Industrial Control Systems News, Articles and Updates

Luck prevents malware fatally damaging critical infrastructure - this time!

Triton malware joins Stuxnet, Havex / Dragonfly, Blackenergy2/3, and Industroyer / CrashOverridet specifically targeting industrial networks: Passive network monitoring with hybrid threat detection needs to be implemented now.

The dawn of industrial cyber security - not the dusk

Today the risk to industrials is digital. It comes through knowing specific technical protocols and manipulating them to control an asset. Or obfuscating digital machine readings, blinding operators to thresholds being exceeded.

Three simple steps to secure your ICS systems against digital threats

Industrial control systems (ICS), which manage utilities such as water, gas, and electricity, are going online so that jobs once carried out manually can now be carried out remotely or with the help of automation.

Allscript still recovering from SamSam ransomware attack

A new variant of SamSam ransomware was observed targeting multiple industries including government, healthcare and Industrial Control Systems in a series of attacks that don't appear to be highly targeted but more opportunistic.

14 flaws found that could take over industrial control systems

Licence management systems used in industrial control systems are plagued with vulnerabilities - contain 14 flaws could enable hackers to take control of systems and carry out DoS attacks

Industrial tech security association set up, NCSC calls for cooperation

Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.

Ransomware & ind control systems: never the twain shall meet - until now!

If ransomware infects and encrypts a device you might swap it out for another device, but Andrew Cooke explains, if HMI devices get infected, unplugging equipment isn't always feasible, so the critical thing has to be prevention.

Controls attacks up 110%; Dragonfly APT group targetting power facilities

An APT group fixated on infiltrating energy facilities in North America and Europe has turned up the juice lately on its operations; IBM says attacks targeting industrial controls systems increased 110 percent in 2016

ICYMI: Industroyer; WannCry; InfoSec Bears; Infosec GDPR; Virgin routers

In Case You Missed it: Industroyer hits controls: WannaCry 1 month on; Infosec Bear hunt; Infosec GDPR role; Virgin routers vulnerable

Chinese hacking group allegedly behind ThyssenKrupp hack

According to the German Federal Office for Information Security (BSI), the group is well known to them, and the BSI says several other businesses are under attack.

DoS vulnerabilities found in ICS equipment

Further vulnerabilities have been discovered in Schneider Electric industrial control systems kit by researchers from CheckPoint Software and Critifence who have dubbed them "PanelShock".

Report: Ransomware feeds off poor endpoint security

Poor endpoint security is propelling the great ransomware epidemic of 2016 — and if allowed to fester, the threat will spread to new endpoints including IoT devices, cars and ICS and SCADA systems, a new report says.