Security News
The cybersecurity firm told SecurityWeek that its Mandiant Intelligence team tracks nearly 100 tools that can be used to exploit vulnerabilities in ICS or interact with industrial equipment in an effort to support intrusions or attacks. Of the ICS hacking tools tracked by FireEye - the company calls them ICS cyber operation tools - 28% are designed for discovering ICS devices on a network and 24% for software exploitation.
The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems. "As ICS are a distinct sub-domain to information and computer technology, successful intrusions and attacks against these systems often requires specialized knowledge, establishing a higher threshold for successful attacks. Since intrusion and attack tools are often developed by someone who already has the expertise, these tools can help threat actors bypass the need for gaining some of this expertise themselves, or it can help them gain the requisite knowledge more quickly," FireEye researchers point out.
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software.
To that end, CISA has worked with the National Security Council, various federal agencies, industry stakeholders and organizations like the ICS Village to develop a set of core initiatives for 2020. Four, CISA will have a focus on developing detection and incident-response training blueprints.
More than 400 vulnerabilities affecting industrial control systems were disclosed in 2019 and over a quarter of them had no patches when their existence was made public, according to a report published on Thursday by industrial cybersecurity firm Dragos. Dragos analyzed 438 ICS vulnerabilities covered in 212 security advisories, roughly the same as in the previous year.
According to SentinelLabs, which has seen attacks involving Snake for the past month, files encrypted by this ransomware are difficult or impossible to recover without paying the ransom demanded by the attackers. Snake targets a wide range of files, but avoids encrypting system files and folders.
The very first Pwn2Own hacking competition that exclusively focuses on the industrial control systems has kicked off in Miami. On Day One, overall, there were six successful hacking attempts and two partially successful attempts against eight hacking targets, according to ZDI. On Day Two, there were three successful hacks and two partials against four total targets.
Attackers exploiting critical Citrix ADC, Gateway flaw, company yet to release fixesNearly a month has passed since Citrix released mitigation measures for CVE-2019-19781, a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway, which could lead to remote code execution. PCs still running Windows 7 will soon be significantly more at risk of ransomwarePCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned.
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation's most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more. Some aspects of the existing ATT&CK knowledge base for enterprise IT systems are applicable to ICS, and in many cases may represent an entry point into those ICS systems for adversaries.
Keysight Technologies, a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced a collaboration with...