SCADA – ICS

Russia Cozy Bear CrowdStrike

FBI, DHS warn Russian Dragonfly Group Still Targeting US Critical Infrastructure

The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors. 

Paper Shredder

Podcast Episode 87: Vulnerability Reports Down the Memory Hole in China and the Groups Hacking ICS

Podcast: Play in new window | Download (Duration: 42:05 — 48.2MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast (#87) we speak with Priscilla Moriuchi of the firm Recorded Future about China’s efforts to cover up delays in publishing information on serious and exploitable software security holes. Joe Slowick of the firm Dragos Security joins us to talk about the hacking groups targeting industrial control systems and Ken Munro of the firm Pen Test Partners tells us why the UK’s new report on securing the Internet of Things isn’t worth the paper it’s written on. 

Researchers: SCADA Mobile Apps Continue to Have ‘Shocking’ Number of Vulnerabilities

Despite their availability on mobile networks and thus increased exposure to outside security threats, SCADA apps remain highly insecure and vulnerable to attack, putting critical industrial control systems at immediate and increased risk, researchers at IOActive and Embedi have found.

industrial machinery

Podcast: New Malware targets Industrial Safety Systems and Uncle Sam Bans Kaspersky – What Now?

Podcast: Play in new window | Download (Duration: 52:36 — 96.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn our latest podcast: industrial security expert Joe Weiss talks to us about Triton, a new malware family targeting industrial safety systems. Also: Dave Aitel of the firm Immunity Inc. joins us again to talk about new legislation banning government agencies from using anti malware software by Kaspersky Lab. And, Alan Naumann* of the firm Contrast Security talks to us about the major insurance firm that  joined the latest round of investment in his company, and why application security is everybody’s problem. 

Workers at control terminal.

Report: Nation-Backed Hackers Hit Industrial Emergency Shutdown System

Hackers believed to be affiliated with a nation-state hacked into emergency shutdown systems at a facility in the Middle East. The attack seemed intended to “cause a high-impact attack with physical consequences,” according to reports from a number of cyber security firms.