Industrial Security


  • Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats

    March 23, 2020

    There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment, ...

  • UK Department for Business, Energy and Industrial Strategy is looking for organisations who can support in the supply of ventilators and ventilator components

    March 20, 2020

    The Department for Business, Energy and Industrial Strategy (BEIS) is looking for organisations who can support in the supply of ventilators and ventilator components across the United Kingdom as part of the Government’s response to COVID-19. These questions aim to identify the suitability and readiness of organisations to be involved in the initiative. There are three ...

  • The IIoT Threat Landscape: Securing Connected Industries

    March 18, 2020

    The Industrial Internet of Things (IIoT) provides bridges of connectedness that enable seamless IT and OT convergence. However, threat actors can cross these bridges to compromise systems. As the use of IoT extends beyond the home and goes into the vast industrial landscape, the scale of threats likewise grows. With that being said, some components of ...

  • Critical Bugs in Rockwell, Johnson Controls ICS Gear

    March 10, 2020

    Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software. The ...

  • Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT

    February 24, 2020

    Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have cost victims across a variety of industry verticals many millions of dollars in ransom and ...

  • Assessment of Ransomware Event at U.S. Pipeline Operator

    February 19, 2020

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on 18 February 2020 on a ransomware incident impacting a natural gas compression facility at an unidentified U.S. pipeline operator. The ransomware event impacted both IT and ICS assets by causing loss of view and control impacts that caused the facility to implement controlled shutdown processes ...

  • Fake Smart Factory Honeypot Highlights New Attack Threats

    January 24, 2020

    A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats—including cryptomining malware and ransomware—in just a few months, highlighting the new threats that industrial control systems (ICS) face with increased exposure to the internet. While in the past ICS networks were traditionally proprietary and closed systems, the advent of ...

  • Oil-and-Gas APT Pivots to U.S. Power Plants

    January 10, 2020

    A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part of a broader trend in which cybercriminals focused on critical infrastructure are branching ...

  • Critical Flaws in VNC Threaten Industrial Environments

    November 22, 2019

    The open-source Virtual Network Computing (VNC) project, often found in industrial environments, is plagued with 37 different memory-corruption vulnerabilities – many of which are critical in severity and some of which could result in remote code execution (RCE). According to researchers at Kaspersky, they potentially affect 600,000 web-accessible servers in systems that use the code. The ...

  • ICS Cyberwarfare: The Latest Threat to America’s Power Grid

    November 20, 2019

    The modern world is dependent on electricity, and the United States is no exception. I remember the notorious blackouts that affected the eastern U.S. and Canada in August 2003. The duration of the mass power outage lasted anywhere between several hours and a week depending on where you were. I was in Hamilton, Canada, and ...

  • ICS Attackers Set To Inflict More Damage With Evolving Tactics

    October 31, 2019

    Future attacks on industrial control system (ICS) networks may inflict even more damage in the long run, according to new research. Analysts expect them to evolve from attacks that have immediate, direct impact to those with multiple stages and attack vectors that are more stealthy. While it remains extraordinarily difficult to mount successful attacks on critical ...

  • Insurance Pays Out a Sliver of Norsk Hydro’s Cyberattack Damages

    October 30, 2019

    On the heels of a severe cyberattack, aluminum giant Norsk Hydro has received only $3.6 million in cyber-insurance – just a fraction of the total costs in damage. Overall, the Oslo, Norway-based company incurred between $60 million to $71 million in damages from the incident, which forced it to shut down or isolate several plants and ...

  • White Hat Hackers Get the Chance to Break Industrial Control System Security in PWN2OWN 2020

    October 30, 2019

    From enterprise applications and web browsers to mobile and IoT devices, hacking competition Pwn2Own has added another focus: industrial control system (ICS) and its associated protocols. Trend Micro’s Zero Day Initiative (ZDI), the bug bounty program behind Pwn2Own, has long been known to reward researchers for finding previously unknown software flaws. Set to happen in Miami come ...

  • Major Airport Malware Attack Shines a Light on OT Security

    October 18, 2019

    A cryptomining infection managed to spread to half of all workstations at a major international airport in Europe – shining a spotlight on security for operational tech and IT convergence. Researchers at Cyberbit found the XMRig Monero mining malware, which was a known strain called “Playerz,” but which skated by antivirus solutions on the endpoints by adding a ...

  • A glimpse into the present state of security in robotics

    October 14, 2019

    The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across the globe. According to some estimates, these systems ...

  • Securing the Industrial Internet of Things: Addressing IIoT Risks in Healthcare

    October 2, 2019

    The constant quest for prolonging and preserving human life has continually driven technologies to develop groundbreaking innovations in the delivery of healthcare services and state-of-the-art treatments. Like in many other enterprises, the industrial internet of things (IIoT) has rapidly transformed the network and data infrastructure in health and medicine. With the IIoT, medical data and information have ...

  • Uncovering IoT Threats in the Cybercrime Underground

    September 10, 2019

    Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical roles in industries while others provide more convenience for consumers. The wide spectrum of IoT ...

  • How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

    August 13, 2019

    When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for the purposes of espionage and disruption. And according to the latest research, advanced persistent threat (APT) ...

  • Cyberattacks against industrial targets have doubled over the last 6 months

    August 5, 2019

    Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have been called in to assist with, and the main trend the group is witnessing is the ...

  • Nation-State APTs Target U.S. Utilities With Dangerous Malware

    August 2, 2019

    Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and 25. They purported to be from a U.S.-based engineering licensing board, but actually contained ...