- The State of Industrial Cybersecurity 2020
September 15, 2020
In 2020 ARC Advisory Group on behalf of Kaspersky conducted a survey on the state of industrial cybersecurity, as well as the current priorities and challenges of industrial organizations. More than 330 industrial companies and organizations across the globe were surveyed online and 10 industry representatives were interviewed at trade fairs and ARC forums worldwide. This ...
- A Blind Spot in ICS Security: The Protocol Gateway [Part 2] Vulnerability Allowing Stealth Attacks on Industrial Control Systems
September 14, 2020
A protocol gateway is a small network device, also called a protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks accelerates with IoT, protocol conversion grows increasingly important. However, the security of protocol gateways has not ...
- Strategic investment to secure smart factories
September 9, 2020
Security is undergoing a digital transformation in the manufacturing industry. As the fusion of the cyber world and the physical world progresses, various security issues are mounting. Manufacturing executives must view security as a management issue, not as a system issue. Is cyber security a cost or an investment? Trend Micro has published an ebook that focuses ...
- Cyberthreats for ICS in Energy in Europe. Q1 2020
September 4, 2020
Computers in European countries which are used to configure, maintain and control equipment in the energy industry on which Kaspersky products are installed. This includes Windows computers on which various software packages for the energy industry are installed, including but not limited to human-machine interface (HMI), OPC gateway, engineering, control and data acquisition software. Overall, in ...
- A Blind Spot in ICS Security: The Protocol Gateway [Part 1] – Importance of the Protocol Gateway
September 1, 2020
A protocol gateway is a small network device, also called a “protocol converter” or “IoT gateway.” It is similar to an “interpreter” in the digital word, and acts as a communications intermediary between different protocols. As the integration of networks accelerates with IoT, protocol conversion grows increasingly important. However, the security of protocol gateways has ...
- Bugs in HDL Automation expose IoT devices to remote hijacking
August 8, 2020
A security researcher discovered vulnerabilities in an automation system for smart homes and buildings that allowed taking over accounts belonging to other users and control associated devices. In a presentation on Saturday at the IoT Village during the DEF CON hacker conference, Barak Sternberg shows how some weak spots in the HDL automation system could have ...
- Hackers can remotely hijack enterprise, healthcare Temi robots
August 6, 2020
Robots used in hospitals and care homes to assist patients and the vulnerable can be fully hijacked by cyberattackers. On Thursday at Black Hat USA, McAfee’s Advanced Threat Research (ATR) team disclosed new research into the robots, in which remotely-exploitable vulnerabilities were uncovered, potentially leading to mobile, audio, and video tampering on the hospital floor. The robot ...
- Lost in Translation: When Industrial Protocol Translation goes Wrong
August 5, 2020
Translation makes it possible to exchange information across the globe, regardless of language differences. Translation plays a similar role in industrial internet of things (IIoT) environments where different devices, such as interfaces, sensors, and machines, use different protocols. Protocol gateways handle the translation of these different protocols in an industrial facility, allowing devices to communicate ...
- Unveiling the Hidden Risks of Industrial Automation Programming
August 4, 2020
Robots and other programmable industrial machines are the backbone of the manufacturing industry. Without them, the large-scale and fast-paced production that our modern economy depends on would simply be impossible. Critical sectors — from automotive and avionics to pharmaceuticals and food production — are reliant on these machines for the precise and efficient actions that ...
- Critical Bugs in Utilities VPNs Could Cause Physical Damage
July 29, 2020
Remote code-execution vulnerabilities in virtual private network (VPN) products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to operational technology (OT) networks in industrial systems are vulnerable to an array of security ...
- Maritime cyber attacks increase by 900% in three years
July 29, 2020
Cyber attacks on the maritime industry’s operational technology (OT) systems have increased by 900% over the last three years with the number of reported incidents set to reach record volumes by year end. Addressing port and terminal operators during an online forum last week, Robert Rizika, Naval Dome’s Boston-based Head of North American Operations, explained that ...
- NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
July 24, 2020
The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. These safety instrumented system (SIS) controllers are ...
- This is how EKANS ransomware is targeting industrial control systems
July 2, 2020
New samples of the EKANS ransomware have revealed how today’s cyberattackers are using a variety of methods to compromise key industrial companies. In a research report published on Wednesday, FortiGuard Labs researchers Ben Hunter and Fred Gutierrez said that malware designed to attack industrial control systems (ICS) continues to be lucrative for threat actors. While ransomware only accounted for ...
- Threat Assessment: EKANS Ransomware
June 26, 2020
Unit 42 researchers have observed recent EKANS (Snake backward) ransomware activity affecting multiple industries in the U.S and Europe. As a result, we’ve created this threat assessment report for the activities of this ransomware. Identified techniques and campaigns can be visualized using the Unit 42 Playbook Viewer. EKANS, which was first observed in January 2020, has relatively ...
- Forward-looking security analysis of smart factories [Part 4] – MES database compromises
June 18, 2020
If I had to describe the role of the MES (Manufacturing Execution System) in a single phrase, it would be “manufacturing playmaker.” As I mentioned in the previous column, the manufacturing process is divided into multiple layers, and the system performs a different role in each layer. The MES is at the top layer of the ...
- Targeted attacks on industrial companies using Snake ransomware
June 17, 2020
According to Kaspersky ICS CERT data, a number of industrial companies are currently experiencing targeted attacks involving the Snake encryption ransomware. On June 8, 2020 issues were reported which affected the computer networks of Honda, a Japanese motorcycle and auto manufacturer, in Europe and Japan. Specifically, it was announced that Honda Customer Service and Honda Financial Services were experiencing technical ...
- Ripple20 vulnerabilities will haunt the IoT landscape for years to come
June 16, 2020
Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years. The number if impacted products is estimated at “hundreds of millions” and includes products such as smart home devices, power grid equipment, ...
- Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware
June 11, 2020
Industrial control networks are coming under attack from a range of ransomware attacks, security researchers have warned, after an experiment revealed the speed at which hackers are uncovering vulnerabilities in critical infrastructure. Security company Cybereason built a ‘honeypot’ designed to look like an electricity company with operations across Europe and North America. The network was made to ...
- Forward-looking security analysis of smart factories [Part 3] – Trojanized libraries for industrial IoT devices
June 11, 2020
IoT devices are being incorporated more and more into smart factories. IoT devices are endpoints that have a unique IP address and that can connect to the Internet; they are expected to be used for various purposes not only in development but also in production environments, in combination with original programs developed in-house as well ...
- Honda investigates possible ransomware attack, networks impacted
June 8, 2020
Computer networks in Europe and Japan from car manufacturer giant Honda have been affected by issues that are reportedly related to a SNAKE Ransomware cyber-attack. Details are unclear at the moment but the company is currently investigating the cause of the problems that were detected on Monday. The company has confirmed to BleepingComputer that its IT network is not functioning ...