STE WILLIAMS

Supercharge your infrastructure

Good Technology is trumpeting a newly-inked EAL4+ Common Criteria certification awarded to the its Good For Enterprise MDM and data protection platform.

The company’s local VP and GM Gavin Jones told Vulture South the certification relieves the need for the company to work through certifications on a country-by-country basis, at least for those countries that have agreed to the Common Criteria.

He noted, for example, that while achieving Defense Signals Directorate (now Australian Signals Directorate) certification is significant, the CC certification is more so, covering the 26 current CC countries.

He added that the company considers the certification to EAL4+ level (the highest CC certification) gives Good Technology a break over its competitors, since achieving the certification is expensive and burdensome.

Jones attributed the certification to the containerisation in the company’s mobile security products. This, he said, adds protection of data to the device-level protection that’s the basis of the MDM (mobile device management) sector.

The containerisation encrypts application data separately from the communications channel, and creates app-to-app tunnels to secure individual workflows. Cut-and-paste controls provide data loss prevention capabilities, and the platform allows apps to be locked or corporate data wiped in the event of a breach of policy. The platform also provides secure email, calendar information, contact details, document data and browser access.

The company says it’s got the only mobile collaboration studio to achieve EAL4+ for both iOS and Android platforms, for its Good For Enterprise platform. ®

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/13/good_tech_wins_cc_cert/

Supercharge your infrastructure

Microsoft has added support for Internet message access protocol (IMAP) to Outlook.com, its web-based email service.

Announced first on Reddit and later in a blog post, there’s little practical impact in the change, other than posisbly encouraging more developers and users to point their email clients at Outlook.com.

As Microsoft puts it, “While we believe that Exchange ActiveSync is the most robust protocol for connecting to your email … IMAP is widely supported on feature phones and other email clients such as those on a Mac.” Switching on IMAP therefore makes it more likely those not utterly committed to Microsoft might consider Outlook.com,

Adding OAuth means Redmond can let all manner of web app providers hook into Outlook inboxes, the better to siphon out email and mash it up. Examples offered include using the travel site Tripit, which thanks to oAuth “can now detect emails with travel confirmations in any Outlook.com inbox, and automatically import them into a TripIt itinerary.”

With many users less-than-entirely comfortable with even text ads appearing alongside their email, what could possibly go wrong with an app like that? ®

Supercharge your infrastructure

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/13/outlookcom_adds_imap_oauth/

A new wave of targeted attacks on South Korean organizations contains multiple signs that the attacks are likely coming from the North, according to new research.

Kaspersky Lab exposed a cyberespionage campaign dubbed Kimsuky aimed at spying on and stealing information from South Korean think-tank organizations.

South Korea has been hammered by several targeted attack campaigns in the past year, including the so-called DarkSeoul DDoS and data-destruction attacks on major South Korean banks, media outlets, and other entities. McAfee this summer revealed those attacks and other campaigns against South Korean targets were all part of a four-year effort to steal information about South Korean military and government operations that McAfee has dubbed Operation Troy, which also targeted U.S. Forces Korea, Republic of Korea, the Korean Department of Defense, and the U.S. Department of Defense.

Kaspersky Lab found no connection between the Kimsuky campaign and Operation Troy or Dark Seoul, says Kurt Baumgartner, principal researcher for Kaspersky Lab.

“This group appears to be lightly resourced and highly focused on exactly what they want. The operation and its implementation is simplistic, somewhat sloppy, but appears to be fairly effective,” Baumgartner said in an email interview.

The Kimsuky targeted attack campaign focused on 11 organizations in South Korea, and two in China. Among the targets were the Sejong Institute, Korea Institute For Defense Analyses (KIDA), South Korea’s Ministry of Unification, and Hyundai Merchant Marine. According to Kaspersky, the attack likely was delivered via spear-phishing e-mails: it executes keylogging, directory listing collection, remote control access, and steals HWP documents, a word processing document type widely used by the South Korean government.

Kaspersky says Kamsuky’s Trojan malware first surfaced in May of this year, and the attacks have been rife with flaws that provided the researchers with clues about the attackers’ origin. The code’s compilation path string, for example, includes Korean words, including commands for “attack” and “completion.”

And two email addresses where infected bots send status reports and other information are registered to “kimsukyang” and “Kim asdfa.” The researchers say while the names don’t necessarily correlate with specific attackers, the source IP addresses are located in the Jilin Province Network and Liaoning Province Network in China. ISPs there are believed to provide lines into North Korea as well, according to the research.

