Claroty Launches Research Arm Team82, Finds Critical Vulnerabilities in Cloud-based ICS Management Platforms
July 21, 2021
News
Claroty launched Team82, its new research arm that provides vulnerability and threat research to Claroty customers and defenders of industrial networks.
Additionally, Team82 released a new report on critical vulnerabilities found in cloud-based management platforms for industrial control systems (ICS), highlighting the rise of ICS in the cloud and the need to secure cloud implementations in industrial environments.
According to the company, Team82, formerly known as The Claroty Research Team, is known for its development of industrial threat signatures, proprietary protocol analysis, and discovery of ICS vulnerabilities. The team works in ICS vulnerability research, with a total of 146 vulnerability discoveries and disclosures to date, and was the first to develop and release signatures for the Ripple20 and Wibu-Systems CodeMeter vulnerabilities and the threat actors that target them. The team works closely with industrial automation vendors to evaluate the security of their products.
In its latest report, “Top-Down and Bottom-Up: Exploiting Vulnerabilities in the OT Cloud Era,” Team82 researched the exploitability of cloud-based management platforms responsible for monitoring ICS, and developed techniques to exploit vulnerabilities in automation vendor CODESYS’ Automation Server and vulnerabilities in the WAGO PLC platform. Team82’s research mimics the top-down and bottom-up paths an attacker would take to either control a Level 1 device in order to eventually compromise the cloud-based management console, or the reverse, commandeer the cloud in order to manipulate all networked field devices.
The new Team82 Research Hub includes the team’s latest research reports, a vulnerability dashboard for tracking the latest disclosures, its coordinated disclosure policy for working with affected vendors, its public PGP Key for securely and safely exchanging vulnerability and research information, and other resources.
For more information, visit www.claroty.com
Tiera Oliver is the assistant managing editor at Embedded Computing Design. She is responsible for web content editing, product news, and story development. She also manages, edits, and develops content for ECD podcasts, including Embedded Insiders.
She utilizes her expertise in journalism and content management to oversee editorial content, coordinate with editors, and ensure high-quality output across web, print, and multimedia platforms. She manages diverse projects, assists in the production of digital magazines, and hosts company podcasts by conducting in-depth interviews with industry leaders to deliver engaging and insightful discussions.
Tiera attended Northern Arizona University, where she received her bachelor's in journalism and political science. She was also a news reporter for the student-led newspaper, The Lumberjack.
