ICS News Center

Discover industrial security tips and learn about the latest news and developments in the industrial cybersecurity world

Fortune / November 14, 2018
Exclusive: Dragos Raises $37 Million to Secure Industrial Systems

Dragos, an industrial control system security firm founded by NSA veteran Rob Lee, has raised $37 million in new venture capital funding.

DARKReading / October 9, 2018
Constructing the Future of ICS Cybersecurity

As industrial control systems are connected to the cloud and the IoT, experts discuss security challenges.

VICE - Motherboard / September 14, 2018
People Are Recklessly Speculating That the Massachusetts Gas Explosions Were a Stuxnet-Related Hack

There's no evidence that the Massachusetts gas explosions are caused by hackers, but that hasn't stopped people from baseless speculations.

Baltimore Business Journal / August 29, 2018
Meet the Baltimore Business Journal's 2018 40 Under 40 honorees

These 40 Greater Baltimore professionals are going places.

Axios / August 23, 2018
Why "crashing the grid" doesn't keep cyber experts awake at night

There really is no single grid to bring down in a civilization-ending crash.

Security Weekly / August 15, 2018
Understanding the Industrial Control Systems (ICS) Market - Enterprise Security Weekly #102

Listen in as Paul and Matt review the ICS security landscape, discussing the problems and potential solutions to secure critical infrastructure.

Search Security / August 15, 2018
Infosec mental health support and awareness hits Black Hat 2018

While burnout, depression and PTSD can affect anyone, infosec mental health still doesn't often get the attention it deserves, but Black Hat 2018 attempted to change that.

TechRepublic / August 15, 2018
Why hacking industrial control systems is an extension of statecraft

When I have a bad day it's a bad day for a lot of people, says Sergio Caltagirone, former NSA cyber-defense expert and director of threat intelligence at Dragos.

Fifth Domain: Cyber / August 8, 2018
Why small cyberattacks on power systems more likely than a long-running blackout

Attacks on American power systems are likely to be small and localized, according to a cybersecurity firm, casting doubt on the ability of a foreign power to take down broad swaths of U.S. electric systems at once.

Dragos, Inc. / August 1, 2018
Dragos Platform Version 1.3 Release

Dragos is excited to announce updates to the Dragos Platform with the release of version 1.3.

ISS Source/ July 25, 2018
Political Ploy or Not, Industry Needs to Act

A chill spread over the manufacturing automation sector this week as a warning released from the Department of Homeland Security (DHS) regarding Russian infiltration of energy sector systems and networks.

Politico / July 25, 2018
Out today: Report on law enforcement’s fight to uncover digital evidence

Unbreakable encryption is the best-known example of law enforcement’s struggles to access digital evidence, but it’s not the most pressing one, according to a report out today from the Center for Strategic and International Studies.

Utility Dive / July 25, 2018
How vulnerable is the grid to cyberattacks, really?

Experts say a recent DHS briefing that warned hackers could cause widespread blackouts may have overstated the threat.

Powermag.com / July 9, 2018
DHS Reportedly Warns that Russians Hacked Control Rooms

Department of Homeland Security (DHS) officials have reportedly said that Russian hackers could have infiltrated power plant control rooms and caused blackouts last year. However, as an industrial cybersecurity expert pointed out, the impact of the incidents may be overstated.

National Cybersecurity Center of Excellence / July 9, 2018
NCCoE Selects Technology Vendors to Collaborate on Asset Management Project for the Energy Sector

ForeScout Technologies, Tripwire, Dragos, Splunk, KORE Wireless, TDi Technologies, FoxGuard Solutions, and Veracity Industrial Networks have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Energy Sector Asset Management (ESAM) Project.

Powermag.com / June 14, 2018
Sanctions Slapped on Russian Entities for U.S. Grid Cyber Intrusions

The U.S. Department of the Treasury on June 11 slapped sanctions on five Russian firms and three Russian individuals for several “significant” malicious cyber-enabled activities, including cyber intrusions in the U.S. energy grid.

