The hack of a Pennsylvania water treatment facility in November is part of a larger campaign by an Iranian APT group against users of Israel-made operational technology.
Cyberattacks on industrial control systems (ICS) jumped in 2022, with an 87% jump in ransomware attacks and a 35% increase in the number of ransomware groups targeting industrial control and operational technology (OT) systems, according to a report by Dragos Security.
In this episode of the Security Ledger Podcast (#126): Die Hard has finally been embraced as the bloody, violent, feel-good Christmas movie its always been. But the film, which turns 30 this year, is about more than the power of ordinary guys to stand up to evil. Did you know it’s also a (very) early warning about the dire insecurity of building automation systems? We speak with Ang Cui of the firm Red Balloon Security about the dire risk of cyber attacks on building automation software and company’s work to secure this often-overlooked critical infrastructure.
Modern container ships already face a number of serious perils at sea. Now new research from Pen Test Partners shows just how vulnerable these ships are to new dangers from hacking–including being steered off course and sunk–thanks to their use of always-on satellite communications and general lax security practices on board.
Newly discovered malicious software dubbed VPNFilter has infected hundreds of thousands of routers and network attached storage (NAS) devices globally and could be used to steal sensitive data or wipe out (“brick”) the devices, the company said.