In-brief: A new company, PFP Cybersecurity, says it can detect malware infections almost instantly by analyzing changes in the way infected devices consume power. The company is targeting industrial control system and critical infrastructure with new products.
Dark Reading’s Kelly Higgins has a report about a discovery by a security researcher who has identified a worrying new trend: banking malware that is posing as legitimate ICS software updates and files in order to compromise systems that run manufacturing plants and other facilities. Higgins writes about research by Kyle Wilhoit, senior threat researcher with Trend Micro. Wilhoit claims to have found 13 different crimeware variants disguised as SCADA and industrial control system (ICS) software. The malware posed as human machine interface (HMI) products, including Siemens’ Simatic WinCC, GE’s Cimplicity, and as device drivers by Advantech. [Read more Security Ledger coverage of threats to SCADA and industrial control systems here.]The attacks appear to be coming from traditional cybercriminals rather than nation-state attackers. The motive, Wilhoit theorizes, is to make money, possibly by harvesting banking credentials or other financial information. Malicious software that can operate in industrial environments and critical infrastructure settings is an […]
The Christian Science Monitor is running a story I wrote this week on the security of the electric grid. In the piece, I take a look at whether the electric industry is soft-pedaling cyber risk. From the piece: “For all the huffing and puffing in Washington D.C. policy circles about the hack of Sony Pictures being an act of “cyber war,” for security experts who have been working within the power sector, however, the dire warnings are not news. They would not have been news last year, or the year before. In fact, (NSA Chief Mike) Rogers’ dim assessment of the US power sector’s readiness to face and withstand a cyberattack has been shared and articulated within the power industry for seven years. “Why is it that the US power grid in 2014 is not better prepared to keep nation-state hackers at bay, or to withstand a critical cyberattack? Some of the […]
A report released this week from Germany’s Federal Office for Information Security said that a German steel manufacturing plant was severely damaged by a cyber-physical attack this year. The incident was mentioned in an annual report by the Bundesamt für Sicherheit in der Informationstechnik (or BSI), which provided a summary of cyber security issues and incidents affecting Germany. According to the report, a German steel manufacturing facility was the victim of a “targeted attack” that the report labeled an “APT” or “advanced persistent threat” style attack. [Read more Security Ledger coverage of APT-style attacks.] The attackers used a sophisticated spear-phishing e-mail and social engineering to get access to the office network at the steelworks, the report claims. “From there, they worked successively to production networks.” The malicious code disrupted the function of control system components that led to a blast furnace not being able to be turned off in a regulated fashion. “The result (was) massive damage […]
A spate of reports in recent days has put the media’s attention back on the security of the energy sector and critical infrastructure more broadly. Notably: this CNN report that cites NSA director Admiral Mike Rogers telling the audience at a power grid security conference in San Antonio, Texas in October that “power… is one of the segments that concerns me the most.” What’s changed? For one: the uptick in ICS-specific malware like BlackEnergy. A spate of attacks based on that malware and others have targeted critical infrastructure players in recent months. According to a confidential memo obtained by CNN, the FBI and DHS are now traveling the country to warn utilities and other critical infrastructure owners about targeted attacks on industrial control systems. Some of those attacks are exploiting previously unknown (or “zero day”) vulnerabilities in ICS systems, CNN reported. The U.S. Government has been warning about the threat of cyber attacks on […]
