A Tale of Two Cities’ water attacks

There have been more than 130 control system cyber incidents in water/wastewater utilities. Like Oldsmar and Discovery Bay, most of these incidents have occurred in small water utilities. Many of these incidents were not publicly disclosed, nor were the utilities Read More …

More than 17 million control system cyber incidents are hidden in plain sight

Control system cyber incidents are more plentiful and impactful than most observers expect – more than 17 million directly resulting in more than 34,000 deaths. While there have been more than 1,200 electric grid cyber-related incidents, that doesn’t adequately reflect Read More …

Threat landscape for industrial automation systems for H1 2022

For the first time in five years of observations, the lowest percentage in the ‎first half of the year was observed in March.‎ During the period from January to March, the percentage of attacked ICS computers decreased by 1.7 p.p. Read More …

CISA releases 7 Industrial Control Systems Advisories

CISA has released 7 Industrial Control Systems (ICS) advisories on August 23, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for Read More …

The Next Disruptive ICS Attacker: A Disgruntled Insider?

Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have Read More …

Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs

A vulnerability discovered in Schneider Electric (SE) Modicon programmable logic controllers (PLCs) allows full takeover of the industrial chips. Discovered by Armis researchers, the vulnerability can be used to bypass existing security mechanisms in PLCs to hijack the devices and Read More …

New survey report released: The state of industrial cybersecurity (Part 1)

The cybersecurity has been the word not only in IT world, but also in ICS/OT world. The Stuxnet targeting SCADA systems were uncovered as first ICS malware to damage nuclear plants in 2010. The Wannacry became worldwide famous ransom worm Read More …

Industrial Remote Access: Why It’s Not Something to Fear

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as Read More …

Critical Industrial Flaws Pose Patching Headache For Manufacturers

While patch management already presents challenges for enterprises, it’s even more of a headache for manufacturers and other industrial firms – who may even need to shut down entire factory operations in order to apply fixes. Sharon Brizinov, the principal Read More …

Cyberthreats for ICS in Energy in Europe. Q1 2020

Computers in European countries which are used to configure, maintain and control equipment in the energy industry on which Kaspersky products are installed. This includes Windows computers on which various software packages for the energy industry are installed, including but Read More …