Information technology has long been both an enabler of and disruption to business operations, but what of the world of operational technology that controls industrial equipment and processes? In this episode of Project 38, Forescout public sector executive Tim Jones takes our Ross Wilkers through the intersection of cyber and OT.
"The ultimate goal is understanding exactly what is happening on the network, who is connecting, what is connected, and what are those devices and users doing on the network so you can make sure that, where connection is necessary for a mission, it's available but also that it's secure," Forescout's Dean Hullings said.
Exabeam, a late-stage startup that helps organizations detect advanced cybersecurity threats, has landed a new $200 million funding round that values the company at $2.4 billion. The Series F growth round was led by the Owl Rock division of Blue Owl Capital, with support from existing investors Acrew Capital, Lightspeed Venture Partners and Norwest Venture Partners. The announcement of Exabeam’s latest funding, which the company says will help it on its mission to become "the number one trusted cloud SeCops platform in the market", coincides with the news that CEO Nir Polak, who co-founded the company in 2013, will be replaced by former ForeScout chief executive Michael DeCesare.
Diagram of attack scenario (Source: Forescout and JSOF)
Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.
The group of vulnerabilities, dubbed Name:Wreck, affects the FreeBSD, IPNet, NetX and Nucleus NET stacks. The widespread use of these stacks, together with external exposure of the vulnerable DNS clients, could dramatically increase the attack surface for organizations, JSOF says. Organizations in the healthcare and government sectors are in the top three most affected for all three stacks, Forescout says. If we conservatively assume that 1% of the more than 10 billion deployments … are vulnerable, we can estimate that at least 100 million devices [could potentially be] impacted by Name:Wreck.