In addition, the malware disables South Korean anti-malware company AhnLab’s security software.

Kaspersky Lab’s full report on Kimsuky is available here.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/attacks-breaches/north-korea-likely-behind-new-targeted-a/240161217

Identity theft isn’t just credit- and debit-card account or social security number theft anymore: cybercriminals are targeting health insurance and other personal information to peddle or execute medical fraud for surgeries, prescription drugs, and medical equipment. A new report published today shows how quickly this medical identity theft is growing, with 1.84 million Americans falling victim to this form of fraud.

Medical identity theft is costly—victims paid $12 billion out of pocket last year—and it can be literally lethal, according to a new report by The Ponemon Group. “Medical identity theft is contributing significantly to the high costs of healthcare,” says Robin Slade, development coordinator for the Medical Identity Fraud Alliance, which along with ID Experts commissioned the report. “With financial fraud, you recover most of the losses incurred. But medical identity theft has the potential to impede medical treatment and to potentially kill you. The fraud causes your medical records to be contaminated by the medical information of the perpetrator. And very few consumers are aware of it.”

Some 15 percent of medical ID theft victims say the fraud resulted in a misdiagnosis; 13 percent, an inaccurate treatment; 14 percent, a delay in treatment; and 11 percent, the wrong prescription drugs. Half of those patients say those issues have not been resolved, according to the report.

There were some 313,000 new cases of medical ID theft reported last year, and those were only the ones reported: security experts say many don’t get reported. So-called “family fraud” factors into the equation here as well, says Larry Ponemon, chairman and founder of The Ponemon Institute.

Some 30 percent of the respondents say they have allowed a family member to use their personal ID to receive medical treatment, healthcare products, or pharmaceuticals, and more than one-fifth of them don’t know how many times they have done so. Nearly half of all medical ID fraud victims say they know who stole their identity, but didn’t want to report the perpetrator. And many don’t realize it’s illegal.

“It might be for a family member or friend suffering and who needs emergency care and is not insured, so they hand it over [their insurance card] and it’s used to steal” services, Ponemon says. “The family fraud issue is a very troubling finding.”

The report underlines one of the big problems with medical ID theft: a lack of understanding of just what constitutes fraud, as well as the growing value of medical information. Blue Cross/Blue Shield Association, AARP, the Identity Theft Resource Center, the Consumer Federation of America, the National Healthcare Anti-Fraud Association, and ID Experts last month co-founded the public-private Medical Identity Fraud Alliance to help fight medical identity theft. MIFA aims to unite key players and establish solutions and best practices, as well as educate consumers on how to empower themselves to protect their health information.

[Medical Identity Fraud Alliance debut a sign of the times as attackers set sights on valuable patient insurance and other health records. See New Consortium Formed To Cure Rise In Medical ID Fraud .]

Medical ID theft can take several forms: It can be the result of family fraud, a healthcare provider’s online data breach, or physical theft of equipment storing the information, such as the break-in last month at an administrative office of the largest health system in Illinois, Advocate Medical Group, where thieves stole four unencrypted computers that contained social security numbers, health insurance, and other personal information of 4.03 million patients.

Most victims don’t know how their medical information was exposed, Ponemon says. “A large segment of folks don’ t know how it happened,” he says.

Some 56 percent of the victims say they lost confidence in their healthcare provider in the wake of the fraud experience, and 57 percent say they would drop their provider if it was unable to protect their medical records. But most consumers don’t do much to protect their medical information: 54 percent say they don’t check their health records because they don’t know how to do so and are relying on their healthcare provider to take care of it, and 52 percent say they didn’t report medical claims that appeared inaccurate.

Dan Nutkis, founder and CEO of the Health Information Trust Alliance (HITRUST), says healthcare organizations increasingly are being targeted by cybercriminals for both financial and medical information. “There’s no question about it: there’s been an uptick in healthcare [providers] being targeted,” Nutkis says.

Attackers are placing and selling backdoors or other malware onto healthcare organizations’ systems for other bad guys to steal information. “They have planted backdoors in healthcare organizations so they can sell access,” Nutkis says.