The Hill / June 1, 2018
Deadly attacks feared as hackers target industrial sites

The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

Search Security / May 31, 2018
Dragos' Robert Lee discusses latest ICS threats, hacking back

In part two of this interview from RSA Conference 2018, Dragos CEO Robert Lee discusses the latest threats to industrial control systems and how those threats can be exaggerated.

Security Week / May 31, 2018
North Korea-Linked Group Stops Targeting U.S.

A threat actor linked to North Korea’s Lazarus Group has stopped targeting organizations in the United States, but remains active in Europe and East Asia.

Reward Expert / May 30, 2018
Protect Critical Infrastructure With Dragos

A cyber attack can be devastating, resulting in major losses to a company’s finances and reputation. But a cyber attack against critical infrastructure can also be deadly. That’s where Maryland-based cybersecurity startup Dragos finds its niche.

CyberScoop / May 24, 2018
Trisis masterminds have expanded operations to target U.S. industrial firms

A group known for infecting a Saudi petrochemical plant with highly sophisticated industrial control malware has expanded its operations, according to new research, with a former U.S. official telling CyberScoop that companies inside the United States have been breached.

Politico / May 24, 2018
Update: ‘World’s most dangerous cyber threat’ gets more ambitious

The “world’s most dangerous cyber threat” is on the move, according to an update out this morning from industrial control system cybersecurity firm Dragos.

Powermag.com / May 24, 2018
Threat Actor Behind Cybersecurity Attacks Targeting Safety Instrumented Systems Identified

A relatively new cyberattack threat activity group dubbed “XENOTIME” is intent on compromising and disrupting industry safety instrumented systems globally, and cybersecurity experts are warning it is “easily the most dangerous threat activity publicly known.”

Harvard Business Review / May 21, 2018
Active Defense and "Hacking Back": A Primer

To protect your most valuable information you need to move beyond so-called cyber hygiene, the necessary but insufficient deployment of security software and network-monitoring processes.

Electric Energy Online / May 18, 2018
Security Sessions | Combating ICS Threats

2017 featured a number of concerning discoveries in industrial control systems (ICS) network security: targeted, disruptive attacks; ICS-focused threat activity groups, and increasing permeability between IT and ICS networks.

Infosecurity Magazine / May 17, 2018
Catch ICS Attackers by Shifting to Kill Chain

Tracking the activity of nefarious groups affords defenders a deeper level of understanding that can be useful in not only understanding different types of threats but also in building defenses to withstand a cyber-attack.

Washington Post / April 27, 2018
They’re on the lookout for malware that can kill

The cyberthreat hunters had honed their chops at the National Security Agency — the world’s premier electronic spy agency. And last fall, they were analyzing malware samples from around the world when they stumbled across something highly troubling: the first known piece of computer software designed to kill humans.

ARC Advisory Group / March 21, 2018
Dragos and SEL Partner to Arm the Electric Power Community to Detect and Respond to ICS Threats

Dragos, Inc., a leader in industrial threat detection and response, and Schweitzer Engineering Laboratories (SEL), a lead supplier of digital systems that protect power grids around the world, have formed a partnership to arm the electric power community with the tools to better detect and respond to threats within their industrial control system (ICS) networks.

ISS Source / March 21, 2018
Schweitzer, Dragos in Electric Power Pact

Industrial security provider, Dragos, Inc., inked a partnership pact with Schweitzer Engineering Laboratories (SEL) to help the electric power sector detect and respond to threats within their industrial control system (ICS) networks.

SEL / March 19, 2018
SEL and Dragos team up on utility cyber defense

SEL and Dragos, trusted names in digital power system products and cybersecurity, have jointly developed a solution that provides continuous monitoring, threat intelligence and active cyber defense for industrial control systems.

WBUR / March 16, 2018
U.S. Officials Accuse Russia Of Cyberattacks On American Infrastructure

Here & Now's Peter O'Dowd speaks with Robert Lee (@RobertMLee), CEO of the cybersecurity company Dragos, Inc.

Washington Post / March 16, 2018
Why Russian hackers aren’t poised to plunge the United States into darkness

On Thursday, the Department of the Treasury announced new sanctions against a number of Russians and Russian entities believed to be linked to hacking efforts both during the 2016 election and since.

