud Era, researched the exploitability of cloud-based management platforms responsible for monitoring ICS, and developed techniques to exploit vulnerabilities in automation vendor Codesys’ Automation Server and vulnerabilities in the Wago PLC platform.

Claroty says Team82’s research mimics the top-down and bottom-up paths an attacker would take to either control a Level 1 device to compromise the cloud-based management console, or the reverse: commandeer the cloud in order to manipulate all networked field devices.

“Team82’s research was motivated by how organisations are incorporating cloud technology into their OT and IIoT for simplified management, better business continuity, and improved performance analytics,” explains Claroty vice president of research Amir Preminger.

Preminger suggests: “In order to fully reap these rewards, organisations must implement stringent security measures to secure data in transit and at rest, and lock down permissions. We thank the Codesys and Wago teams for their swift response, updates, and mitigations that benefit their customers and the ICS domain.”

The new Team82 Research Hub offers new research reports, a vulnerability dashboard for tracking the latest disclosures, a coordinated disclosure policy for working with affected vendors, its public PGP Key for securely and safely exchanging vulnerability and research information, and other resources.

Team82, formerly known as The Claroty Research Team, is known for its rapid development of industrial threat signatures, proprietary protocol analysis, and discovery of ICS vulnerabilities.

The team is proud to disclose a total of 146 vulnerability discoveries and disclosures to date, and was the first to develop and release signatures for Ripple20 and Wibu-Systems CodeMeter vulnerabilities and the threat actors that target them.

The team works closely with leading industrial automation vendors to evaluate the security of their products.

Read 1523 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




IDC WHITE PAPER: The Business Value of Aiven Data Cloud Solutions

According to IDC, Aiven enables your teams to perform more efficiently, reduce direct infrastructure costs, and provide improved database performance, agility and scalability.

Find out how Aiven makes teams 48% more efficient, allowing staff to focus on high-value activities that drive real business results:

340% 3-year ROI – break even in 5 months (average)

37% lower 3-year cost of operations

78% reduction in staff time for database deployments

Download the IDC White Paper now

DOWNLOAD WHITE PAPER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under

Related items

More in this category: « GitHub supply chain security features now available for Go language Bitdefender releases GravityZone Security for Containers »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments