Forward-looking security analysis of smart factories [Part 4] – MES database compromises

If I had to describe the role of the MES (Manufacturing Execution System) in a single phrase, it would be “manufacturing playmaker.” As I mentioned in the previous column, the manufacturing process is divided into multiple layers, and the system Read More …

Factory Security Problems from an IT Perspective (Part 3): Practical approach for stable operation

This article is the last in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. As explained in the first two Read More …

Forward-looking security analysis of smart factories [Part 2] Security risks of industrial application stores

On May 11, 2020, Trend Micro released a paper showing the results of proof-of-concept research on new security risks associated with smart factories. In this series of 5 columns, based on the results of this research, we will look at Read More …

Factory Security Problems from an IT Perspective (Part 2): People, processes, and technology

This article is the second in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. Before beginning to consider countermeasures, in Read More …

Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT

Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have Read More …

Assessment of Ransomware Event at U.S. Pipeline Operator

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on 18 February 2020 on a ransomware incident impacting a natural gas compression facility at an unidentified U.S. pipeline operator. The ransomware event impacted both IT and ICS assets by causing Read More …

Oil-and-Gas APT Pivots to U.S. Power Plants

A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the Read More …

Major Airport Malware Attack Shines a Light on OT Security

A cryptomining infection managed to spread to half of all workstations at a major international airport in Europe – shining a spotlight on security for operational tech and IT convergence. Researchers at Cyberbit found the XMRig Monero mining malware, which Read More …