#CyberSecVlogs Video Series – Come Explore OT/ICS/IT/Cloud Security with Me!
Fahad Mughal
Passionate OT/ICS/IT Security Consultant | Safeguarding Critical Infrastructure | Rail Cybersecurity Advocate | Industrial Cyber Defense | AGSVA Cleared | Views are Personal!
Welcome to #CyberSecVlogs, where I dive into the unique cybersecurity challenges of Operational Technology, Industrial Control Systems, IT and Cloud infrastructure. In each video, I cover real-world case studies, best practices, and actionable insights. Here’s a full list of videos to help you stay ahead in OT/ICS/IT/Cloud cybersecurity:
Episode 1 - MoveIT File Transfer Vulnerability
Description:
In this Video, I delve into a recent #vulnerability in the "MoveIT Transfer" #moveit Managed File Transfer Software that has caught attention worldwide.
Join me as I demystify the technical jargon and uncover the root cause of this alarming vulnerability.
I will explain how a flaw in software or systems can be exploited by cybercriminals to gain unauthorized access or disrupt critical operations.
Understanding the threat landscape is the first step towards building a robust defense against cyber-attacks.
Alongside comprehensive explanation, there is valuable recommendations for organizations to shield themselves from such vulnerabilities.
Video Link:
Episode 2 - Microsoft DDoS Attack
Description:
"Think your business is a fortress against sophisticated DDoS attacks? Well, hold that thought!"
In this 3-minute video, let's look at the thrilling tale of the recent DDoS attack by #anonymoussudan that rocked Microsoft Services and how businesses should navigate the treacherous waters when their day-to-day operations rely heavily on technology vendors.
Video Link:
Episode 3 - Empowering Security Effectiveness: Measuring Against Real-World Adversaries
Description:
Do these questions resonate with you:
In this 5-minute video, we embark on a captivating, animated journey as we explore the dynamic synergy between the "Cyber Kill Chain" and the "Library of Cyber Resilience Metrics", empowering organizations to measure their security effectiveness against real-world adversaries.
Video Link:
Episode 4 - Enhancing Critical Infrastructure Security with ISA-95 Purdue Model
Description:
In this animated video, we dive into the world of Critical Infrastructure security and unveil the "ISA-95 Purdue Model".
Join me to explore the significance of safeguarding our critical systems, the unique layers of the ISA95 Purdue Model, and how it fortifies the industrial technology landscape.
Discover how this framework harmonizes with IEC-62443 and other well-known standards to create a fortress against cyber threats. Learn how critical infrastructure organizations can strengthen their security posture by adopting this model, ensuring our cities thrive securely!
Video Link:
Living-Off-The-Land (LOTL) Techniques Series
Episode 5 - Navigating the Shadows: Understanding Living Off the Land Techniques (LOTL)
Description:
Dive into the hidden world of cyber security with my latest Cyber Sec Vlog!
🌐✨ In this enlightening episode, I explore the crafty and often overlooked "Living Off the Land" techniques, where cybercriminals exploit everyday tools within your own digital backyard to orchestrate their cyber-attacks.
🔍 What will you learn? Understand the Basics: What are Living Off the Land (LOTL) techniques? Discover the Risks: Why should every organization be vigilant about these stealthy tactics? Connect the Dots: How does the notorious Volt Typhoon group utilize LOTL strategies to breach defenses?
🚀 Why watch? Stay Informed: Keep up with sophisticated cyber threats and learn how to spot them. Gain Insights: I will bring complex concepts to life, making them easy to understand.
Video Link:
Episode 6 -Understanding LOTL Attacks in 3 Minutes!
Description:
Dive into the hidden world of cyber security with my latest Cyber Sec Vlog!
In my latest 3-minute video, we dive deeper into the anatomy of Living-off-the-Land (LOTL) attacks, building on the foundation from part one 🌐🔍
🌐 Recent advisories from the US Critical Infrastructure Agency and the Australian Signals Directorate (ASD) have sounded the alarm: nation-state actors like Volt Typhoon are leveraging Living-Off-The-Land (LOTL) techniques to infiltrate organizations. These sophisticated attacks can compromise critical infrastructure, making it crucial for cybersecurity personnel across roles (CISOs, risk managers, security engineers, analysts, and more) to grasp their mechanics.
🔍 Why is this 3-minute video essential?
