Scada News, Articles and Updates

The dawn of industrial cyber security - not the dusk

Today the risk to industrials is digital. It comes through knowing specific technical protocols and manipulating them to control an asset. Or obfuscating digital machine readings, blinding operators to thresholds being exceeded.

First SCADA cryptominer seen in the wild

The first documented cryptominer attack on a SCADA network of a critical infrastructure operator was seen in the wild.

Critical infrastructure security - getting to grips with EU NIS Directive

EU NIS Directive: As the implementation of the first true piece of cyber-security legislation draws near, Jalal Bouhdada discusses its potential impact on 'operators of essential services.

Mobile SCADA application landscape less secure than in 2015

The latest research suggests, within just two years, the security situation for SCADA has got worse to the tune of an average increase of 1.6 vulnerabilities per application tested.

Industrial tech security association set up, NCSC calls for cooperation

Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.

Advanced new destructive wiper malware discovered in the wild

In the wake of the Shamoon malware attacks, a new wiper targets the Middle East and shows interest in European targets.

ICYMI: Symantec cert fraud; FSB arrest; Lloyds DDoS; Salary survey; Scada vulnerabilities

In Case You Missed It: Symantec illegal certs; Kaspersky employee arrest; Lloyds DdoS, SC 2017 salary survey; GE Scada vulnerabilities

Vulnerabilities found in GE SCADA systems, password interception possible

GE plugs vulnerability in SCADA systems that could have allowed attackers to intercept passwords and disrupt utilities and factory operations.

RCE vulnerability found on ICS management software

Industrial cyber-security firm Indegy has found a remote code execution vulnerability inside Schneider Electric's flagship ICS management software, Unity Pro.

Analysis: CISOs are showing up to a knife fight with a chessboard

A new paper from Trend Micro has shown that outdated technologies are still being used in security-critical areas. Is this a step back for security in the places that its need most?

4SICS: The ICS security challenges faced by a grid operator

Erwin Kooi, information security architect spoke at 4SICS 2016 and shared his thoughts on digitising Alliander's electricity service, while making sure it stays secure.

4SICS: ICS threats are mostly unknown, industry needs more information sharing

Robert M. Lee, CEO of Dragos Security, says that not enough information sharing happens in ICS industry, because of this the threats to ICSs are largely unknown.

Real world assets under cyber-attack - how do we defend CNI - SCADA, IOT, utilities?

Critical Infrastructure is now at risk. Transport, finance and utilities are all targets. Graham Mann looks at some key issues and how they can be tackled.

Kaspersky launches self-titled OS to protect ICS

Kaspersky Lab has reportedly finished its self-titled OS which has been built from the ground up with the aim of protecting industrial control systems.

Elektrilevi joins European network for cyber-security

Estonia power company joins European network for cyber-security to improve its cyber-resilience.

Concern about Chinese involvement at Hinkley Point is misdirected, say experts

Experts say that government concerns over cyber-security at the new nuclear power plant at Hinkley Point are misdirected and that the Chinese are not the real worry.

Critical infrastructure in Europe exposed to hackers

Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers

SFG malware discovered in European energy company

A new piece of malware has been discovered skulking around the systems of an unnamed European energy company, according to Sentinel One Labs.

Researchers discover ICS attack method that spreads through networks

A team of researchers discover a new method of launching attacks that would threaten global critical infrastructure and utility providers through a worm that spreads through utility networks.

Michigan electrical utility company hit with ransomware attack

The Michigan Board of Water and Light has been beset with a ransomware infection.

Report: Ransomware feeds off poor endpoint security

Poor endpoint security is propelling the great ransomware epidemic of 2016 — and if allowed to fester, the threat will spread to new endpoints including IoT devices, cars and ICS and SCADA systems, a new report says.

Video: Kaspersky says attacks on 'critical infrastructure' on the rise

Information technology and process automation, essential to modern industrial facilities, are under threat from hackers who are increasingly targeting ICS and SCADA systems, says Eugene Kaspersky.

Why companies using SCADA systems need to wake up to the increased threat of cyber-attacks

Ukraine's power supply suffered one of the most high profile targeted cyber-attacks on infrastructure ever- but the route - via phishing - is one of the oldest, emphaising the need for increased staff awareness says Mark Logsdon.

BlackEnergy now using Word documents

Kaspersky Lab had discovered several new developments in the ongoing BlackEnergy Saga

Adrian Davis: Is the free market failing cyber-security?

Dr Adrian Davis of (ISC)2 spoke to SC about how cyber-security will affect all of our lives in the coming decade and how it can't be left up to the market to decide how.

Cyber-security threat could cause 'Fukushima-like disaster'

A new report has warned of the dangers of bad cyber-security when it comes to nuclear power, handing out '0' ratings to tens of countries around the world and warning of a Fukushima-scale threat.

SCADA hackers reveal endemic ICS vulnerabilities in European rail

Serious flaws in European rail networks are opening trains to theft and derailment according to a group of Russian industrial control specialist hackers known as Scada Strangelove.

4SICS: The perils of investigating security incidents on industrial control systems

Industrial control systems running on outmoded operating systems and ancient hardware present special challenges for forensic investigators trying to track down malware, Mark Fabro told SCMagazineUK.com at 4SICS last week.

US automakers respond to cyber-security failings with new ISAC

Automobile manufacturers in the US have been stung into action by recent hack attacks and damning reports into vehicle cyber-security.