Triton malware joins Stuxnet, Havex / Dragonfly, Blackenergy2/3, and Industroyer / CrashOverridet specifically targeting industrial networks: Passive network monitoring with hybrid threat detection needs to be implemented now.
Today the risk to industrials is digital. It comes through knowing specific technical protocols and manipulating them to control an asset. Or obfuscating digital machine readings, blinding operators to thresholds being exceeded.
Industrial control systems (ICS), which manage utilities such as water, gas, and electricity, are going online so that jobs once carried out manually can now be carried out remotely or with the help of automation.
A new variant of SamSam ransomware was observed targeting multiple industries including government, healthcare and Industrial Control Systems in a series of attacks that don't appear to be highly targeted but more opportunistic.
Licence management systems used in industrial control systems are plagued with vulnerabilities - contain 14 flaws could enable hackers to take control of systems and carry out DoS attacks
Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.
If ransomware infects and encrypts a device you might swap it out for another device, but Andrew Cooke explains, if HMI devices get infected, unplugging equipment isn't always feasible, so the critical thing has to be prevention.
An APT group fixated on infiltrating energy facilities in North America and Europe has turned up the juice lately on its operations; IBM says attacks targeting industrial controls systems increased 110 percent in 2016
In Case You Missed it: Industroyer hits controls: WannaCry 1 month on; Infosec Bear hunt; Infosec GDPR role; Virgin routers vulnerable
According to the German Federal Office for Information Security (BSI), the group is well known to them, and the BSI says several other businesses are under attack.
Further vulnerabilities have been discovered in Schneider Electric industrial control systems kit by researchers from CheckPoint Software and Critifence who have dubbed them "PanelShock".
Poor endpoint security is propelling the great ransomware epidemic of 2016 — and if allowed to fester, the threat will spread to new endpoints including IoT devices, cars and ICS and SCADA systems, a new report says.