Security News

"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.

Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. "The malware is designed to cause electric power disruption by interacting with IEC 60870-5-104 devices, such as remote terminal units, that are commonly leveraged in electric transmission and distribution operations in Europe, the Middle East, and Asia," the company said.

Sponsored Post Some of the most famous cyber attacks in history have been directed against Industrial Control Systems. They include the 2009 Stuxnet incident, which saw hackers gain access to an Iranian nuclear plant when its SCADA system was compromised, and Triton, which distributed malware that enabled intruders to remotely take over the Triconex controllers and software associated with the safety systems of a Saudi petrochemical plant in 2017.

The U.S. Cybersecurity and Infrastructure Security Agency has published eight Industrial Control Systems advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682, impacting Hitachi Energy's MicroSCADA System Data Manager SDM600 that could allow an attacker to take remote control of the product.

CryPLH is a low-interactive and virtual Smart-Grid ICS honeypot simulating Siemens Simatic 300 PLC devices. With the development of cybersecurity technology, deception has been applied in various circumstances like the web, databases, mobile apps, and IoT. Deception technology has been embodied in some ICS honeypot applications in the OT field.

SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, talks about the key findings:...

A report published by Deloitte in 2020 - Building cyber security into critical infrastructure: Protecting industrial control systems in Asia Pacific - concluded that critical infrastructure operators in Asia Pacific are being increasingly targeted by cyber espionage and sophisticated attacks which can severely disrupt essential services, including energy and water supplies. APAC cyber security professionals cannot afford to drop their guard for a second, but ICS/OT systems present some unique challenges when it comes to making sure they are safeguarded from unauthorized access, data theft and disruption.

The National Security Agency and CISA have issued guidance on how to secure operational technology and industrial control systems part of U.S. critical infrastructure.The advisory also "Notes the increasing threats to OT and ICS assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes. OT/ICS designs are publicly available, as are a wealth of tools to exploit IT and OT systems."

CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service condition, among others. CODESYS is a software suite used by automation specialists as a development environment for programmable logic controller applications.

Critical flaws in a popular platform used by industrial control systems that allow for unauthorized device access, remote code execution or denial of service could threaten the security of critical infrastructure. The OAS Platform is widely used in systems in which a range of disparate devices and software need to communicate, which is why it's often found in ICS to connect industrial and IoT devices, SCADA systems, network points, and custom apps and APIs, among other software and hardware.