Alex Balan, head of product management at BullGuard, which offers an online identity protection service for consumers, points to a data dump a few months ago that included victim names, dates of birth, addresses, height, weight, full credit card account information, insurance information, and even the type of cars they drove. “There were 20- to 30 columns for each individual” entry, Balan says. It was enough information to begin to assume someone’s identity.

Social engineering can provide a treasure trove of medical information for fraudsters, he says. “If you’re trying to get services from a medical institution or a hospital, you need to know the entire scripts on what you’re going to be asked, and what credentials” you will need, for example, he says.

The full Ponemon 2013 Survey on Medical Identity Theft is available here for download.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/attacks-breaches/medical-id-theft-spreads/240161234

Free ESG report : Seamless data management with Avere FXT

Crooks are using the NSA’s notorious global web surveillance scandal in new ransomware: punters visiting booby-trapped websites are falsely accused of downloading illegal material, told their PCs are now locked from use, and ordered to hand over a cash “fine” to unlock their computers.

Cloud security firm Zscaler has spotted 20 hijacked domains hosting malicious web pages that attempt to trick naive web surfers into installing virus-killing scareware (because it’s claimed their computer is supposedly riddled with malware) or handing over money to unlock PCs that have supposedly been used to download images of child abuse.

Marks are either confronted with a warning that malware has supposedly been detected on their computer, or a bogus NSA PRISM-themed alert. In both cases, the goal is to scare the target into paying the attacker to “fix” their computer.

The campaign started off by pushing fake antivirus software (aka scareware) on the pretext that viruses had supposedly been detected on a mark’s computer and money had to be paid out to have the nasties removed.

Now it’s pushing a ransomware scam, which claims that child porn has been detected on a PC. The user is told he or she can “avoid prosecution” by handing over $300. In the meantime the ransomware says it locks victims out of their machines.

These shenanigans have been common on the web for years, and it’s only the PRISM angle that adds a new spin. Scammers are obviously hoping that their marks pay up to resolve the problem without giving this any further thought. The proposed opt-in system to allow adults to look at legit porn sites in the UK laws may inadvertently help the preposterous con appear a tad more plausible, according to Zscaler.

Accused … how the ransomware appears in the web browser (click to enlarge)

“The attacker uses the recent news about PRISM to claim that the victim’s computer has been blocked because it accessed illegal pornographic content,” a blog post by Zscaler ThreatLabZ researcher Julien Sobrier explains.

“The victim has to pay $300 through MoneyPak, a prepaid card service.”

“The ThreatLabZ team expect attackers to take advantages of the upcoming UK laws on accessing adult content online to send new types of fake warnings to UK victims.” ®

Free ESG report : Seamless data management with Avere FXT

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/12/prism_themed_ransomware/

Free ESG report : Seamless data management with Avere FXT

A hack on a Vodafone Germany server has exposed the personal details – including banking information – of two million of its customers.

Hackers accessed names, addresses, bank account numbers and dates of birth. Phone numbers, credit card details and passwords are thought to be safe, but the leaked information is still pretty extensive and ample fodder for follow-up phishing attacks.

It’s unclear when the breach took place, but it appears to have involved a successful compromise of an internal server on Vodafone’s network. The German arm of the British mobile giant went public with the problem and began notifying customers on Thursday after first reporting the incident to German police.

In a statement (in Deutsch) expressing regret over the incident and promising to inform customers, Vodafone.de said that police have identified an unnamed suspect and carried out a search.

Vodafone’s German subsidiary promised to beef up the security of its systems to help guard against future attacks. “This case concerns only Vodafone Germany, other countries are not affected,” it said, according to a Google translation of the mobile operator’s statement on the security flap. “It is virtually impossible to use the data to get directly access to the bank accounts of those affected,” Vodafone told Reuters. ®

Free ESG report : Seamless data management with Avere FXT

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/12/vodafone_germany_breach/

From Trojan horses to viruses, botnets to ransomware, malicious software garners a great deal of attention from security vendors and the media.

Yet, mobile users–especially those in North America–should worry more about other threats. While smartphones and tablets could be platforms for a whole new generation of malicious functionality, the ecosystems surrounding the most popular devices work well to limit their exposure to malware. The number of malware variants targeting the Android platform is certainly expanding–surpassing 275,000 as of the first quarter of 2013, according to security firm Juniper Networks–but few of the malicious programs have snuck into the mainstream application marketplaces.

