The data-wiping Shamoon malware resurfaced this week at Italian oil and gas contractor Saipem, where it destroyed files on about 10 percent of company PCs, according to a published report. The attacks may be linked to Saipem’s work with Saudi Aramco, a target of earlier Shamoon attacks.
Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.
Recent attacks on the third-party data system of several U.S. pipeline companies highlight the persistent need for better ways to secure industrial control systems (ICSs), particularly when third-party software is in use, security experts said.
In-brief: A crippling cyber attack that could damage and destroy equipment needed to keep the lights on in major US cities is already possible. The only thing that’s lacking is a motive to carry out such an attack, according to our guest on this week’s podcast: Joe Weiss, a Managing Partner at Applied Control Solutions, LLC and a persistent, if lonely, voice calling for an overhaul of cyber security for the U.S. electric grid.
In-brief: The U.S. should invest in equipment and talent to preserve legacy, analog infrastructure such as copper wire telecommunications networks and pneumatic pumps as a hedge against massively disruptive cyber attacks and other interruptions, two researchers with The MITRE Corporation argue in a recent opinion piece.
