Dragos

A primitive but unique ransomware variant that emerged in mid-December can forcibly stop a number of processes, including multiple items related to industrial control system (ICS) operations, industrial cybersecurity firm Dragos warned in a detailed report on Feb. 3. The ransomware known as “EKANS” (or “Snake,” which is “EKANS” spelled backwards) is “relatively straightforward” as […]

XENOTIME, a cyberthreat activity group thought responsible for TRISIS/TRITON malware attacks on safety instrumented systems (SIS) at an oil and gas Middle Eastern facility in 2017, has been probing power company networks in the U.S. and elsewhere, new intelligence from industrial control systems (ICS) security firm Dragos shows.  “In February 2019, Dragos identified a change in […]

Cybersecurity firm FireEye has uncovered and is responding to a new intrusion at an unnamed critical infrastructure facility that it suggests in an April 10 blog post was perpetrated by the group behind the TRITON attack, which prompted a process shutdown at a Middle Eastern facility in 2017. But while details of the new attack are sparse, […]

Norsk Hydro, a major global aluminum producer that is also Norway’s third-largest producer of hydropower, has been stricken by an extensive cyberattack—reportedly ransomware—that forced its entire global network offline. The company powers its sizable aluminum production operations with 20 hydropower plants concentrated in Telemark, Røldal-Suldal, Sogn, and Vennesla, producing a total 10 TWh per year. […]

Industrial control system cybersecurity is today largely focused on securing networks, and efforts largely ignore process control equipment that is crucial for plant safety and reliability, leaving it woefully

The power sector’s terror of a debilitating cybersecurity attack is magnified seemingly every day as new vulnerabilities or destructive threat actors are identified. But according to several industrial

Cybersecurity experts have identified a new activity group that they say is targeting access operations at electric utilities in the U.S., Europe, Middle East, and East Asia.  Cybersecurity firm Dragos Inc. told POWER on August 1 that though it has confirmed that the group—which it dubbed “RASPITE”—is actively targeting electric utilities, “there is no current indication […]

A relatively new cyberattack threat activity group dubbed “XENOTIME” is intent on compromising and disrupting industry safety instrumented systems globally, and cybersecurity experts are warning it is “easily the most dangerous threat activity publicly known.” According to  global industrial control system (ICS) cybersecurity firm Dragos Inc., XENOTIME is behind TRISIS (also known as TRITON), the […]

Though increasingly serious cybersecurity threats loom, nearly two-thirds of U.S. industrial control system (ICS) vulnerabilities identified in 2017 could cause severe operational impact if exploited, cybersecurity firm Dragos Inc. warned in a series of reports published March 1. The reports, which cover ICS vulnerabilities, ICS threats, and reactions to existing threats, draw a dire picture […]

Cybersecurity is a topic covered frequently in the pages of POWER magazine, and one that all power plants need to take seriously. A recent simulation proved that the consequences of a hack can be grave. The drill took place in Sweden, but could have been conducted anywhere in the world. The attack used plant control […]

Strategic partnership to augment customers’ ability to stop breaches and proactively detect and mitigate security risks SUNNYVALE, Calif., July 18, 2017 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced a joint Services go-to market partnership with Dragos, the renowned Industrial control system (ICS) cybersecurity experts. Today, CrowdStrike Services offers industry-leading cyber readiness assessments, […]

Understanding the threat posed to industrial control systems (ICSs) by malware is difficult. It requires knowledge of proper ICS functionality in order to identify illegitimate software. One industrial