Industrial Security

December 12, 2017

Security researchers have demonstrated a new technique for hacking air-gapped industrial control system networks, and hope their work will encourage the development of more robust defences for SCADA-based systems. Air-gapped industrial networks are thought to be difficult if not impossible to hack partly because they are isolated from the internet and corporate IT networks. However, in ...

November 8, 2017

The Internet of Things (IoT) is causing serious security concerns for enterprises worldwide with few companies capable of securing them as they are unable to identify devices properly, according to new research. On Wednesday, ForeScout Technologies revealed the results of a new survey into the challenges IoT poses for the enterprise. The survey, conducted by Forrester Consulting, suggests that ...

August 11, 2017

Critical infrastructure operators can’t be blamed for a perpetual case of whiplash. They are mired between hackers targeting internet-facing and air-gapped systems with equal precision, and vendors and management unwilling to properly tackle security for fear of downtime and incompatibility. “The space of ICS/SCADA has not changed much, so you can find devices running old OSes ...

July 14, 2017

A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product supports card readers and integrates with video surveillance equipment, among other ...

July 14, 2017

Four out of 10 industrial control security practitioners don’t have proper visibility into their ICS networks. This is according to a new study by the SANS Institute. Based on a poll of ICS practitioners and cybersecurity stakeholders across various verticals, including energy, manufacturing, oil and gas, the report says that 40 percent of defenders are actually ...

July 3, 2017

You don’t need state-sponsored hackers to crack industrial control systems, just an empty Intel AMT login – something Siemens started patching against last week. The bug in Intel’s Active Management Technology emerged in June. It allowed a user to exploit AMT features with an empty login string, and has been shipping in processors since 2010. In Siemens’s ...

July 1, 2017

Ho Chi Minh City requires Europe’s experience and solutions to create smart cities, a conference heard on June 30. Speaking at the “Cyber security, Internet of Things and Connected Services towards a smart city” conference, organised by the European Chamber of Commerce in Vietnam (EuroCham), Vo Quang Hue, vice chairman of EuroCham, said: “The Smart Cities ...

June 30, 2017

There is a pressing need to improve cyber security in industrial control system (ICS) environments to avoid future breaches that could impact critical national infrastructure concludes CREST, the not-for-profit accreditation body representing the technical information security industry. This is based on a report, which highlighted a number of challenges and suggests that more technical security testing has ...

June 23, 2017

Siemens patched two vulnerabilities in products commonly found in industrial control system setups this week. If exploited the flaws could allow an attacker to perform administrative actions or gain read access to sensitive data on affected systems. Siemens patched one issue (.PDF) on Tuesday and the other on Thursday (.PDF) this week. ICS-CERT, the Department of ...

June 19, 2017

When we think about critical infrastructures, we tend to think about energy. Whether electric power lines or supplies to oil and gas, cut off access to energy, and our worlds go dark. Though you can certainly argue that other industries are just as critical—pharmaceuticals, food supply and others—it is the energy sector that seems to ...

June 12, 2017

Last December, a cyber attack on Ukrainian Electric power grid caused the power outage in the northern part of Kiev — the country’s capital — and surrounding areas, causing a blackout for tens of thousands of citizens for an hour and fifteen minutes around midnight. Now, security researchers have discovered the culprit behind those cyber attacks ...

June 9, 2017

Vulnerabilities in software that automates everything from factories to traffic lights has become the nation’s top cybersecurity threat, an agent on the FBI’s Denver Cyber Task Force said Thursday in Colorado Springs. Supervisory control and data acquisition software is used to control — sometimes remotely — many types of devices in the energy, transportation, manufacturing and ...

June 8, 2017

Honeywell Process Solutions (HPS; Houston; www.honeywellprocess.com), with the support of the Singapore Economic Development Board (EDB), will  establish a new industrial cybersecurity center of excellence (COE) for Asia Pacific in Singapore. The COE will feature a state-of-the-art cybersecurity research and development lab, an advanced training facility and a security operations center that provides managed security ...

May 26, 2017

It would be fair to say that cyber security is at the top of most businesses’ list of concerns. The increased emphasis on IT and technology – every company is a technology company today, after all – has made it this way. Technology and data have become so deeply entrenched in many organisations that if it ...

May 9, 2017

The industrial control system cybersecurity space continues to attract new investments, partnerships and companies. To say that the industrial cybersecurity industry has changed dramatically over the past few years would be a major understatement—not only because the changes have been so significant, but because the evolution is still underway. Just in the past few months we’ve ...

May 3, 2017

In perhaps one of the scariest findings in recent months, researchers have discovered that factory robots can easily be hacked. This, of course, could have grave effects on entire industries and pose safety issues. Cybersecurity firm Trend Micro found that numerous factory robots have a weak network security, using simple combinations of username and passwords that ...

March 14, 2017

As nice as it is to have a connected world, the security threats brought on by the desire to have every device we own connected to the Internet are great. In fact, a staggering 96% of IT security professionals expect an increase in attacks on industrial Internet of Things. According to a new survey published by ...

February 6, 2017

By Jason Andersen, Vice President, Business Line Management, Stratus Technologies In our 35-plus years of providing continuous availability solutions for enterprises, we’ve seen only a handful of technology shifts that you could call “seismic.” The globalisation of eCommerce was a big one that was transformational for mission critical infrastructures. At Stratus, we believe that the next ...