Instead, the top threats to organizations grab fewer headlines. While security experts continue to put malware as a significant threat, lost and stolen devices, insecure communications, and insecure application development affect many more users. Juniper, for example, puts insecure communications at the top of its list, says Troy Vennon, director of the mobile threat center at Juniper Networks.

“We see a lot of organizations that have gone to the BYOD model, and they are encouraging their users to connect back into the enterprise for access to data and resources,” he says. “They are trying to figure out how they are going to secure that communication and secure that transfer of data.”

Enterprises also have to be aware of what their users are installing on their phones and how they may be using the devices for handling sensitive corporate data, says Con Mallon, a senior director of Symantec’s mobility business.

“You can only secure what you know about, so knowing what you have walking around your enterprise is important,” he says, adding that the defenses should extend to application and how those applications deal with data. “I should not be able to take the company data and put it in my own personal Dropbox folder.”

Based on data and interviews with experts, here are the top four threats:

1. Lost and stolen phones

In March 2012, mobile-device management firm Lookout analyzed its data for U.S. consumers who activated the company’s phone-finding service, estimating that the nation’s mobile users lose a phone once every 3.5 seconds. In another study released around the same time, Symantec researchers left 50 phones behind in different cities finding that 83 percent of the devices had corporate applications accessed by the person finding the phone.

“Mobile phones and tablets are being lost or stolen on an increasing basis,” says Giri Sreenivas, vice president and general manager for mobile at vulnerability management firm Rapid7. “The challenge is that there is relatively easy techniques for evading some of the on-device security controls, such as bypassing a lock screen password.”

[Embedded device dangers don’t just plague consumers or industrial control systems. See Tackling Enterprise Threats From The Internet Of Things.]

While Apple’s TouchID, announced this week may help consumers and employees better secure their devices against theft, the majority of users still do not even use a passcode to lock their device against misuse. Companies should train users to lock their smartphones and tablets and use a mobile-device management system to erase the device if necessary, says Juniper’s Vennon.

In the company’s latest mobile-security report, Juniper found that 13% of users used its MDM solution to locate a phone and 9% locked a device. Only 1.5 percent of users–or about one in every 8 that lost a device–wiped the smartphone, indicating that the device was likely not found, says Vennon.

“Every company should be able to locate, lock, and wipe,” he says. “It’s hugely necessary.”

2. Insecure communications

While there is a lot less data on how often mobile users connect to open networks, companies consider insecure connections to wireless network a top threat, says Rapid7’s Sreenivas. The problem is that wireless devices are often set to connect to an open network that matches one to which it had previous connected.

“A lot of people will look for a Wifi hotspot and they won’t look to see if it is secure or insecure,” he says. “And once they are on an open network, it is quite easy to execute a man-in-the-middle attack.”

The solution is to force the user to route traffic through a mobile virtual private network before connecting to any network, he says.

3. Leaving the walled garden

Users that jailbreak their smartphone or use a third-party app store that does not have a strong policy of checking applications for malicious behavior put themselves at greater risk of compromise. For example, while only about 3% of users in North America have some sort of suspicious or malicious software on their smartphone, the incident of such badware is much higher in China, with more than 170 app stores, and Russia, with more than 130 stores, according to Juniper’s Third Annual Mobile Threats Report.

A well-secured app store, which vets each submitted application, is part of the overall ecosystem that secures a mobile device. Any users that buys from a marketplace with little security puts their phone at risk, Juniper’s Vennon says.

“There is not question that if you, as a user, are making the decision to download an app from an unknown source in a third-party app store, you are opening yourself up for the potential of malware,” he says.

4. Vulnerable development frameworks

Even legitimate applications can be a threat to the user, if the developer does not take security into account when developing the application. Vulnerabilities in popular applications and flaws in frequently used programming frameworks can leave a device open to attack, says Rapid7’s Sreenivas.

The Webkit HTML rendering library, for example, is a key component of the browser in most smartphones. However, security researchers often find vulnerabilities in the software, he says. Companies should make sure that employees devices are updated–currently the best defense against vulnerabilities.

“Understanding the corresponding vulnerability risk and making sure that the devices are patched,” says Sreenivas. “It is very interesting that proximity attacks, and techniques for jailbreaks, and other attacks can all be mitigated by bringing the mobile platform for your device up to date.”

Malicious and suspicious software

Malware, adware and other questionable software are a threat, but mainly in China, Russia, and other countries. Yet, while North American users have less to worry about malware, suspicious software–including privacy-invasive apps–is quite rampant. Juniper, for example, has blocked infections of malicious and unwanted software on 3.1 percent of its customers’ devices.

