ICS
-
Connected Plant
Energy Is the Most-Targeted Sector for Cyberattacks: Here’s What to Do
The energy sector recorded three times as many operational technology (OT) and/or industrial control system (ICS) cybersecurity incidents as the next closest vertical, according to a study conducted by the Cyentia Institute, a research and data science firm, and sponsored by Rockwell Automation, an industrial automation and information provider. “Energy, critical manufacturing, water treatment, and […]
-
Cybersecurity
Siemens Energy Investigating Dark Web Ransomware Claim
Siemens Energy and Schneider Electric, two industrial control system (ICS) vendors for critical infrastructure industries, have been reportedly listed as ransomware victims by cybercrime gang CL0P, though any targeted attacks are yet unconfirmed. The ransomware gang, also known as TA505, began exploiting a vulnerability in MOVEit Transfer, an internet-facing automated file transfer web application, starting […]
-
Cybersecurity
Biden Signs National Security Memo Addressing Industrial Control System Cybersecurity
The Biden administration is moving to add more safeguards to the nation’s critical infrastructure by establishing a new voluntary public-private collaboration that will focus wholly on industrial control systems (ICS) cybersecurity. The administration formally launched the “Industrial Control Systems Cybersecurity Initiative” in the “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems” signed by […]
-
Connected Plant
Cybersecurity Experts Warn of New ‘Hardened’ ICS-Specific Ransomware Variant
A primitive but unique ransomware variant that emerged in mid-December can forcibly stop a number of processes, including multiple items related to industrial control system (ICS) operations, industrial cybersecurity firm Dragos warned in a detailed report on Feb. 3. The ransomware known as “EKANS” (or “Snake,” which is “EKANS” spelled backwards) is “relatively straightforward” as […]
-
Cybersecurity
Air-Gapped Industrial Control Networks: What You Need to Know
Many networks across a variety of verticals including government, military, financial services, power plants, and industrial manufacturing have been so-called “air-gapped.” This means they are physically and logically isolated from other networks where communication between these networks is not physically or logically possible. This can be a good thing or bad thing depending on your […]
-
Cybersecurity
Using Extreme Visibility to Protect Industrial Control Systems [PODCAST]
What does it mean to have “extreme visibility” in an operational technology (OT) environment? According to Claroty, a New York-based company that offers cybersecurity products for industrial control systems, it’s having the ability to see all assets on a network, knowing what they are, and understanding what functions they perform. The company says the more […]
-
News
TRITON/TRISIS Cyberattacker Has a New Target: Power Sector
XENOTIME, a cyberthreat activity group thought responsible for TRISIS/TRITON malware attacks on safety instrumented systems (SIS) at an oil and gas Middle Eastern facility in 2017, has been probing power company networks in the U.S. and elsewhere, new intelligence from industrial control systems (ICS) security firm Dragos shows. “In February 2019, Dragos identified a change in […]
-
Cybersecurity
Modifying Behavior to Protect Systems in a Malicious Threat Landscape
The malicious threat landscape for industrial control systems (ICSs) is constantly evolving and getting more sophisticated, thereby raising the need to have visibility, implement protective controls, and perform continuous monitoring. As a result, it is important to take a look at the attack vectors of some malware/malicious events—such as Triton—that have occurred over the last […]
-
Cybersecurity
New Cyberattack by Group Behind TRITON/TRISIS Reported
Cybersecurity firm FireEye has uncovered and is responding to a new intrusion at an unnamed critical infrastructure facility that it suggests in an April 10 blog post was perpetrated by the group behind the TRITON attack, which prompted a process shutdown at a Middle Eastern facility in 2017. But while details of the new attack are sparse, […]
-
Connected Plant
Hackers May Already be in Your Infrastructure—Now What?
Cyber-attacks on industrial control systems (ICSs) are no longer a hypothetical. As pieced together by the Wall Street Journal, in 2017, Russian hackers attacked a small construction company, exploiting the organization’s connections with utilities and government agencies. Through an integrator, the hackers accessed computer-network credentials, giving them the ability to get into computer systems that […]