Posts by Veridify Security

Cybercrime Losses 2019-2023

The FBI released its annual Internet Crime Report for all complaints reported through its Internet Crime Complaint Center (IC3). From the report, cybercrime losses increased 21% from 2022. Cybercrime refers to criminal activities carried out using computers or the internet. These crimes can range from hacking and spreading malware to stealing personal or financial information, conducting…

Read More

DNP3 Security Risks

DNP3 Cybersecurity Risks DNP3 (Distributed Network Protocol version 3) is a widely used communications protocol for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. While DNP3 provides several features designed to enhance the reliability and efficiency of communication between control devices and data acquisition systems, it also poses certain security risks,…

Read More

Increasing Cyberattacks on Water Utilities

Water Utilities Cyberattacks Hacker groups from Russia, China, and Iran have all taken credit for recent cyberattacks on water utility companies in recent months, the EPA even warning smaller communities to take action. Water utility companies are on notice during federal inspections over the last year. Roughly 70% of them violated standards meant to prevent…

Read More

Increased Number of Cyber Exposed OT/ICS Devices

Exposed OT/ICS Devices Recent data from several tracking sources indicates there has been an increase in the number of public IP addresses with accessible devices using standard OT/ICS protocols – BACnet, Modbus, Fox, Ethernet/IP, S7, and more. Data from three different sources – Censys, ShadowServer, and Shodan – give insight into the number of publicly…

Read More

Building Management System Cybersecurity Best Practices

A strong cybersecurity posture is essential for Building Management Systems to mitigate the risks associated with interconnected devices and systems. Building Management System Overview A Building Management System (BMS), also known as a Building Automation System (BAS) or Building Control System (BCS), is a computer-based control system that manages and monitors the mechanical, electrical, and…

Read More

The Role of Cybersecurity for IoT Devices

The Internet of Things (IoT) has revolutionized the way we live and work. With billions of connected devices, from smartphones to home appliances, building controls and industrial machinery, our world is more interconnected than ever before. However, this connectivity also brings with it significant security risks. Cybersecurity plays a crucial role in ensuring that data…

Read More

Monetary Damage of Reported Cybercrime in the US from 2001-2022

Growth in Cybercrime Cybercrime is not just a threat to data and privacy; it also comes with a significant monetary cost. The monetary damage of reported cybercrime in the United States grew steadily from 2001-2017, and then accelerated starting in 2018. There was a year-over-year increase of around 50 percent from 2021 to 2022. Since…

Read More

BACnet Security Issues and How to Mitigate Cyber Risks

BACnet is a commonly used protocol for building automation and operational technology (OT) systems, and is used to establish communication between various devices in a network. Because BACnet-based building systems were originally deployed in isolated (air-gapped) environments, BACnet was not designed with security. Therefore, millions of BACnet devices are lacking common security mechanisms such as…

Read More

BACnet MS/TP Security Risks and Vulnerabilities

What is BACnet MS/TP? BACnet MS/TP (Master-Slave/Token-Passing) is a widely used communication protocol in building automation and control systems. BACnet MS/TP is implemented with a shared bus and one or more building control devices daisy-chained along the wiring from a controller or a BACnet IP router/gateway. It is commonly used to connect field devices such…

Read More