Moreover, security researchers continue to analyze mobile devices for vulnerabilities, and cybercriminals are getting better at monetizing mobile-device compromises–two prerequisites for the malware to take off on mobile devices, says Symantec’s Mallon.

“We can see malware and monetization happening, toolkits are out there–all of these things parallel the development of malware in the Windows world,” he said.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/mobile/4-mobile-device-dangers-that-are-more-of/240161141

Free ESG report : Seamless data management with Avere FXT

It will not come as explosive news to most sensible travellers, but US airline passengers have been warned to leave their grenades at home when getting on a flight.

The US Transportation Security Administration (TSA) has issued a stern warning to anyone thinking of bringing their favourite handheld bomb on holiday.

In a blog post, the TSA said it busted 43 people with grenades in carry-on baggage and 40 people who carried them in their checked luggage. The majority of these grenades were inert, replica, or novelty items, but others were actual live smoke, flare and riot grenades – hardly the sort of thing you’d want to go off during a bumpy flight.

The TSA said: “After reading the title of this post, your first thought probably was, ‘That’s obvious’. Not always so.”

Inert or fake grenades won’t actually go bang, the TSA continued, but will cause a security alert which could hold up flights. They would also cause a few interesting scenes on board a plane if someone was to show off their souvenir.

“So remember, real or not, if it looks like a grenade or any other type of explosive device, it cannot be packed in your carry-on or checked baggage,” the TSA added.”Grenade-shaped belt buckles, lighters, soap, candles, MP3 players, paperweights, inert training grenades, and other items can all look like the real item on the X-ray monitor. Please leave these items at home, or find another way of getting them to your destination.”

TSA officers at Dallas Fort Worth actually found a proper 40mm High Explosive Dual Purpose Projectile grenade in a carry-on bag last year, but because the passenger was a soldier who “made a mistake”, he was let off with a slap on the wrist.

Most recently, the TSA was in these hallowed pages because of a furore over its pervy scanners, which have since been upgraded so that they highlight only “potentially dangerous objects” rather than bodily features. Nevertheless, one angry techie still found their general security screening far too invasive, and stripped naked in protest. ®

Free ESG report : Seamless data management with Avere FXT

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/09/12/flying_to_america_remember_to_leave_your_grenades_at_home/

[The following is excerpted from “Building and Maintaining Effective Firewall Configurations,” a new report posted this week on Dark Reading’s Perimeter Security Tech Center.]

Much of the innovation we’re seeing in the perimeter security space today is happening in the areas of Web security and application intelligence, but advanced threats and intelligent malware aren’t the only threat vectors you need to account for. Your entire perimeter security strategy must be built upon a strong foundation, and that starts with the execution of certain basic firewall configuration best practices. You can have the best intrusion-prevention system (IPS) and Web security tools on the planet, but if your firewall is misconfigured or mismanaged, then you are living in a house built on top of a sinkhole.

Proper configuration and management of your firewalls is a trivial exercise for the experienced firewall admin. But even the best among us can make the occasional mistake that can open up an attack vector. On the other end of the spectrum, less-seasoned firewall admins can open up gaping holes in their defenses without even knowing it.

Operational and management issues that create real security holes are only magnified when large teams of security pros are co-managing a large number of firewalls. If you’re fortunate enough to be an experienced firewall admin wholly responsible for your farm of corporate firewalls, then consider yourself extremely lucky. But in most cases, the responsibility of managing a large number of firewalls spread across many sites is shared among a team of security pros. And as with any co-managed system, the more cooks in the kitchen, the greater the likelihood of errors, mistakes or misconfigurations in the broth.

All too often, we concentrate our time and effort on making sure our advanced security tools are doing an effective job. And all too often, we fail to pay attention to a crack in the foundation that can surface as a result of security policy misconfiguration. Here are some of the gotchas, tools and best practices that should be considered to ensure that your firewalls provide a strong foundation for the rest of your perimeter security strategy.

Rule-Based Configuration
Building and maintaining an effective firewall configuration starts with your rule base. Whether you’re unpacking a firewall for the first time or pushing a new security policy to an existing firewall for the 1,000th time, the way in which you configure your firewall rules can help make you extremely secure or extremely insecure. It’s easy for anyone to grasp the concept of what a firewall needs to do from a rule perspective, but implementation is key to avoiding gaping holes in your defenses. Even veteran firewall pros can make mistakes here, especially when trying to manage unfamiliar firewall platforms.

