Industrial Security


  • Securing the Industrial Internet of Things: Addressing IIoT Risks in Healthcare

    October 2, 2019

    The constant quest for prolonging and preserving human life has continually driven technologies to develop groundbreaking innovations in the delivery of healthcare services and state-of-the-art treatments. Like in many other enterprises, the industrial internet of things (IIoT) has rapidly transformed the network and data infrastructure in health and medicine. With the IIoT, medical data and information have ...

  • Uncovering IoT Threats in the Cybercrime Underground

    September 10, 2019

    Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical roles in industries while others provide more convenience for consumers. The wide spectrum of IoT ...

  • How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

    August 13, 2019

    When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for the purposes of espionage and disruption. And according to the latest research, advanced persistent threat (APT) ...

  • Cyberattacks against industrial targets have doubled over the last 6 months

    August 5, 2019

    Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have been called in to assist with, and the main trend the group is witnessing is the ...

  • Nation-State APTs Target U.S. Utilities With Dangerous Malware

    August 2, 2019

    Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and 25. They purported to be from a U.S.-based engineering licensing board, but actually contained ...

  • Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

    March 29, 2019

    A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component used in industrial systems to manage industrial motors. The vulnerability was identified in Rockwell Automation’s PowerFlex 525 ...

  • Threat Landscape for Industrial Automation Systems in H2 2018

    March 27, 2019

    All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. The data was received from those KSN users who gave their consent to have data anonymously transferred from their computers. We do not identify the specific companies/organizations sending statistics to KSN, due to the product limitations and regulatory ...

  • Operational Technology Widens Supply Chain Attack Surfaces

    March 8, 2019

    Today’s supply chain has evolved, with operational technology (OT) used in factories increasingly becoming connected and converging with IT systems — introducing new attack vectors. This new reality is vital for companies to understand in the context of risk, according to Dawn Cappelli, vice president of global security and CISO at Rockwell Automation and Edna Conway, ...

  • When Cyberattacks Pack a Physical Punch

    February 18, 2019

    Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked? More than one in 10 data breaches now involve “physical actions,” according to a recent report. These include leveraging physical  devices to aid an attack, but also hacks that involve breaking into hardware ...

  • Siemens Warns of Critical Remote-Code Execution ICS Flaw

    February 12, 2019

    Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a broad range of industrial control system (ICS) applications, including use as an integrated energy system for ...

  • Newsmaker Interview: Bruce Schneier on Physical Cyber Threats

    January 2, 2019

    Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit computers and their applications, the Internet of Things allows malicious actors to go after a whole new ...

  • New industrial espionage campaign leverages AutoCAD-based malware

    November 28, 2018

    Security researchers have spotted a somewhat unique malware distribution campaign that targets companies using AutoCAD-based malware. Discovered by cyber-security firm Forcepoint, which shared its findings with ZDNet yesterday, the campaign appears to have been active since 2014, based on telemetry data the company has analyzed. Forcepoint says the group behind this recent campaign is most likely very sophisticated ...

  • GreyEnergy APT Delivers Malware via Phishing Attacks and Multi-Stage Dropper

    November 27, 2018

    The highly complex backdoor malware payload designed by the GreyEnergy advanced persistent threat (APT) group is being dropped on targeted machines using the common phishing infection vector as detailed by Nozomi Networks’ Alessandro Di Pinto. GreyEnergy attacked and infiltrated the networks of multiple critical infrastructure targets from Eastern Europe, from Poland and Ukraine, with other objectives ...

  • Siemens Patches Firewall Flaw That Put Operations at Risk

    November 14, 2018

    The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to ...

  • Cisco zero-day exploited in the wild to crash and reload devices

    November 1, 2018

    The Cisco security team has revealed earlier the existence of a zero-day vulnerability affecting products that run Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The vulnerability has been exploited in the wild, according to a security advisory the company published a few hours ago. No patches are available at the time of writing. Cisco says it ...

  • Utilities, Energy Sector Attacked Mainly Via IT, Not ICS

    November 1, 2018

    Stealing administrative credentials to carry out months-long spy campaigns is a top threat. While industrial control systems (ICS) are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report on Energy and ...

  • New Stuxnet Variant Allegedly Struck Iran

    October 31, 2018

    A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. Details about the supposed new attack are superficial at the moment, as there are no details about the supposed attack, the damage it caused or its targets. A report on Wednesday from Israeli evening news bulletin ...

  • IoT Flaw Allows Hijacking of Connected Construction Cranes

    October 30, 2018

    An attacker can send spoofed commands to the crane’s controller. A connected construction crane, from Telecrane, has a vulnerability that would allow cyberattackers to intercept its communications and take the equipment over. The internet of things (IoT) continues to add new types of objects to its footprint, as industries start leveraging connectivity to increase productivity, accuracy and ...

  • Critical Infrastructure & Supply Chain Remain Highly Vulnerable to Attacks

    October 24, 2018

    This week, the National Cyber Security Alliance (NCSA) reminds us that, “our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic ...

  • How Shodan helps identify ICS cybersecurity vulnerabilities

    October 18, 2018

    An industrial control system is essentially a collection of computers that monitor and control industrial systems. They make the world move and help with everything from food processing to transportation to running the espresso maker at your local Starbucks. The challenge is an industrial control system (ICS) can be readily attacked by advanced persistent threat groups, ...