Industrial Security


  • As hackers get smarter, America’s energy industry is shoring up its defenses

    April 22, 2019

    America is under attack. Every day, we’re besieged by a group of enemy combatants. Nameless, faceless, and spread throughout the world, this group is united by a single aim: to upend American life as we know it. These attackers are not soldiers or terrorists in the traditional sense. They are hackers, on a mission to cause ...

  • 4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

    April 9, 2019

    The infamous Stuxnet family of industrial sabotage malware is likely the work of a mysterious “supra-group” that Chronicle researchers Juan Andres Guerrero Saad and Silas Cutler have dubbed Gossip Girl; and it’s a group that turns out to be larger and far busier than previously known. In a session at the Security Analyst Summit 2019 in Singapore this ...

  • Study Highlights ‘Relentless’ Attacks On Critical Infrastructure

    April 9, 2019

    Cyber-attacks on critical infrastructure are “relentless and continuous”, with successful attacks often taking systems offline, a new study has found. The study by the Ponemon Institute, based on a survey of 701 security professionals in seven countries, including the UK, found that 90 percent of respondents said their systems had been affected by at least one successful attack ...

  • Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

    March 29, 2019

    A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component used in industrial systems to manage industrial motors. The vulnerability was identified in Rockwell Automation’s PowerFlex 525 ...

  • Half of industrial control system networks have faced cyberattacks, say security researchers

    March 27, 2019

    Industrial control systems in manufacturing, energy, chemical and other environments are coming under an increasing number of cyberattacks, as hacking groups of all kinds attempt to breach these networks. By targeting industrial systems attackers can potentially do vast amounts of damage, ranging from using backdoors to make off with sensitive data, causing the network to shut down ...

  • Industrial Network Switches Rife with Vulnerabilities

    March 12, 2019

    Industrial switches used to build networks in the oil and gas and maritime logistics sectors, as well as broader critical national infrastructure (CNI) are rife with security vulnerabilities, according to cybersecurity company Positive Technologies. The Framingham, Massachusetts-based company said it had identified five vulnerabilities in US-based Moxa’s EDS-405A, EDS-408A, and EDS-510A series switches, including three that are “highly ...

  • Report: Industrial control systems face uphill security battles in 2019

    February 15, 2019

    Dragos, a security firm that specializes in industrial control systems (ICS) has released three year-in-review reports that cover vulnerabilities reported in 2018, the 2018 threat landscape, and lessons it learned in responding to ICS security incidents. IT security professionals operating in an ICS environment should take a look at all three reports: Not only do they paint ...

  • Siemens Warns of Critical Remote-Code Execution ICS Flaw

    February 12, 2019

    Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a broad range of industrial control system (ICS) applications, including use as an integrated energy system for ...

  • Honeywell Introduces First Industrial Cybersecurity Solution To Guard Against Malicious Usb Device Attacks

    February 4, 2019

    Honeywell today announced the latest release of Secure Media Exchange (SMX), a cybersecurity solution to protect industrial operators against new and emerging Universal Serial Bus (USB) threats. SMX now includes patent pending capabilities to protect against a broad range of malicious USB device attacks, which disrupt operations through misuse of legitimate USB functions or unauthorized device actions. These ...

  • 3 Cross-Industry Applications of IIoT

    February 4, 2019

    Talk about the Industrial Internet of Things (IIoT)—and its ability to bring unparalleled efficiencies to all industries—is intensifying. But what exactly does it look like in practice? As a starting point, we can look to the local government, utilities and waste sectors for lessons on how they’ve gained visibility and improved services using IIoT technologies. Before ...