There are several basic best practices that should be used in the day-to-day management of your firewalls from a rule-based configuration perspective.

Don’t lose track of your “deny-any” rule.
When you unpack a new firewall and start building a security policy from scratch, it’s easy to visualize what hosts you’re exposing to the Internet. However, that visualization gets infinitely more difficult when you have 300 rules in play.

Most enterprise-grade firewalls come with a “deny-any” rule base out of the box, and it’s important not to lose track of it. The deny-any rule is commonly referred to as the “catch-all” rule because it ensures that any traffic not specifically allowed is dropped. Firewall admins can run into trouble when they set this action to “allow” and fail to set it back, or when they fail to see that the default action is set to allow. Even more likely: They configure an allow-any rule prior to reaching the catch-all rule, which defeats the whole purpose of the catch-all rule.

Beyond that, it’s important not to be overly generous with the TCP/UDP services that you allow internal hosts access to on the Internet. If you are, then you’re exposing your hosts to unnecessary risk of attack and/or malware infection.

To read more rules and tips for maintaining strong firewall configuration — and for some easy-to-use controls you can add to your security policy — download the free report.

Have a comment on this story? Please click “Add a Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/management/building-and-maintaining-effective-firew/240161176

Waterfall Security Solutions [http://www.waterfall-security.com ], the leading provider of stronger-than-firewall security for critical infrastructure and industrial control systems, today announced four new enterprise-class integrations for its Unidirectional Security Gateway solution. Enabling seamless and secure control system integration with the heart of corporate data management solutions, Waterfall’s Unidirectional Security Gateways now support Oracle, Microsoft SQL Server and MySQL databases, as well as the SAP Enterprise Resource Planning (ERP) system to streamline secure IT and operations systems integration.

The new replications allow for part or all of the real-time data from industrial control systems to be made widely available on corporate networks. The hardware-enforced Unidirectional Security Gateways replicate servers from industrial networks to corporate networks to provide corporate users and applications with access to real-time data while eliminating the risk that a cyber attack could breach the safety or reliability of the critical control systems from which are the source of the data.

“Waterfall has the broadest suite of off-the-shelf, hardware-enforced unidirectional integrations,” says Lior Frenkel, founder and CEO of Waterfall.

“These new capabilities extend our lead over the competition, and demonstrate to our customers the flexibility our solutions offer to protect their control systems from cyber attacks, while still retaining access to critical industrial data.”

Increased centralization of plant engineering functions and increased integration of plant control systems with corporate IT infrastructures are examples of trends which are driving increased connectivity of control system networks with corporate networks. Continued increases in the sophistication of cyber attacks though, underscore the steadily-increasing need to protect the safe and reliable operation of large physical assets.

“Relational databases and SAP systems are the very foundation of data integration in enterprise networks” adds Andrew Ginter, Waterfall’s VP of Industrial Security. “The new replications allow Waterfall’s solutions to populate these foundational corporate data repositories directly from control system networks, without the use of additional middleware or data movement steps. And as is the case with all of Waterfall’s Unidirectional Security Gateway products, no online attack can pass back through the unidirectional hardware to put plant safety or reliability at risk.”

About Waterfall Security Solutions: Waterfall Security Solutions Ltd. is the leading provider of hardware technologies, such as Unidirectional Security

Gateways(TM) and BES Control Center solutions, for industrial control networks and critical infrastructures. The company’s products are deployed in utilities and critical national infrastructures throughout North America, Europe, Asia and Israel. The technology reduces the cost and complexity of compliance with NERC-CIP, NRC, NIST, CFATS and other regulations, and includes support for leading industrial applications, including the OSIsoft PI(TM) Historian, the GE

Proficy(TM) iHistorian, Siemens SIMATIC(TM)/Spectrum(TM) solutions and GE OSM

(TM) remote monitoring platforms as well as OPC, Modbus, DNP3, ICCP and other industrial protocols. Waterfall received the 2012 Network Security Award for Industrial Control Systems Entrepreneurial Company of the Year and the 2013 North America Award for Customer Value Enhancement from Frost Sullivan. For more information see http://www.waterfall-security.com

Article source: http://www.darkreading.com/management/waterfall-security-solutions-announces-e/240161184