Black Hat,
Cyberwarfare / Nation-State Attacks,
Events
Also: Rethinking IT-OT Integration; Previewing Black Hat 2025
This week, four editors from ISMG convened to delve into the latest developments surrounding the ToolShell exploit and the emergence of Warlock ransomware. They explored the implications of IT-OT integration for industrial security and previewed what attendees can expect from ISMG Studio at Black Hat Conference 2025.
The panel featured Anna Delaney, director of productions; Mathew Schwartz, executive editor of DataBreachToday and Europe; Suparna Goswami, executive editor; and Tom Field, senior vice president of editorial. They discussed how attackers linked to China have leveraged a vulnerability in SharePoint servers—referred to as the ToolShell flaw—to deploy Warlock ransomware, creating a hybrid campaign blending elements of espionage and cybercrime.
The conversation shifted to the contentious issue of IT-OT integration. The panelists articulated concerns that complete integration could be both unrealistic and fraught with risks. Instead, they proposed a model of “coordinated autonomy,” which aligns cybersecurity efforts with operational resilience in industrial contexts more effectively.
Looking ahead to Black Hat 2025, ISMG Studio plans extensive coverage, featuring over 30 interviews with chief information security officers (CISOs), security experts, researchers, and ethical hackers. Topics covered will range from responsible artificial intelligence to identity-based attacks and threat-led defense strategies.
The editorial team emphasized that the ISMG Editors’ Panel is a weekly program, inviting readers to revisit their previous discussions. This includes the July 18 edition, which examined the parallels between the Seychelles Bank breach and the infamous ‘Panama Papers’ case, as well as the July 25 installment that addressed the alarming surge in China-related SharePoint exploits.