P.S. Want more in-depth cybersecurity content? Subscribe to my YouTube channel @cybersecvlogs for the latest topics! Leave a comment below: What are your thoughts on LOTL attacks? Let's discuss and together we’ll fortify our digital defenses! 💪
Video Link:
Episode 7 - Understanding OT and ICS Cyber Security in Critical Infrastructure
Description:
Excited to share my latest LinkedIn cyber vlog! 🎥 Dive into the world of OT and ICS cyber security in just 2 minutes. These systems are the backbone of Australia's critical infrastructure - powering railways and keeping our grids running smoothly.
In this session, I cover:
Let's work together to keep our critical infrastructure safe!
Video Link:
Episode 8 - Ukraine Power Plant Attack (Sandworm)
Description:
❓ Are you an Asset owner OR an Operator/Maintainer of a critical infrastructure organization?
❓ Do you think that a cyber-attack on your OT/ICS infrastructure is far-off or not possible?
❓ Is improving your OT cyber posture not on your business’s investment priority?
💡 Let me change your perspective, in less than 4 minutes… 📽 In this episode, we dive into the 2022 cyber-attack on Ukraine's electrical power plants, attributed to the nation-state threat actor 'Sandworm'.
📌 Key highlights from the video:
🔍 The episode highlights the importance of implementing a proper Risk-based Patch and Vulnerability Management program in OT Environments and robust threat monitoring use-cases for OT environments.
Join me as we navigate the complex world of cybersecurity in the OT landscape, learn from past incidents, and prepare for future threats.
Video Link:
Episode 9 - CrowdStrike Chaos - An OT Security Architect’s Perspective
Description:
In my latest #CyberSecVlogs episode, I delve into the recent CrowdStrike incident that rocked the technology world. This update mishap led to widespread system crashes, impacting businesses globally, including major disruptions in Australia.
In this vlog, I cover:
💡 Incident Overview: A quick brief on what happened and its global impact.
💡 Internet Reactions: From empathy shown by tech leaders to opportunistic vendor responses, conspiracy theories, and phishing scams.
💡 Debates: Is it a security incident or an operational one? My take on this hot topic.
💡 Lessons Learned: Emphasizing the critical need for rigorous testing of content updates, aligning with the ISA/IEC 62443 standard. I discuss the importance of phased deployments and robust incident response procedures.
🔍 Whether you're an OT/ICS professional or simply interested in cybersecurity, this vlog provides valuable insights and lessons from a major industry incident.
Video Link:
Episode 10 - Unlocking the Secrets of FrostyGoop: The Hidden Malware Threatening Industrial Control Systems
Description:
While everyone was focused on the latest "big-name" Tech incident, a silent yet powerful threat has emerged in the world of Industrial Control Systems (ICS). Introducing "FrostyGoop"—the malware you might never heard of but need to know about.
In my latest #CyberSecVlogs episode, I dive into Dragos's discovery of new ICS malware, its impact on critical infrastructure, and the hidden vulnerabilities in protocols like "Modbus" that make it all too easy for attackers.
🔒 Learn how to defend your ICS environment against this and other emerging threats.
Watch the video to uncover the secrets behind FrostyGoop and what it means for the future of OT security.
Video Link:
Railway CyberSecurity Series
Episode 11 - Railway Cybersecurity: Setting the Stage for a Safe Journey
Description:
Hi #OTSecurity community! 🎥 I’m excited to share the 11th episode of #CyberSecVlogs! I am starting a brand-new video series on #RailwayCybersecurity! A dedicated chapter exploring the unique challenges and threats facing the railway industry.
🌍 Over the past decade, attacks on railway systems have grown more frequent and sophisticated. From the 2021 attack on Iran’s railway to the recent 2023 breach in Poland, we’ve seen how cybercriminals and nation-state actors can cause widespread disruption with devastating consequences.
In this short video, I cover:
🔹 The role of Operational Technology (OT) in railway systems.
🔹 Key case studies of major cyber-attacks.
Whether you're a professional in #Transport, #OT, #ICS, or #CyberSecurity, protecting railway systems is a critical challenge. Follow me to stay updated as we explore strategies to defend against these evolving threats. Let’s keep our trains running safely and securely! 🚄💻
Video Link:
Episode 12 - From Legislation to Action: How the SOCI Act is Redefining Cybersecurity in Australia
Description:
🚨 From Legislation to Action: How the #SOCI Act is Redefining Cybersecurity in Australia 🚨
The Security of Critical Infrastructure (SOCI) Act has been shaping how Australia protects its most essential systems since 2018. With major amendments over the years, it has evolved into a cornerstone for safeguarding our critical infrastructure against modern cyber and physical threats.
🎥 In just 4 minutes, this vlog gives you a focused glimpse into the SOCI Act—a worthwhile watch for anyone looking to understand this game-changing legislation.
This vlog explores:
✅ What the SOCI Act is and why it’s crucial: Learn how this legislation ensures that sectors like energy, water, healthcare, and transport remain resilient.
✅ Key obligations for operators and owners: Discover the mandatory requirements, including cyber incident reporting, risk management programs, and enhanced obligations for Systems of National Significance (SoNS).
✅ How the Government Assistance Mechanism (GAM) works: Understand the unique provision that allows the Australian government to intervene during severe cyber incidents.
✅ Implications for OT/ICS professionals: For those in Operational Technology (OT) and Industrial Control Systems (ICS), the SOCI Act has significant implications. From incident response to vulnerability testing, OT/ICS professionals are now at the frontline of national security.
💡 Why this matters now: With the growing complexity of cyber threats, the SOCI Act is more relevant than ever. Recent legislative developments in the Australian parliament, including the passage of new cybersecurity laws, underscore the nation’s commitment to protecting critical infrastructure. Whether you’re operating a SoNS or part of a critical infrastructure team, this legislation highlights the vital role cybersecurity plays in ensuring Australia's resilience and security...
Video Link:
Episode 13 - Cyber Informed Engineering (CIE) — Are You Engineering Resilience or Liability?
In my latest #CyberSecVlogs episode, I unpack a critical shift happening in how we build industrial control systems: Cyber Informed Engineering (CIE).
CIE isn’t just about patching vulnerabilities or installing firewalls. It’s about re-imagining system design with cyber resilience baked into the DNA of control systems, physical processes, and safety logic.
🔐 Why does this matter?
Because today’s control systems can cause real-world consequences — blackouts, shutdowns, even safety incidents. And yet, cybersecurity is still bolted on after the system is designed.
This short vlog explores:
✅ What CIE is and why it's so important for ICS/OT systems
✅ Why safety cases must start accounting for cyber-induced failure
✅ The growing alignment between engineering and cybersecurity practices
✅ How Australian frameworks like #AESCSF and critical infrastructure reforms are starting to echo this need for cyber-physical resilience.
And it's not just an Aussie conversation. Internationally, organizations like the U.S. DOE and SANS Institute are driving this mindset forward.
🎯 Reflection questions:
➡️Are your safety systems designed to fail safely, even under cyber attack?
➡️Is cybersecurity involved in your HAZOPs and engineering lifecycle?
➡️Have your engineers been exposed to ICS-specific threat modeling?
Episode 14 - Secure Functional Safety — Where Safety Meets Cybersecurity
In my last #CyberSecVlogs episode, I talked about Cyber Informed Engineering (CIE), the idea that cybersecurity should be embedded in industrial system design, not bolted on as an afterthought. Today, I’m zooming in on where this matters most: Functional Safety.
⚠️ In many ICS environments, we trust interlocks, alarms, and shutdown systems to protect life and processes.But what if a cyber attacker disables the logic inside your safety PLC?What if your “fail-safe” system… fails dangerously?
In this short episode, I explore what Secure Functional Safety really means.
💭 If your safety case doesn’t consider cyber-induced failure — you haven’t fully accounted for risk. Is Secure Functional Safety part of your design discussions?
Episode 15 - Secure Functional Safety — Where Safety Meets Cybersecurity
🚨 “Your mission, Mr. Hunt - should you choose to accept?”No, this isn’t Mission Impossible. It’s Mission Critical. In this new episode of #CyberSecVlogs, I wear the OT Blue Team hat 🧢 and break down:
➡️ How MITRE ICS ATT&CK can help build smarter detection strategies
➡️ What SOC teams should monitor before attackers reach SIS/PLCsRealistic
No-nonsense steps OT defenders can implement today:
✅ Monitor engineering workstations
✅ Passive network detection that actually works
✅ MITRE-based detection logic
✅ Contextual anomaly detection
💡 If it has logic, if it has code, if it can be programmed, it must be monitored! Because as Triton malware taught us, ignoring safety systems isn't just a gap, it can be a risk to human life.
Author of SecurityPatterns.io | Helping businesses build cybersecurity resilience | Founder at Patterned Security
9moAwesome work Fahad Mughal 👍