HackDig : Dig high-quality web security articles

Threat landscape for industrial automation systems for H2 2022

Year 2022 in numbers Parameter H1 2022 H2 2022 2022 Percentage of attacked ICS computers globally 31.8% 34.3% 40.6% Main threat sources Internet 16.5% 19.9% 24.0% Email clients 7.0% 6.4% 7.9% Removable devices 3.5% 3.8% 5.2% Network folders 0.6% 0.6% 0.8% Percentage of ICS computers on which malicious objects from different categories were b
Publish At:2023-03-06 07:05 | Read:231724 | Comments:0 | Tags:Industrial threats Backdoor Industrial control systems Malwa

The secrets of Schneider Electric’s UMAS protocol

UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part numbers BMXP34*). Controllers are configured and programmed using engineering sof
Publish At:2022-09-29 05:11 | Read:417238 | Comments:0 | Tags:Industrial threats Controllers Industrial control systems Sc

Threat landscape for industrial automation systems for H1 2022

H1 2022 in numbers Geography In H1 2022, malicious objects were blocked at least once on 31.8% of ICS computers globally. Percentage of ICS computers on which malicious objects were blocked For the first time in five years of observations, the lowest percentage in the ‎first half of the year was observed in March.‎ During the period from January to March,
Publish At:2022-09-08 05:11 | Read:659953 | Comments:0 | Tags:Industrial threats Industrial control systems Malware Statis

ISaPWN – research on the security of ISaGRAF Runtime

In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment. According to public sources of information, ISaGRAF Runtime is used as an automation framework in multiple products in various industries across the globe and its use
Publish At:2022-05-23 10:14 | Read:470818 | Comments:0 | Tags:Research Controllers Encryption Firmware Industrial control

Evaluation of cyber activities and the threat landscape in Ukraine

Introduction When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in the cyber domain did not match their predictions[1]. Since the beginning of the fighting, new cyberattacks taking place in Ukraine have been identified every week, which lead to a variety of interpretations – and indeed a global
Publish At:2022-05-17 11:29 | Read:1945992 | Comments:0 | Tags:Publications APT Industrial control systems Ransomware Targe

What Is the Role of Incident Response in ICS Security?

span class="entry-content post-content">In recent years, cyber espionage has been growing in magnitude and complexity. One of the most common targets is Industrial Control Systems (ICS) within critical infrastructure sectors.With many organizations relying more heavily on ICS networks, there has been an increase in threats and cyberattacks aimed at these sys
Publish At:2022-04-07 02:08 | Read:757251 | Comments:0 | Tags:Featured Articles ICS Security incident response Industrial

Threat landscape for industrial automation systems, H2 2021

2021 is the second year we have spent living and working in the pandemic. By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2. H2 2021 Report at a glance The full report is ava
Publish At:2022-03-03 07:21 | Read:517353 | Comments:0 | Tags:Industrial threats Backdoor Industrial control systems Keylo

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Main facts Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. Operators of these campaigns hunt for corporate credentials, aiming to commit financial fraud or to sell them to other malicious actors. Spearphishing emails with malicious attachments sent from compromised corporate mailboxes to their contacts. The a
Publish At:2022-01-19 06:07 | Read:836397 | Comments:0 | Tags:Research Cybercrime Industrial control systems Malware Stati

PseudoManuscrypt: a mass-scale spyware attack campaign

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries. These attacks are described in the report “Lazarus targets defense industry with Th
Publish At:2021-12-16 07:19 | Read:493303 | Comments:0 | Tags:Industrial threats Data theft Industrial control systems Laz

Threats to ICS and industrial enterprises in 2022

Continuing trends In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. Further evolution of cyberthreats as a response to infosec t
Publish At:2021-11-23 07:18 | Read:437365 | Comments:0 | Tags:Kaspersky Security Bulletin APT Certificate authorities Cybe

Contextualizing the Ransomware Threat Confronting OT Environments

Back in early June, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet discussing the rising threat of ransomware to operational technology (OT) assets. This development raises several questions. Why is ransomware a threat to OT environments? And what can organizations do to protect their OT assets against ransomware?To
Publish At:2021-10-11 23:10 | Read:890553 | Comments:0 | Tags:ICS Security Industrial Control Systems industrial environme

Threat landscape for industrial automation systems in H1 2021

The H1 2021 ICS threat report at a glance Percentage of ICS computers attacked During the first half of 2021 (H1 2021), the percentage of attacked ICS computers was 8%, which was 0.4 percentage points (p.p.) higher than that for H2 2020. Percentage of ICS computers on which malicious objects were blocked (download) Numbers per country varied fr
Publish At:2021-09-09 08:36 | Read:362545 | Comments:0 | Tags:Industrial threats Industrial control systems Malware Statis

How Pipeline Owners and Operators Can Fulfill the TSA’s Second Security Directive

Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware attack that affected the Colonial Pipeline Company back in May to the TSA and the Cybersecurity & Infrastructure Security Agency (CI
Publish At:2021-08-12 08:45 | Read:599122 | Comments:0 | Tags:ICS Security compliance Department of Homeland Security DHS

White House Memo Takes on Securing Critical Infrastructure Control Systems

Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event a year. That’s abo
Publish At:2021-08-04 00:23 | Read:381709 | Comments:0 | Tags:ICS Security Critical Infrastructure Industrial Control Syst

IT Network Attacks Can Impact Your OT Networks, Too

On May 8th, I was at a gas station filling up my car before a trip I was taking when the news about a cyberattack against a large pipeline company broke. The attack led them to halt all operations. Ultimately, the incident stemmed from a ransomware infection in which a well-known threat actor took volumes of corporate data in just two hours and made their de
Publish At:2021-05-19 23:10 | Read:402777 | Comments:0 | Tags:ICS Security Industrial Control Systems information technolo

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud