Malware in Ukraine SCADA Cyber Attack Threatens European, U.S. Electric Grids

Malware capable of causing power outages of up to a few days by ordering industrial computers to shut down electricity transmission has been discovered in portions of European grids, according to Slovakian security software maker ESET and U.S. critical-infrastructure security firm Dragos. The malware sample referred to as Crash Override or Industroyer has been linked […]

How the Internet of Things Puts SCADA Systems at Risk

Read Kayla Nick-Kearney explain how Internet of Things devices put SCADA systems at risk on Government Technology : As the Internet of Things (IoT) becomes more pervasive in everyday life, more industrial systems are connected to the Internet, which creates risk to the operational technology (OT) involved in running those systems. Read her full article […]

New Portal Launched For ICS/SCADA Threat Intelligence-Sharing Among Nations

In the aftermath of the unprecedented cyberattack that led to a blackout in Ukraine last December, members of the US ICS-CERT team flew to Kiev to get debriefed by their Ukrainian counterparts. Read about the new initiative by EastWest Institute in collaboration with the US ICS-ISAC to create a platform for critical infrastructure operators worldwide to […]

Security Considerations for the IIoT Challenge

For decades, Supervisory Control and Data Acquisition (SCADA) systems have played a significant role in industrial operations. Industries like oil and gas, electric power, agriculture, and utilities have implemented SCADA systems and networks to collect data and automate processes — and they’re always looking to automation systems for more effective ways to operate. Read about […]

How the Industrial Internet Marks a More Secure Phase in Protecting SCADA Systems

In November 2014, researchers from Ben-Gurion University unveiled “AirHopper,” a type of malware which forces a computer to transmit sensitive information in the form of keystrokes to a mobile receiver via FM radio waves. Read how industrial Internet can mark a new secure phase of protecting industrial systems from cyber attacks on Trip Wire.

Defending Industrial Ethernet Switches Is Not Easy, But Doable

Read why Rutrell Yasin says that though defending industrial ethernet switches is not easy, it is doable on Dark Reading : A team of researchers who found a slew of vulnerabilities across five models of Industrial Ethernet Switches said that the SCADA community can monitor for and respond to vulnerabilities in their network devices and do […]

BlackEnergy exploits recently fixed flaws in Siemens WinCC

The ICS-CERT revealed that the BlackEnergy malware targeted SCADA HMI systems may be exploiting a recently patched flaw in the Siemens SIMATIC WinCC. Security experts at the Industrial Control System Cyber Emergency Response Team (ICS-CERT) reported that the BlackEnergy malware was used by threat actors in the wild to compromise HMI (human-machine interface) systems. The […]

Siemens Fixes Critical Vulnerabilities in WinCC SCADA Products

Siemens has released software updates to address two critical vulnerabilities in its SIMATIC WinCC supervisory control and data acquisition (SCADA) system, one of which could be exploited remotely by an unauthenticated attacker. The German industrial products giant has also released software updates for WinCC, PCS 7 and TIA Portal products, and said that it is […]

Sandworm team targeted SCADA systems – TrendMicro Labs report

On October 14th, a report was publicly released regarding the Sandworm team. After beginning an investigation into the affiliated malware samples and domains, we quickly came to realization that this group is very likely targeting SCADA-centric victims who are using GE Intelligent Platform’s CIMPLICITY HMI solution suite. We have observed this team utilizing .cim and […]