Industrial Security


  • Newsmaker Interview: Bruce Schneier on Physical Cyber Threats

    January 2, 2019

    Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit computers and their applications, the Internet of Things allows malicious actors to go after a whole new ...

  • Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals

    December 11, 2018

    Several critical infrastructure organizations in Russia have been targeted by hackers believed to be financially-motivated cybercriminals rather than state-sponsored cyberspies. An analysis of malicious Word documents led researchers at endpoint security firm Cylance to discover fake websites set up to impersonate the legitimate sites of Russian oil giant Rosneft and two dozen other major Russian companies. ...

  • Security Threats and Risks in Smart Factories

    December 6, 2018

    Smart factories are manifestations of how the industrial internet of things (IIoT) is changing traditional manufacturing. Organizations in the manufacturing sector already have a basic understanding of what smart factories are as well as their capabilities and the advantages and challenges of building them. A pivotal change to adapt to technological advances like smart factories requires a huge budget, ...

  • Rockwell introduces industrial-control devices for CIP Security

    November 15, 2018

    Rockwell Automation is introducing an industrial-control products on the market that allow companies to deploy CIP Security in their operations. ODVA, a global association of the world’s leading automation companies, developed CIP Security, an extension to the Common Industrial Protocol (CIP), which is the application-layer protocol for EtherNet/IP. CIP Security is the first industrial automation protocol ...

  • Managing the Risk of IT-OT Convergence

    November 15, 2018

    Why manufacturing and logistics are especially challenged. A few years ago, it wasn’t easy getting executives on board with the concept of operational technology (OT) security. Having finally come around to acknowledging the need for information technology (IT) security, boards and C-suite executives at industrial enterprises were then faced with the proposition of having to protect ...

  • Siemens Patches Firewall Flaw That Put Operations at Risk

    November 14, 2018

    The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to ...

  • IIoT smart factories are leaving doors open for cyber attacks

    November 14, 2018

    IIoT might bring benefits in productivity, efficiency, and accountability in manufacturing, but it’s also making companies more vulnerable to cyber attacks. The industrial internet of things (IIoT)— the digital ‘mesh’ of interconnected sensors at the backbone of today’s ‘smart factories’— is steadily revolutionizing the manufacturing industry. Integrating IIoT technology into manufacturing means a stream of real-time data ...

  • Researchers find Stuxnet, Mirai, WannaCry lurking in industrial USB drives

    November 1, 2018

    Removal storage and USB thumb drives are a serious security incident waiting to happen, new research suggests. When we consider threats to our industrial systems, specifically crafted malware, such as the Industroyer strain which cut off the power to the city of Kiev in Ukraine for an hour, often comes to mind. Industrial players have a problem. Many of ...

  • Cisco zero-day exploited in the wild to crash and reload devices

    November 1, 2018

    The Cisco security team has revealed earlier the existence of a zero-day vulnerability affecting products that run Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The vulnerability has been exploited in the wild, according to a security advisory the company published a few hours ago. No patches are available at the time of writing. Cisco says it ...

  • Thousands of critical energy and water systems exposed online for anyone to exploit

    October 30, 2018

    While you likely don’t stop to think about water or energy industries when you grab a drink of water or flip on the lights, you would definitely notice if your electricity or water stopped working. You might not know why they stopped working at first, but since critical infrastructure is connected online, then it’s not outside ...