Dale Peterson / March 15, 2018
S4x18 Debate: Enterprise SOC or OT SOC?

This was a great debate from S4x18. Dan Scali of FireEye took the Enterprise SOC side and debated with Rob Lee of Dragos, who argued the OT SOC side.

CSO / March 7, 2018
Insecure by design: What you need to know about defending critical infrastructure

Patching security vulnerabilities in industrial control systems (ICS) is useless in most cases and actively harmful in others, ICS security expert and former NSA analyst Robert M. Lee of Dragos told the US Senate in written testimony last Thursday.

Enterprise Times / March 2, 2018
Hunting and Responding to ICS intrusions

In a series of reports, specialist cybersecurity vendor Dragos has published data on the cybersecurity risks facing industrial control systems (ICS). One of the three reports is titled Hunting and Responding to Industrial Intrusions.

Help Net Security / March 2, 2018
Keeping on top of ICS-focused hacking groups, defenses

How many hacking groups are focusing on ICS systems? Dragos security researchers say at least five were active in 2017.

Dark Reading / March 1, 2018
ICS Under Fire in 2017

New Dragos report finds rising number of public vulnerability advisories around ICS with not enough reasonable guidance around how to deal with these flaws.

Powermag.com / March 1, 2018
ICS Cybersecurity Threatened, but Defense Woefully Inadequate

Though increasingly serious cybersecurity threats loom, nearly two-thirds of U.S. industrial control system (ICS) vulnerabilities identified in 2017 could cause severe operational impact if exploited, cybersecurity firm Dragos Inc. warned in a series of reports published March 1.

The Wall Street Journal / January 19, 2018
New Type of Cyberattack Targets Factory Safety Systems

Hackers who attacked a petrochemical plant in Saudi Arabia last year gained control over a safety shut-off system that is critical in defending against catastrophic events, according to security researchers shedding light on what they describe as a new type of cyberattack.

Star Tribune / January 13, 2018
Xcel, other utility companies combating heightened possibility of cyberattacks

Electricity isn’t exactly a growth business, so Xcel Energy’s employee head count doesn’t budge much from year to year. One department is an exception: cybersecurity.

The Cyberwire / January 9, 2018
TRISIS Malware: Fail-safe fail - Research Saturday

On this week’s episode of Research Saturday, we talk about TRISIS, the ICS tailored malware affecting the safety systems of at least one victim in the Middle East. This is only the fifth known incident of malware targeting ICS systems, and joining us to talk about it is Robert M. Lee, CEO of Dragos.

ARC Advisory Group / January 6, 2018
Preview of Dragos Inc. & NaturEner at ARC Industry Forum

We have considerably expanded our cybersecurity program at the Forum this year, and as a preview ARC vice president and cybersecurity domain expert Sid Snitkin interviewed NaturEner's Marc DeNarie and Dragos Inc. founder and CEO Robert Lee. In this podcast, Marc shares some details of the case study he will present jointly with Rob at the ARC forum about his experience implementing a cybersecurity strategy with the Dragos solution at NaturEner.

SverigesRadio / December 23, 2017
Security experts: Serious security deficiency in the train network

Swedish and international security experts estimate that there have been serious security shortcomings in the infrastructure that provides the Swedish rail network with electricity.

The Atlantic / December 13, 2017
Will Ukraine Be Hit by Yet Another Holiday Power-Grid Hack?

The country has been attacked the past two years in December. A new strike could have major implications for cybersecurity in the U.S.

Arc Advisory Group / December 8, 2017
Critical Industries Need Active Defense and Intelligence-driven Cybersecurity

Cyberattacks are a major concern for industrial organizations around the world. Most have accepted the need for cybersecurity and invested in defensive technologies and practices recommended by automation suppliers and security consultants.

CyberScoop / October 23, 2017
Security researchers call for calm after DHS warns of energy grid hacking

A government security alert about foreign hackers probing the networks of U.S. energy companies frightened casual observers, but security experts say the report provided little more than an update on relatively well-known activity and behavior.

