Security News

In my previous role, I was an ICS security strategist and managed numerous business functions from Intel ranging from global semiconductor factories for OT, sub-factories for ICS, global BMS, and smart buildings/facilities. Most importantly, I plan to align our business output with our customer demands to defend, protect, and enhance their security posture across ICS. Finally, I am excited to evaluated all strategic partnerships to map out a new business strategy for the next few years that will bring together security requirements, external threats, and market trends to ensure that we are staying ahead of our customer needs and are continually providing them the best service possible.

Industrial control system vulnerability disclosures are drastically increasing as high-profile cyberattacks on critical infrastructure and industrial enterprises have elevated ICS security to a mainstream issue, according to a report released by Claroty. The report shows a 41% increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25% from 2019 and 33% from 2018.

71% of vulnerabilities found in the first half of 2021 are classified as high or critical, and 90% are of low complexity, meaning an attacker can expect repeated success under a variety of conditions, says Claroty. Industrial cybersecurity company Claroty has released a report on the state of vulnerabilities in industrial control systems in the first half of 2021, and the data reveals several serious issues that should leave any business with an ICS system on high alert.

Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. Siemens has released 10 new advisories for the August 2021 Patch Tuesday and they cover a total of 32 vulnerabilities.

Industrial cybersecurity firm Dragos has published an analysis of exploits targeting vulnerabilities in industrial control systems and operational technology systems. One possible explanation is that Trend Micro's Zero Day Initiative has acquired many ICS vulnerabilities, and ZDI can prevent researchers from making public their proof-of-concept exploits.

Industrial control systems vendors and other organizations have published advisories to address a couple of serious denial of service vulnerabilities affecting a widely used licensing and DRM solution made by Germany-based Wibu-Systems. CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes security features that provide protection against tampering and other attacks.

Classified files apparently leaked from a cyber unit of the Iranian government show that Iran is looking to improve its offensive cyber capabilities, including for targeting industrial control systems. British news outlet Sky News managed to obtain five internal reports - all marked "Very confidential" - that seem to originate from the Islamic Revolutionary Guard Corps' Shahid Kaveh, a secret offensive cyber unit.

Needless to say, Geyer has a lot to say about the threat ransomware poses to OT, ICS and critical infrastructure. How to prepare for the future of ransomware risk management.

The researchers showed how an attacker could go from the cloud-based management console to all managed endpoint devices, and also from the endpoint devices to the management console. In the first attack, the attacker obtains unauthorized access to the account of a management console operator using stolen credentials or exploits.

The U.S. government on Tuesday attributed several past attacks involving industrial control systems to Russian, Chinese and Iranian state-sponsored threat actors. "CISA and the FBI assess that these actors were specifically targeting U.S. pipeline infrastructure for the purpose of holding U.S. pipeline infrastructure at risk. Additionally, CISA and the FBI assess that this activity was ultimately intended to help China develop cyberattack capabilities against U.S. pipelines to physically damage pipelines or disrupt pipeline operations," the agencies said.