Scada News, Articles and Updates

Mobile SCADA application landscape less secure than in 2015

The latest research suggests, within just two years, the security situation for SCADA has got worse to the tune of an average increase of 1.6 vulnerabilities per application tested.

Industrial tech security association set up, NCSC calls for cooperation

Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.

Advanced new destructive wiper malware discovered in the wild

In the wake of the Shamoon malware attacks, a new wiper targets the Middle East and shows interest in European targets.

ICYMI: Symantec cert fraud; FSB arrest; Lloyds DDoS; Salary survey; Scada vulnerabilities

In Case You Missed It: Symantec illegal certs; Kaspersky employee arrest; Lloyds DdoS, SC 2017 salary survey; GE Scada vulnerabilities

Vulnerabilities found in GE SCADA systems, password interception possible

GE plugs vulnerability in SCADA systems that could have allowed attackers to intercept passwords and disrupt utilities and factory operations.

RCE vulnerability found on ICS management software

Industrial cyber-security firm Indegy has found a remote code execution vulnerability inside Schneider Electric's flagship ICS management software, Unity Pro.

Analysis: CISOs are showing up to a knife fight with a chessboard

A new paper from Trend Micro has shown that outdated technologies are still being used in security-critical areas. Is this a step back for security in the places that its need most?

4SICS: The ICS security challenges faced by a grid operator

Erwin Kooi, information security architect spoke at 4SICS 2016 and shared his thoughts on digitising Alliander's electricity service, while making sure it stays secure.

4SICS: ICS threats are mostly unknown, industry needs more information sharing

Robert M. Lee, CEO of Dragos Security, says that not enough information sharing happens in ICS industry, because of this the threats to ICSs are largely unknown.

Real world assets under cyber-attack - how do we defend CNI - SCADA, IOT, utilities?

Critical Infrastructure is now at risk. Transport, finance and utilities are all targets. Graham Mann looks at some key issues and how they can be tackled.

Kaspersky launches self-titled OS to protect ICS

Kaspersky Lab has reportedly finished its self-titled OS which has been built from the ground up with the aim of protecting industrial control systems.

Elektrilevi joins European network for cyber-security

Estonia power company joins European network for cyber-security to improve its cyber-resilience.

Concern about Chinese involvement at Hinkley Point is misdirected, say experts

Experts say that government concerns over cyber-security at the new nuclear power plant at Hinkley Point are misdirected and that the Chinese are not the real worry.

Critical infrastructure in Europe exposed to hackers

Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers

SFG malware discovered in European energy company

A new piece of malware has been discovered skulking around the systems of an unnamed European energy company, according to Sentinel One Labs.

Researchers discover ICS attack method that spreads through networks

A team of researchers discover a new method of launching attacks that would threaten global critical infrastructure and utility providers through a worm that spreads through utility networks.

Michigan electrical utility company hit with ransomware attack

The Michigan Board of Water and Light has been beset with a ransomware infection.

Report: Ransomware feeds off poor endpoint security

Poor endpoint security is propelling the great ransomware epidemic of 2016 — and if allowed to fester, the threat will spread to new endpoints including IoT devices, cars and ICS and SCADA systems, a new report says.

Video: Kaspersky says attacks on 'critical infrastructure' on the rise

Information technology and process automation, essential to modern industrial facilities, are under threat from hackers who are increasingly targeting ICS and SCADA systems, says Eugene Kaspersky.

Why companies using SCADA systems need to wake up to the increased threat of cyber-attacks

Ukraine's power supply suffered one of the most high profile targeted cyber-attacks on infrastructure ever- but the route - via phishing - is one of the oldest, emphaising the need for increased staff awareness says Mark Logsdon.

BlackEnergy now using Word documents

Kaspersky Lab had discovered several new developments in the ongoing BlackEnergy Saga

Adrian Davis: Is the free market failing cyber-security?

Dr Adrian Davis of (ISC)2 spoke to SC about how cyber-security will affect all of our lives in the coming decade and how it can't be left up to the market to decide how.

Cyber-security threat could cause 'Fukushima-like disaster'

A new report has warned of the dangers of bad cyber-security when it comes to nuclear power, handing out '0' ratings to tens of countries around the world and warning of a Fukushima-scale threat.

SCADA hackers reveal endemic ICS vulnerabilities in European rail

Serious flaws in European rail networks are opening trains to theft and derailment according to a group of Russian industrial control specialist hackers known as Scada Strangelove.

4SICS: The perils of investigating security incidents on industrial control systems

Industrial control systems running on outmoded operating systems and ancient hardware present special challenges for forensic investigators trying to track down malware, Mark Fabro told at 4SICS last week.

US automakers respond to cyber-security failings with new ISAC

Automobile manufacturers in the US have been stung into action by recent hack attacks and damning reports into vehicle cyber-security.

Five myths of industrial control system security

Despite growing awareness of cyber-based attacks on industrial control systems, many IT security models continue to adhere to the outdated belief that physically isolating systems and 'security by obscurity' is enough, says David Emm.

Cyber security of industrial systems: the risks that lie in client machines

Industrial environments are becoming increasingly automated and interconnected, with control systems often networked over the Internet. This growing computerisation exposes industrial control systems to a number of threats - with potentially disastrous consequences, says Florian Malecki.

A Critical Threat

Attacks on critical national infrastructure are a growing concern, not just the banking and civil infrastructure, but also control systems used in the physical delivery of services. This is set to become even more of a problem as SCADA systems become internet enabled, reports Kate O'Flaherty