Industrial Security


  • NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug

    July 24, 2020

    The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. These safety instrumented system (SIS) controllers are ...

  • This is how EKANS ransomware is targeting industrial control systems

    July 2, 2020

    New samples of the EKANS ransomware have revealed how today’s cyberattackers are using a variety of methods to compromise key industrial companies. In a research report published on Wednesday, FortiGuard Labs researchers Ben Hunter and Fred Gutierrez said that malware designed to attack industrial control systems (ICS) continues to be lucrative for threat actors. While ransomware only accounted for ...

  • RATicate Group Hits Industrial Firms With Revolving Payloads

    May 15, 2020

    At least six separate campaigns have been tied to RATicate, with the first wave starting November and the most recent spotted in March. All campaigns leveraged Nullsoft Scriptable Install System (NSIS), a legitimate, open-source tool used to create Windows installers, to ultimately drop various remote access trojans (RATs) on victims’ systems. More recently, “a new campaign ...

  • Threats and Consequences A Security Analysis of Smart Manufacturing Systems

    May 11, 2020

    In the era of Industry 4.0, there has been increasing adoption of smart manufacturing technologies by organizations looking to improve their manufacturing efficiency. While this has provided plenty of benefits, such as enhanced productivity at lower costs, it has also introduced new attack vectors that can be exploited by threat actors looking to gain a foothold ...

  • PoetRAT Trojan targets energy sector using coronavirus lures

    April 17, 2020

    Government and energy sectors are being targeted in a new campaign that weaponizes the coronavirus outbreak. On Thursday, Cisco Talos researchers Warren Mercer, Paul Rascagneres and Vitor Ventura published an analysis of a new campaign that deploys PoetRAT, a previously-undiscovered Remote Access Trojan (RAT) striking both the Azerbaijan government and utility companies. According to the team, the malware attacks supervisory control ...

  • WildPressure APT targets industrial-related entities in the Middle East

    March 24, 2020

    In August 2019, Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector. Our Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns. Nor have ...

  • Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats

    March 23, 2020

    There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment, ...

  • The IIoT Threat Landscape: Securing Connected Industries

    March 18, 2020

    The Industrial Internet of Things (IIoT) provides bridges of connectedness that enable seamless IT and OT convergence. However, threat actors can cross these bridges to compromise systems. As the use of IoT extends beyond the home and goes into the vast industrial landscape, the scale of threats likewise grows. With that being said, some components of ...

  • Critical Bugs in Rockwell, Johnson Controls ICS Gear

    March 10, 2020

    Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software. The ...

  • RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus

    February 28, 2020

    Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this year – especially as ransomware looms as a main threat to the sector going forward. That’s according to Christopher Krebs, director of CISA, speaking at RSA Conference 2020 this week. “My agency ...

  • NERC CIP compliance in Azure

    February 12, 2020

    When I did my first North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) compliance project it was 2009. NERC CIP was at version 3. It was the first mandatory cybersecurity standard that the utility I was working for had to meet. As it does today, the Bulk Electric System (BES) had the responsibility to ...

  • Fake Smart Factory Honeypot Highlights New Attack Threats

    January 24, 2020

    A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats—including cryptomining malware and ransomware—in just a few months, highlighting the new threats that industrial control systems (ICS) face with increased exposure to the internet. While in the past ICS networks were traditionally proprietary and closed systems, the advent of ...

  • Critical Remote Code-Execution Bugs Threaten Global Power Plants

    December 12, 2019

    Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used for orchestrating and supervising electrical generation at major power plants in the U.S., Germany, Russia and other ...

  • Ransomware attack at Mexico’s Pemex halts work, threatens to cripple computers

    November 12, 2019

    A ransomware attack hit computer servers and halted administrative work on Monday at Mexican state oil firm Pemex, according to employees and internal emails, in hackers’ latest bid to wring ransom from a major company. Hackers have increasingly targeted companies with malicious programs that can cripple systems overseeing everything from supply chains to payments to manufacturing, ...

  • Industrial Control Systems, Cyber Security and Hygiene

    October 30, 2019

    SamSam, Shamoon, Stuxnet and Triton are just some of the popular viruses that have been targeted at Industrial Control Systems (ICS). They have caused a lot of damage. Triton’s purpose was causing loss of life; now, that is serious. In the IT security environment, we do not hear about cyberattacks causing loss of life but ...

  • National Cybersecurity Center of Excellence (NCCoE) Securing the Industrial Internet of Things for the Energy Sector

    October 8, 2019

    The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for Securing the Industrial Internet of Things (IIoT) for the energy sector use case. This notice is the initial step for the National Cybersecurity Center of Excellence (NCCoE) in collaborating with technology companies to ...

  • Uncovering IoT Threats in the Cybercrime Underground

    September 10, 2019

    Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical roles in industries while others provide more convenience for consumers. The wide spectrum of IoT ...

  • Exercise Cyber Star adds complex cyber attack scenarios to strengthen Singapore’s readiness

    September 4, 2019

    A widespread compromise of industrial control systems in critical services sectors here was among several more complex scenarios tested for the first time at a nation-wide cyber-security exercise. In its third run, Exercise Cyber Star’s more than 250 participants from the public and private sectors scrambled to isolate the cyber attack and restore the operations of ...

  • Popular SoC Boards Have An Unpatchable Security Flaw, Leaving Many Automotive, Industrial And Military Components At Risk

    August 21, 2019

    Researchers conducting a routine security audit recently discovered two serious security flaws within a popular brand of System on a Chip (SoC) boards. The security vulnerability undermines secure boot capabilities. What’s most concerning is the fact that the SoC is deployed in several critical components that go into mainstream industry segments like automotive, aviation, consumer ...

  • How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

    August 13, 2019

    When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for the purposes of espionage and disruption. And according to the latest research, advanced persistent threat (APT) ...