Industrial Security


  • NERC CIP compliance in Azure

    February 12, 2020

    When I did my first North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) compliance project it was 2009. NERC CIP was at version 3. It was the first mandatory cybersecurity standard that the utility I was working for had to meet. As it does today, the Bulk Electric System (BES) had the responsibility to ...

  • Fake Smart Factory Honeypot Highlights New Attack Threats

    January 24, 2020

    A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats—including cryptomining malware and ransomware—in just a few months, highlighting the new threats that industrial control systems (ICS) face with increased exposure to the internet. While in the past ICS networks were traditionally proprietary and closed systems, the advent of ...

  • Critical Remote Code-Execution Bugs Threaten Global Power Plants

    December 12, 2019

    Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used for orchestrating and supervising electrical generation at major power plants in the U.S., Germany, Russia and other ...

  • Ransomware attack at Mexico’s Pemex halts work, threatens to cripple computers

    November 12, 2019

    A ransomware attack hit computer servers and halted administrative work on Monday at Mexican state oil firm Pemex, according to employees and internal emails, in hackers’ latest bid to wring ransom from a major company. Hackers have increasingly targeted companies with malicious programs that can cripple systems overseeing everything from supply chains to payments to manufacturing, ...

  • Industrial Control Systems, Cyber Security and Hygiene

    October 30, 2019

    SamSam, Shamoon, Stuxnet and Triton are just some of the popular viruses that have been targeted at Industrial Control Systems (ICS). They have caused a lot of damage. Triton’s purpose was causing loss of life; now, that is serious. In the IT security environment, we do not hear about cyberattacks causing loss of life but ...

  • National Cybersecurity Center of Excellence (NCCoE) Securing the Industrial Internet of Things for the Energy Sector

    October 8, 2019

    The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for Securing the Industrial Internet of Things (IIoT) for the energy sector use case. This notice is the initial step for the National Cybersecurity Center of Excellence (NCCoE) in collaborating with technology companies to ...

  • Uncovering IoT Threats in the Cybercrime Underground

    September 10, 2019

    Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical roles in industries while others provide more convenience for consumers. The wide spectrum of IoT ...

  • Exercise Cyber Star adds complex cyber attack scenarios to strengthen Singapore’s readiness

    September 4, 2019

    A widespread compromise of industrial control systems in critical services sectors here was among several more complex scenarios tested for the first time at a nation-wide cyber-security exercise. In its third run, Exercise Cyber Star’s more than 250 participants from the public and private sectors scrambled to isolate the cyber attack and restore the operations of ...

  • Popular SoC Boards Have An Unpatchable Security Flaw, Leaving Many Automotive, Industrial And Military Components At Risk

    August 21, 2019

    Researchers conducting a routine security audit recently discovered two serious security flaws within a popular brand of System on a Chip (SoC) boards. The security vulnerability undermines secure boot capabilities. What’s most concerning is the fact that the SoC is deployed in several critical components that go into mainstream industry segments like automotive, aviation, consumer ...

  • How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

    August 13, 2019

    When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for the purposes of espionage and disruption. And according to the latest research, advanced persistent threat (APT) ...

  • Cyberattacks against industrial targets have doubled over the last 6 months

    August 5, 2019

    Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have been called in to assist with, and the main trend the group is witnessing is the ...

  • Nation-State APTs Target U.S. Utilities With Dangerous Malware

    August 2, 2019

    Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July 19 and 25. They purported to be from a U.S.-based engineering licensing board, but actually contained ...

  • The growing industrial cyber threat Australia is ignoring

    July 15, 2019

    Just as we are behind on internet connectivity in Australia, we are also lagging on cyber security for the industrial infrastructure that will increasingly run society. We currently have a critical under-investment and will only fall further behind without government action. Australians are largely unaware of this new cyber security threat, as commentary and policies focus ...

  • Critical infrastructure at risk again from Stuxnet-like attack

    July 11, 2019

    A dozen vulnerabilities including previously undisclosed exploits have been discovered in software used to maintain industrial control systems (ICS) which could lead to another devastating attack on highly-prevalent critical infrastructure. The researchers from Tenable likened the vulnerabilities to those in the family of devices affected by the infamous Stuxnet attack on an Iranian nuclear facility, adding that the software affected ...

  • US cyberwar against Russia is hypothetical possibility, says Kremlin spokesman

    June 17, 2019

    Russian Presidential Spokesman Dmitry Peskov believes that the United States’ cyberwar against Russia is a hypothetical possibility. He made the statement to the media in response to claims by The New York Times that US secret services over the past year were increasingly active in their attempts to cripple computer malware inside Russia’s power grid. Peskov ...

  • TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

    June 14, 2019

    XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas. XENOTIME, the APT group behind the TRISIS industrial control system (ICS) event, has expanded its focus beyond the oil and gas industries, according to researchers. The group has recently been seen probing the networks of electric utility organizations ...

  • As hackers get smarter, America’s energy industry is shoring up its defenses

    April 22, 2019

    America is under attack. Every day, we’re besieged by a group of enemy combatants. Nameless, faceless, and spread throughout the world, this group is united by a single aim: to upend American life as we know it. These attackers are not soldiers or terrorists in the traditional sense. They are hackers, on a mission to cause ...

  • 4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

    April 9, 2019

    The infamous Stuxnet family of industrial sabotage malware is likely the work of a mysterious “supra-group” that Chronicle researchers Juan Andres Guerrero Saad and Silas Cutler have dubbed Gossip Girl; and it’s a group that turns out to be larger and far busier than previously known. In a session at the Security Analyst Summit 2019 in Singapore this ...

  • Study Highlights ‘Relentless’ Attacks On Critical Infrastructure

    April 9, 2019

    Cyber-attacks on critical infrastructure are “relentless and continuous”, with successful attacks often taking systems offline, a new study has found. The study by the Ponemon Institute, based on a survey of 701 security professionals in seven countries, including the UK, found that 90 percent of respondents said their systems had been affected by at least one successful attack ...

  • Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk

    March 29, 2019

    A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive’s physical process and or even stop it. A critical denial-of-service (DoS) vulnerability has been found in a Rockwell Automation industrial drive, which is a logic-controlled mechanical component used in industrial systems to manage industrial motors. The vulnerability was identified in Rockwell Automation’s PowerFlex 525 ...