Industrial Security

August 5, 2019

Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have been called in to assist with, and the main trend the group is witnessing is the ...

August 2, 2019

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and 25. They purported to be from a U.S.-based engineering licensing board, but actually contained ...

March 29, 2019

A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component used in industrial systems to manage industrial motors. The vulnerability was identified in Rockwell Automation’s PowerFlex 525 ...

March 27, 2019

All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. The data was received from those KSN users who gave their consent to have data anonymously transferred from their computers. We do not identify the specific companies/organizations sending statistics to KSN, due to the product limitations and regulatory ...

March 8, 2019

Today’s supply chain has evolved, with operational technology (OT) used in factories increasingly becoming connected and converging with IT systems — introducing new attack vectors. This new reality is vital for companies to understand in the context of risk, according to Dawn Cappelli, vice president of global security and CISO at Rockwell Automation and Edna Conway, ...

February 18, 2019

Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked? More than one in 10 data breaches now involve “physical actions,” according to a recent report. These include leveraging physical  devices to aid an attack, but also hacks that involve breaking into hardware ...

February 12, 2019

Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a broad range of industrial control system (ICS) applications, including use as an integrated energy system for ...

January 2, 2019

Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit computers and their applications, the Internet of Things allows malicious actors to go after a whole new ...

November 28, 2018

Security researchers have spotted a somewhat unique malware distribution campaign that targets companies using AutoCAD-based malware. Discovered by cyber-security firm Forcepoint, which shared its findings with ZDNet yesterday, the campaign appears to have been active since 2014, based on telemetry data the company has analyzed. Forcepoint says the group behind this recent campaign is most likely very sophisticated ...

November 27, 2018

The highly complex backdoor malware payload designed by the GreyEnergy advanced persistent threat (APT) group is being dropped on targeted machines using the common phishing infection vector as detailed by Nozomi Networks’ Alessandro Di Pinto. GreyEnergy attacked and infiltrated the networks of multiple critical infrastructure targets from Eastern Europe, from Poland and Ukraine, with other objectives ...

November 14, 2018

The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to ...

November 1, 2018

The Cisco security team has revealed earlier the existence of a zero-day vulnerability affecting products that run Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The vulnerability has been exploited in the wild, according to a security advisory the company published a few hours ago. No patches are available at the time of writing. Cisco says it ...

November 1, 2018

Stealing administrative credentials to carry out months-long spy campaigns is a top threat. While industrial control systems (ICS) are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report on Energy and ...

October 31, 2018

A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. Details about the supposed new attack are superficial at the moment, as there are no details about the supposed attack, the damage it caused or its targets. A report on Wednesday from Israeli evening news bulletin ...

October 30, 2018

An attacker can send spoofed commands to the crane’s controller. A connected construction crane, from Telecrane, has a vulnerability that would allow cyberattackers to intercept its communications and take the equipment over. The internet of things (IoT) continues to add new types of objects to its footprint, as industries start leveraging connectivity to increase productivity, accuracy and ...

October 24, 2018

This week, the National Cyber Security Alliance (NCSA) reminds us that, “our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic ...

October 18, 2018

An industrial control system is essentially a collection of computers that monitor and control industrial systems. They make the world move and help with everything from food processing to transportation to running the espresso maker at your local Starbucks. The challenge is an industrial control system (ICS) can be readily attacked by advanced persistent threat groups, ...

October 17, 2018

The hacking group which took down Ukrainian power grids is systematically targeting critical infrastructure in Ukraine and beyond in what security researchers believe could be cyber espionage and reconnaissance ahead of future attacks. Dubbed GreyEnergy by researchers at ESET, the group is believed to have been active over the last three years and to be linked to ...

October 1, 2018

After the hackers had stealthily accessed the SCADA system and blew the transformer with a loud bang, the defenceless employees had no option but to remove the control plugs and manually turn the machine back on. “That’s what they had to do in Ukraine,” said Michael John, Director of Operations at the European Network for Cybersecurity (ENCS), referring to the world’s ...

September 11, 2018

More than 40% of all industrial control system (ICS) computers protected by Kaspersky Lab solutions were attacked by malicious software at least once during the first half of 2018. The most impacted countries turned out to be Vietnam, Algeria and Sri Lanka, while the safest region for industrial machines was Denmark. These are among the ...