malware
-
Commentary
Stronger Cybersecurity Key to Utility Infrastructure
Cybersecurity risks can occur daily, taking multiple forms. While there are personal measures that the general population can do to eliminate some of these risks, power utility companies must take a more aggressive approach to keep the communities they serve safe and their security unquestioned. COMMENTARY Should a power utility company face a cyberattack, it […]
Tagged in: -
Connected Plant
Cybersecurity Experts Warn of New ‘Hardened’ ICS-Specific Ransomware Variant
A primitive but unique ransomware variant that emerged in mid-December can forcibly stop a number of processes, including multiple items related to industrial control system (ICS) operations, industrial cybersecurity firm Dragos warned in a detailed report on Feb. 3. The ransomware known as “EKANS” (or “Snake,” which is “EKANS” spelled backwards) is “relatively straightforward” as […]
-
Connected Plant
Malware Discovered at Nuclear Plant in India
Malware detected at the Kundankulam nuclear power plant in India’s state of Tamil Nadu has not affected plant systems, an investigation by Nuclear Power Corp. of India (NPCIL), the nation’s nuclear plant operator, confirms. The entity said in a press release on Oct. 30 that it discovered the malware on Sept. 4 on the personal […]
Tagged in: -
News
TRITON/TRISIS Cyberattacker Has a New Target: Power Sector
XENOTIME, a cyberthreat activity group thought responsible for TRISIS/TRITON malware attacks on safety instrumented systems (SIS) at an oil and gas Middle Eastern facility in 2017, has been probing power company networks in the U.S. and elsewhere, new intelligence from industrial control systems (ICS) security firm Dragos shows. “In February 2019, Dragos identified a change in […]
-
IIOT Cyber
BlackEnergy, Grid-Disrupting Malware, Has a Successor, Researchers Warn
BlackEnergy, the malware used in a cyberattack that prompted a large-scale blackout in Ukraine in December 2015, has a successor—GreyEnergy. A group is using the malware to target industrial networks outside Ukraine, researchers from Slovakian cybersecurity firm ESET warn. The researchers said in an October 17–released white paper that analysis of the previously undocumented GreyEnergy […]
Tagged in: -
Connected Plant
Looking to the Cloud for Energy and Power Sector Security
Malware-based attacks against utilities and power plants are increasing six-fold according to a recent federal report. Power plants have become an appealing target because of a lack of detection and monitoring
Tagged in: -
Instrumentation & Controls
Russian Cyber Threat Actors Have Gained Access to Power Plant ICS Systems
Russian government cyber threat actors have infiltrated workstations and servers of corporate networks containing data output from industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems associated with an unnamed number of power plants, the Department of Homeland Security (DHS) has warned. The dire warning issued by the agency’s U.S. Computer Emergency […]
-
IIOT Power
ICS Cybersecurity Threatened, but Defense Woefully Inadequate
Though increasingly serious cybersecurity threats loom, nearly two-thirds of U.S. industrial control system (ICS) vulnerabilities identified in 2017 could cause severe operational impact if exploited, cybersecurity firm Dragos Inc. warned in a series of reports published March 1. The reports, which cover ICS vulnerabilities, ICS threats, and reactions to existing threats, draw a dire picture […]
-
Legal & Regulatory
FERC Proposes Mandatory Reporting of Attempted Cybersecurity Compromises
The Federal Energy Regulatory Commission (FERC) has proposed a revision of the Critical Infrastructure Protection (CIP) Reliability Standards to enhance awareness of existing or developing cybersecurity threats to the nation’s energy infrastructure. FERC issued a Notice of Proposed Rulemaking (NOPR) on December 21 that directs the North American Electric Reliability Corp. (NERC) to broaden CIP-008-5 […]
-
Commentary
Why CrashOverride Is a Red Flag for U.S. Power Companies
Organizations across every industry today face a wide range of cyber threats and serious security challenges from various vectors. A top concern among these is the persistence cybersecurity experts are seeing
Tagged in: