08-13-17 – News This Past Week

UK publishes Laws of Robotics for self-driving cars
The United Kingdom has published a set of “Key principles of vehicle cyber security for connected and automated vehicles” outlining how auto-makers need to behave if they want computerised cars to hit Blighty’s byways and highways
https://www.theregister.co.uk/2017/08/07/uk_key_principles_of_vehicle_cyber_security_for_connected_and_automated_vehicles/

NotBeingPetya: UK critical infrastructure firms face huge fines for lax security
The UK government has announced that businesses providing essential services like energy and transport could be fined as much as £17m or 4 per cent of global turnover for failing to have effective cyber security measures in place
https://www.theregister.co.uk/2017/08/08/critical_infrastructure_firms_threatened_with_huge_fines_for_lax_security/

How a Port Misconfiguration Exposed Critical Infrastructure Data
Attacks hitting companies’ electrical systems are possible, especially when information that provides insight into those systems’ weak points is freely accessible online. If you think that such a thing is unlikely, you probably haven’t yet heard about the most recent discovery made by UpGuard researchers
https://tech.slashdot.org/story/17/08/09/1440235/how-a-port-misconfiguration-exposed-critical-infrastructure-data

Malicious code written into DNA infects the computer that reads it
“One of the big things we try to do in the computer security community is to avoid a situation where we say, ‘Oh shoot, adversaries are here and knocking on our door and we’re not prepared,’” said professor Tadayoshi Kohno, who has a history of pursuing unusual attack vectors for embedded and niche electronics like pacemakers.
https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/

Firmware update blunder bricks hundreds of home ‘smart’ locks
The upshot is you can’t use the builtin keypad on the devices to unlock the door. Lockstate’s smart locks are popular among Airbnb hosts as it allows them to give guests an entry code to get into properties without having to share physical keys. Lockstate is even a partner with Airbnb
https://www.theregister.co.uk/2017/08/11/lockstate_bricks_smart_locks_with_dumb_firmware_upgrade/

Critical Flaws Found in Solar Panels Could Shut Down Power Grids
Willem Westerhof, a cybersecurity researcher at Dutch security firm ITsec, discovered 21 security vulnerabilities in the Internet-connected inverters – an essential component of solar panel that turns direct current (DC) into alternating current (AC).
https://thehackernews.com/2017/08/solar-panel-power-grid.html

Who is better prepared for IoT-related attacks, SMEs or large organizations?

Small and midsized organizations (SMEs) are taking more steps to protect themselves from security risks associated with the Internet of Things (IoT) than large businesses, according to Pwnie Express. Small businesses are more likely to close the IoT security gap and better protect mission critical systems and business operations
https://www.helpnetsecurity.com/2017/08/10/prepare-iot-related-attacks/

Siemens CT scanners open to remote compromise via publicly available exploits
After WannaCry hit systems around the world in May, the company acknowledged that some of its customers may be facing impacts from the cyber-attack, as some of Siemens Healthineers’ products “may be affected by the Microsoft vulnerability being exploited by the WannaCry ransomware.”
https://www.helpnetsecurity.com/2017/08/07/siemens-ct-scanners-compromise/

How a port misconfiguration exposed critical infrastructure data
If you think that such a thing is unlikely, you probably haven’t yet heard about the most recent discovery made by UpGuard researchers: an open port used for rsync server synchronization has left the network of Power Quality Engineering (PQE) wide open to malicious attackers
https://www.helpnetsecurity.com/2017/08/09/critical-infrastructure-data/

Fuji Electric Patches Vulnerabilities in HMI Software
ICS-CERT informed organizations on Thursday that the Monitouch V-SFT software is affected by stack and heap buffer overflows and improper privilege management vulnerabilities that can be exploited to execute arbitrary code and escalate privileges.
http://www.securityweek.com/fuji-electric-patches-vulnerabilities-hmi-software

Engineering Firm Exposed Electrical Infrastructure Details: Researchers
Misconfiguration Issues with systems operated by Texas-based electrical engineering operator Power Quality Engineering (PQE) resulted in the information of various clients being exposed to the Internet, along with sensisitve corprorate information from PQE itself, UpGuard security researchers warn.
http://www.securityweek.com/engineering-firm-exposed-electrical-infrastructure-details-researchers

Has healthcare misdiagnosed the cybersecurity problem?
Most senior leadership in healthcare is medically trained with a clinical background in an industry built on such noble concepts as “do no harm” and forward-thinking practices like evidence-based medicine. Through this lens, healthcare organizations regularly misinterpret the nature of the cybersecurity problem and consequently, how to treat it.
https://www.helpnetsecurity.com/2017/08/07/healthcare-cybersecurity-problem/

Fuzzing Tests Show ICS Protocols Least Mature
Fuzzing tests conducted last year by customers of Synopsys, a company that provides tools and services for designing chips and electronic systems, revealed that protocols used in industrial control systems (ICS) are the least mature.
http://www.securityweek.com/fuzzing-tests-show-ics-protocols-least-mature

Cyberattacks on GPS leave ships sailing in dangerous waters
And well they might after a recent spate of GPS jamming incidents involving these countries. Last year North Korea was accused of being behind the mass jamming of dozens of South Korean vessels that was serious enough to force them back to port.
https://nakedsecurity.sophos.com/2017/08/07/cyberattacks-on-gps-leave-ships-sailing-in-dangerous-waters/

Carmakers warned to focus on security of connected vehicles
Following up 2016’s demonstration of an attack in which the team disabled the car’s brakes via Wi-Fi, this year they remotely turned on the lights while opening and closing the doors, producing a slick video showing off their handiwork.
https://nakedsecurity.sophos.com/2017/08/09/carmakers-warned-to-focus-on-security-of-connected-vehicles/

Air Gap FAILs, Configuration Mistakes Causing ICS/SCADA Cyberattacks
It had the markings of a possible sabotage operation. Stealthy, patient cyber attackers had wrested control of an ICS/SCADA controller in a power plant and were rooting around in what appeared to be a reconnaissance effort to map out the plant’s infrastructure
https://www.darkreading.com/vulnerabilities—threats/air-gap-fails-configuration-mistakes-causing-ics-scada-cyberattacks-/d/d-id/1329608

Schneider Electric, Claroty Partner on Industrial Network Security
Energy management and automation giant Schneider Electric has teamed up with industrial cybersecurity startup Claroty to offer its customers solutions for protecting industrial control systems (ICS) and operational technology (OT) networks
http://www.securityweek.com/schneider-electric-claroty-partner-industrial-network-security

Exploited Windows Flaws Affect Siemens Medical Imaging Products
One advisory, published by both Siemens and ICS-CERT, warns of two critical Windows vulnerabilities that allow a remote, unauthenticated attacker to execute arbitrary code. The security holes impact Siemens Healthineers’ PET/CT and SPECT/CT medical imaging products running on Windows XP.
http://www.securityweek.com/exploited-windows-flaws-affect-siemens-medical-imaging-products

IoT Security: Where There is Smoke, There is Fire
We have collectively heard the saying, “where there is smoke, there is fire” throughout our lives. And, sure enough, it is true far more often than it is false. I have been seeing a lot of smoke lately, so I suspect that there is an interesting fire burning.
http://www.securityweek.com/iot-security-where-there-smoke-there-fire

Attacks on manufacturing industry continue to rise
The motivations for these attacks are often criminal in nature, including extortion via ransomware, industrial espionage, and theft of data such as account numbers. What poses an even greater problem is that when these breaches are successful, yet go undetected, they allow hackers to establish footholds in organizations’ networks where they have free reign to wreak havoc over extended periods.
https://www.helpnetsecurity.com/2017/08/09/attacks-manufacturing-industry-rise/

Posted in Uncategorized.