Critical Infrastructure | SC Media

Critical Infrastructure

Government warns OT assets still in danger of attack over internet

Security professionals responsible for protecting critical infrastructure strive to isolate and segregate their most mission-critical systems, but there are still too many operational technology (OT) assets that are accessible to attackers over the internet, according to a new government alert. When searchable and accessible via the internet, OT systems – just like conventional IT systems…

Threat Profiling in the ICS World: What You Need to Know

Vulnerabilities in two Schneider Electric ICS products reminiscent of Stuxnet

Vulnerabilities reminiscent of Stuxnet found in two Schneider Electric products could allow an attacker to gain operation control of a device by intercepting then retransmitting commands. Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC). By exploiting the flaws,…

Top 5 cyber risks that impact businesses.

Trump cites cybersecurity concerns issuing order to protect power grid

President Trump declared a national emergency to protect the nation’s bulk-power infrastructure that stops the purchase or use of any equipment that involves a foreign adversary in any way. The declaration was part of an Executive Order signed on May 1 that stated the federal government had found that foreign adversaries are increasingly creating and…

’Havex’ malware strikes industrial sector via watering hole attacks

Israeli cyber defenders warn of attacks on water supply

Israel’s National Cyber Array issued a notification that cyberattacks have been launched against a variety of water control critical infrastructure targets. The Cyber Array report noted it was informed on April 23 that attacks had been launched on control and control systems of wastewater treatment plants, pumping stations and sewers.  In response the agency is…

Ragnar Locker’s well-conceived ransomware attack on Energias de Portugal

Ragnar Locker’s ransomware attack on Energias de Portugal (EDP) and its subsequent 1,580 bitcoin, or $11 million, ransom demand indicates the attack was well thought out with the attacker fully understanding it’s victim’s financial capabilities. James McQuiggan, security awareness advocate at KnowBe4, told SC Media that Ragnar Locker’s general modus operandi is to charge a…

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms The Cyberspace Solarium Commission issued a 182-page report stating the United States in dangerously insecure when it comes to defending itself from a cyberattack and offered a litany of recommendations to shore up the nation’s defenses. The Commission, headed by Sens. Angus…

Experiment shows how often hackers want to attack critical infrastructure

CISA warns critical infrastructure sectors after successful ransomware attack on pipeline operator

The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational…

Report ties Ekans/Snake ransomware to Megacortex, emphasizes ICS threat

A new threat intelligence report has underscored the serious threat posed by the recently discovered Snake ransomware, which not only encrypts files, but can disrupt certain industrial controls systems processes. ICS security firm Dragos issued the blog post report yesterday after initially sharing it privately with its clientele back in mid-January. Dragos refers to ransomware…

PupyRAT found sniffing around EU energy concern

A command and control server used by the Iranian-associate group PupyRAT has been found communicating with the mail server of a European energy sector organization for the last several months. Recorded Future’s Insikt Group reported PupyRAT, a remote access trojan, had been chatting with the command and control server from November 2019 until about January…

Next post in Network Security