Data center infrastructure is built for resilience. Power, cooling, and physical security systems are tightly engineered to keep operations running, even under strain. But from a cybersecurity perspective, these same systems remain an open flank. Cyber-Physical Systems (CPS) such as HVAC controllers, power distribution equipment, and access control networks rarely fall under the scope of OT cybersecurity programs. They are essential to uptime. Yet in many facilities, they remain invisible to monitoring tools and unmanaged by cybersecurity policy. What’s happening The integration of CPS into data center operations is not new. But their exposure is growing. As more facilities adopt smart infrastructure (remote power control, intelligent cooling, integrated security) these systems are now connected, accessible, and increasingly targeted. CPS assets are externally managed ...

This week marks the 15th anniversary of Stuxnet’s discovery on 17 June 2010: the most well-known (and notorious) OT cyber-attack to disrupt physical equipment. With the target of the attack – Iran’s contentious uranium enrichment program – now the most important world event happening today, this is an opportune time to revisit Stuxnet and what lessons can be learned by Industrial Control System operators today. A Quick Refresher Stuxnet penetrated control systems at the Natanz enrichment site through compromised USB drives plugged into engineering workstations. Using four zero-day Windows vulnerabilities, the worm crossed the plant’s air gap and installed itself on Siemens S7 PLCs that controlled the centrifuges. It injected malicious ladder logic that forced rotor speeds beyond safe limits while feeding the control system (and, in turn, plant operators) falsified ...

Most OT cyber threats that target critical infrastructure (power, water, manufacturing) never make the news. They don’t get disclosed. Sometimes, they aren’t even recognized. This persistent underreporting isn’t just a data gap. It’s a risk amplifier - a force multiplier that leaves CISOs blind to real threats, makes security planning reactive instead of proactive, and ultimately puts physical systems at risk. Why? Because underreporting causes: Blind spots across the industry : Without shared incident data, threat intel remains incomplete. That means attack methods get recycled while defenders stay in the dark. Missed warning signals : Trends that should trigger preventive action (like repeat targeting of certain PLCs or entry via IT) go unnoticed across sectors. Distorted risk models : If breach numbers appear low, executives and regulators assume ...

In the wake of the recent cyber-physical attack on Ukraine's electrical grid in October 2022, as detailed in the Mandiant report, the imperative for robust cybersecurity measures is more evident than ever. This blog post explores how SIGA's Level 0 monitoring, inspired by insights from Mandiant's revelations, emerges as a pivotal solution in defending critical infrastructure against such sophisticated attacks. Mandiant's Insights: Unraveling the Cyber-Physical Attack Mandiant's report sheds light on the intricacies of the cyber-physical attack that targeted Ukraine's electrical grid in October 2022. The Russia-linked threat actor, Sandworm, employed novel techniques, including Living off the Land (LotL) tactics, to disrupt the operational technology (OT) infrastructure, leading to an unplanned power outage and subsequent chaos. As the threat landscape evolves, defending ...

Cyway  is a Dubai-based emerging leader in value-add cybersecurity distribution with a mission to be a leading cybersecurity business enabler for cloud and SaaS. It has partnered with leading technology alliances to provide solutions as well as consulting and professional services to partners and customers across the Middle East and Africa. Cyway offers extensive experience, expertise, industry insight, established ecosystem of reseller partners, and a track record of exceptional service. As Mahmoud Rabi, Director of Sales at Cyway mentioned “Critical infrastructure organizations worldwide are facing a sharp rise in the quantity and severity of cyber-attacks against their most valuable assets. Threat actors ideally target vital components in Level 0 (sensors, PLCs, actuators, processes… etc.) to achieve their ultimate goals by disrupting critical processes. In the case of a ...