Security News

A report published on Thursday by industrial cybersecurity firm Dragos reveals that the manufacturing sector has been attacked by five threat groups that have been known to target industrial environments. According to Dragos, the manufacturing sector faces increasing risk of cyberattacks, including attacks whose goal may be to cause disruption to industrial processes and ones aimed at collecting valuable information.

2AI released a preview of the report last year at SecurityWeek's ICS Cyber Security Conference in Atlanta. The organization revealed at the time that some respondents claimed to have experienced ICS security incidents that resulted in injury and even loss of life.

In developing its ICS ATT&CK matrix, MITRE stressed that it is necessary to understand both Enterprise ATT&CK and ICS ATT&CK to accurately track threat actor behaviors across OT incidents. "Over the past 5 to 10 years," Nathan Brubaker, senior manager at Mandiant Threat Intelligence told SecurityWeek, "Every sophisticated ICS attack instance we have observed has passed through these intermediary systems on their way to impacting ICS. This includes malware like Stuxnet, Triton and most others. Ninety to ninety-five percent of threat actor activity occurs on these intermediary systems." So that's the most likely place you're going to find ICS attackers, and the best opportunity to stop them.

Several major industrial control system vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems. The company's researchers showed how an attacker can launch attacks by setting up a malicious website and luring targeted users to it, or by creating their own CodeMeter API and client and sending commands to devices running CodeMeter.

Vulnerabilities affecting CodeMeter, a popular licensing and DRM solution made by Germany-based Wibu-Systems, can expose industrial systems to remote attacks, industrial cybersecurity company Claroty warned on Tuesday. CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes security features that provide protection against tampering and other attacks.

More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and remote access connections, according to Claroty. The report comprises The Claroty Research Team's assessment of 365 ICS vulnerabilities published by the National Vulnerability Database and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team during 1H 2020, affecting 53 vendors.

Over 70% of the industrial control system vulnerabilities disclosed in the first half of 2020 were remotely exploitable through a network attack vector, industrial cybersecurity company Claroty reported on Wednesday. Learn more about ICS vulnerabilities at SecurityWeek's 2020 ICS Cyber Security Conference and SecurityWeek's Security Summits virtual event series.

The official Call for Presentations (speakers) for SecurityWeek’s 2020 Industrial Control Systems (ICS) Cyber Security Conference, being held October 19 – 22, 2020 in SecurityWeek’s Virtual...

The official Call for Presentations for SecurityWeek's 2020 Industrial Control Systems Cyber Security Conference, being held October 19 - 22, 2020 in SecurityWeek's Virtual Conference Center, has been extended to August 31st. As the premier ICS/SCADA cyber security conference, the event was originally scheduled to take place at the InterContinental Atlanta, but will now take place in a virtual environment due to COVID-19. The 2020 Conference is expected to attract thousands of attendees from around the world, including large critical infrastructure and industrial organizations, military and state and Federal Government.

Honeywell says it has seen a significant increase over the past year in USB-borne malware that can cause disruption to industrial control systems. While only 11% of the malware found on USB drives was specifically designed to target industrial systems - this represents a slight drop compared to the 14% identified in 2018 - 59% of the detected threats could cause significant disruption to industrial systems, compared to only 26% in 2018.