Security News

Dragos released its report on cyber threats facing industrial organizations, naming the emergence of three new threat groups targeting ICS/OT environments, including two that have gained access into the OT systems of industrial organizations. Ransomware became the number-one attack vector among industrial organizations, with manufacturing as the most targeted sector representing 65%, or 211, of the ransomware cases detected at industrial organizations.

Attackers are targeting industrial enterprises with spyware campaigns that hunt for corporate credentials so they can be used both for financial gain and to cannibalize compromised networks to propagate future attacks, researchers have found. Researchers dubbed the attacks "Anomalous" because they veer from typical spyware attacks, Kaspersky's Kirill Kruglov wrote in a report published this week on the SecureList blog.

We know for sure that ransomware attackers and sundry dark forces want to break into critical infrastructure. Ransomware attacks on industrial environments have increased by 500 per cent since 2018.

Which is why SANS Institute's ICS Cybersecurity In-depth course gives candidates hands-on, in the room access to a sophisticated ICS setup, designed to simulate a real world SCADA environment, with operators in a "Remote" control centre monitoring and controlling "Field" equipment and "Local" HMI kit. That's why ICS Cybersecurity In-depth is the only one of SANS' 70 plus courses that is only available in person.

In my previous role, I was an ICS security strategist and managed numerous business functions from Intel ranging from global semiconductor factories for OT, sub-factories for ICS, global BMS, and smart buildings/facilities. Most importantly, I plan to align our business output with our customer demands to defend, protect, and enhance their security posture across ICS. Finally, I am excited to evaluated all strategic partnerships to map out a new business strategy for the next few years that will bring together security requirements, external threats, and market trends to ensure that we are staying ahead of our customer needs and are continually providing them the best service possible.

Industrial control system vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have elevated ICS security to a mainstream issue, according to a report released by Claroty. The report shows a 41% increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25% from 2019 and 33% from 2018.

71% of vulnerabilities found in the first half of 2021 are classified as high or critical, and 90% are of low complexity, meaning an attacker can expect repeated success under a variety of conditions, says Claroty. Industrial cybersecurity company Claroty has released a report on the state of vulnerabilities in industrial control systems in the first half of 2021, and the data reveals several serious issues that should leave any business with an ICS system on high alert.

Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. Siemens has released 10 new advisories for the August 2021 Patch Tuesday and they cover a total of 32 vulnerabilities.

Industrial cybersecurity firm Dragos has published an analysis of exploits targeting vulnerabilities in industrial control systems and operational technology systems. One possible explanation is that Trend Micro's Zero Day Initiative has acquired many ICS vulnerabilities, and ZDI can prevent researchers from making public their proof-of-concept exploits.

Industrial control systems vendors and other organizations have published advisories to address a couple of serious denial of service vulnerabilities affecting a widely used licensing and DRM solution made by Germany-based Wibu-Systems. CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes security features that provide protection against tampering and other attacks.