U.S. News / October 21, 2017
U.S. Warns Public About Attacks on Energy, Industrial Firms

The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.

Fortune / September 11, 2017
Hackers Got Into America’s Power Grid. But Don’t Freak Out.

Last week cybersecurity firm Symantec released a report on what it calls Dragonfly 2.0—a collection of intrusions into industrial and energy-related organizations worldwide.

CyberScoop / September 6, 2017
'Nation-state' hackers increase sabotage attempts aimed at Western energy companies

A well-resourced hacking group known as Dragonfly is actively and successfully targeting U.S. and European energy companies. Robert Lee, CEO of cybersecurity company Dragos, told CyberScoop that people shouldn’t be alarmed, though.

Scientific American / August 23, 2017
Is the Power Grid Getting More Vulnerable to Cyber Attacks?

From the media buzz, one might conclude that power grid infrastructure is teetering on the brink of a hacker-induced meltdown. The real story is more nuanced, however. Scientific American spoke with grid cybersecurity expert Robert M. Lee, CEO of industrial cybersecurity firm Dragos, Inc., to sort out fact from hype.

Washington Post / August 14, 2017
Dragos, raised $9 million in a funding round co-led by Silicon Valley venture fund Allegis Capital and east coast Energy Impact Partners

Maryland-based firm, Dragos, raised $9 million in a funding round co-led by Silicon Valley venture fund Allegis Capital and east coast Energy Impact Partners.

Forbes / August 14, 2017
Ex-NSA Analyst Raises $10 Million To Stop Hackers Destroying Power Grids

The funding will go into expanding the team and spreading the firm's Dragos Platform technology. Built on the founders' knowledge of attacks on actual industrial control systems, it looks out for and acts on anything that looks abnormal.

The Hill / July 11, 2017
Cybersecurity expert fights for realism

Robert M. Lee thinks we should start taking infrastructure cybersecurity seriously. For a number of people right now, that may mean calming down. The U.S. is coming off two high-profile cyber threats that were less dangerous than many made them out to be.

Washington Post / July 8, 2017
U.S. officials say Russian government hackers have penetrated energy and nuclear company business networks

Russian government hackers were behind recent cyber-intrusions into the business systems of U.S. nuclear power and other energy companies in what appears to be an effort to assess their networks, according to U.S. government officials.

Washington Post / June 12, 2017
CRASHOVERRIDE Malware Targets Electric Power Grids

Washington Post coverage of Dragos' research into CRASHOVERRIDE and the potential impacts.

Powermag.com / May 1, 2017
Malware in Modern ICS: Understanding Impact While Avoiding Hype

In this report, Dragos’ Robert M. Lee and Ben Miller combine their knowledge of proper industrial control system functionality with new research conducted to better understand the threats posed to the ICS.

Automation.com / Apr 18, 2017
How Deloitte and Dragos' Cyber Risk Platform Converges IT and OT Security

This week’s Deep Dive will revolve around the discussion I had with Sean Peasley, of Deloitte & Touche LLP, about their latest announcement of their new cyber risk platform. This platform was enabled by Dragos...

Confronting Cyber Conflict

“We need to begin to have more technical leadership in government positions,” said Rob Lee, CEO of Dragos, Inc. in the context of attacks like the Ukraine power grid attack.

FORBES / APR 19, 2016
Meet The Ex-Army Hackers Trying To Save America From Blackouts

Two days before Christmas the lights went out across the Ivano-Frankivsk region of Ukraine.

WIRED / MAR 3, 2016
Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid

IT WAS 3:30 p.m. last December 23, and residents of the Ivano-Frankivsk region of Western Ukraine were preparing to end their workday and head home through the cold winter streets.

POLITICO / JAN 15, 2016
Shaky accusations hamper cyber case against Russia

The Obama administration’s efforts to press its election-hacking accusations against Russia could be undermined by a flurry of unfounded cyber charges against Moscow.

FOX / JAN 15, 2016
Is the National Grid Safe From Malware?

Robert Lee, CEO, Dragos talks to Fox News about the malware attack on the Ukrainian power grid.

Contact Us

Industrial Control Systems