10-7-19 – News This Past Bit

Honeywell Launches New Industrial Cybersecurity Platform
Honeywell on Wednesday announced the launch of a new industrial cybersecurity platform designed to help organizations protect their operational technology (OT) and industrial internet of things (IIoT) assets from cyber threats
https://www.securityweek.com/honeywell-launches-forge-industrial-cybersecurity-platform

76% medical devices of healthcare facilities in Philippines may be infected by malicious code
These are alarming numbers, and certainly demand that healthcare facilities take a serious look at their infrastructures, data storage, and human resources, to see how best to secure not just data of patients, but also secure all devices, from computers, laptops, mobile phones, to medical IoT devices that are critical for medical care and emergencies.
https://www.cybersecasia.net/news/76-medical-devices-of-healthcare-facilities-in-philippines-may-be-infected-by-malicious-code

Kaspersky Unveils ICS Vulnerabilities Database
Kaspersky on Thursday announced the ICS Vulnerabilities Database, a new service designed to help industrial organizations keep track of relevant security flaws and protect their networks against potential threats.
https://www.securityweek.com/kaspersky-unveils-ics-vulnerabilities-database

California’s IoT Security Law Causing Confusion
The law, which goes into effect January 1, requires manufacturers to equip devices with ‘reasonable security feature(s).’ What that entails is still an open question.
https://www.darkreading.com/iot/californias-iot-security-law-causing-confusion/d/d-id/1335863

Improving the security, privacy and safety of future connected vehicles
The security, privacy and safety of connected autonomous vehicles (CAVs) has been improved thanks to testing at WMG, University of Warwick.
https://www.helpnetsecurity.com/2019/09/19/connected-autonomous-vehicles-security/

Iran’s Oil Sector on ‘Full Alert’ Against Attacks
Iran’s oil minister on Sunday ordered his country’s energy sector to be on high alert to the threat of “physical and cyber” attacks.
https://www.securityweek.com/irans-oil-sector-full-alert-against-attacks

German Auto and Defense Firm Rheinmetall Says Malware Hit Several Plants
Germany-based car parts and defense solutions provider Rheinmetall announced on Thursday that production at its automotive plants in the United States, Brazil and Mexico was disrupted as a result of a malware attack.
https://www.securityweek.com/german-auto-and-defense-firm-rheinmetall-says-malware-hit-several-plants

Threat landscape for smart buildings
The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among other things, the conference will address the security of automation systems in buildings — industrial versions of the now common smart home
https://securelist.com/smart-buildings-threats/93322/

SOHOpelessly Broken 2.0
Internet of Things (IoT) devices have always been vulnerable to a variety of security issues. In 2013, Independent Security Evaluators (ISE) performed research on IoT devices that showed how rich feature sets could be leveraged to compromise devices
https://www.ise.io/whitepaper/sohopelessly-broken-2/

Serious Flaws in CODESYS Products Expose Industrial Systems to Remote Attacks
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) last week published several advisories describing vulnerabilities in CODESYS products, many of which can be exploited remotely for arbitrary code execution, denial-of-service (DoS) attacks, and other purposes. 3S-Smart published its own advisories for most of the security bugs in late July.
https://www.securityweek.com/serious-flaws-codesys-products-expose-industrial-systems-remote-attacks

Volkswagen’s bold plan to create a new car operating system
Discrete electronic control units started to appear under the hood, controlling fuel management or anti-lock brakes. New functions required new code, run on new little black boxes, metastasizing to the point where today, a new car might have up to 70 different modules, with software from as many as 200 different vendors
https://arstechnica.com/cars/2019/09/volkswagen-audi-porsche-vw-group-plans-one-os-to-rule-them-all/

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction
For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine’s national grid operator, Ukrenergo
https://www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/

IoT devices still major target for cyberattacks
The firm’s “Attack Landscape H1 2019” report highlighted the threat unsecured IoT devices can pose to businesses and consumers as well as the continued popularity of Eternal Blue and similar exploits two years after the WannaCry ransomware was released on the world.
https://www.techradar.com/news/iot-devices-still-major-target-for-cyberattacks

U.S. to Help Secure Baltic Energy Grid Against Cyber Attacks
US Energy Secretary Rick Perry and his Lithuanian, Latvian and Estonian counterparts termed the agreement “a critical moment for the Baltic States in strengthening cybersecurity” in strategic energy infrastructure.
https://www.securityweek.com/us-help-secure-baltic-energy-grid-against-cyber-attacks

Decades-Old Code Is Putting Millions of Critical Devices at Risk
In early August, the enterprise security firm Armis got a confusing call from a hospital that uses the company’s security monitoring platform. One of its infusion pumps contained a type of networking vulnerability that the researchers had discovered in a few weeks prior. But that vulnerability had been found in an operating system called VxWorks—which the infusion pump didn’t run.
https://www.wired.com/story/urgent-11-ipnet-vulnerable-devices/

The Impact of Recycling on Industrial Cyber Security
In the decade since the Stuxnet worm was discovered, multiple attacks that have been launched against operational technology (OT) networks including Shamoon, Havex, Wannycry, and Lockergoga. Looking back, a disturbing trend has emerged. Industrial attacks are being recycled.
https://www.securityweek.com/impact-recycling-industrial-cyber-security

Wyoming Hospital the Latest to Be Hit With Ransomware Attack
A hospital in Wyoming has become one of the latest ransomware victims, courtesy of an attack that began last Friday and continues to disrupt operations.
https://www.darkreading.com/attacks-breaches/wyoming-hospital-the-latest-to-be-hit-with-ransomware-attack/d/d-id/1335895

New ‘Gucci’ IoT Botnet Targets Europe
Security researchers with SecNiche Security Labs have discovered a new piece of malware that attempts to ensnare Internet of Things (IoT) devices in Europe into a distributed denial-of-service (DDoS)-capable botnet
https://www.securityweek.com/new-gucci-iot-botnet-targets-europe

Ransomware forces 3 hospitals to turn away all but the most critical patients
Ten hospitals—three in Alabama and seven in Australia—have been hit with paralyzing ransomware attacks that are affecting their ability to take new patients, it was widely reported on Tuesday.
https://arstechnica.com/information-technology/2019/10/hamstrung-by-ransomware-10-hospitals-are-turning-away-some-patients/

Medical Practice Closing Permanently After Ransomware Attack
Wood Ranch Medical, a small medical provider located in Simi Valley, CA, is closing after a ransomware attack. A statement explaining the incident and announcing the closure is all that is left on the firm’s website. The practice will close on December 17, 2019.
https://www.securityweek.com/medical-practice-closing-permanently-after-ransomware-attack

Advanced ICS/SCADA Hacking Training Offered at SecurityWeek’s 2019 ICS Cyber Security Conference
Conducted in partnership with critical infrastructure cyber security firm Applied Risk, the Advanced ICS/SCADA Hacking training will enable participants to increase their knowledge of security analysis and exploitation methodologies for evaluating the cyber resilience of industrial environments and hardware, and is designed to further advance the skills of technical staff responsible for securing ICS environments
https://www.securityweek.com/advanced-icsscada-hacking-training-offered-securityweeks-2019-ics-cyber-security-conference

Measuring the Security of IoT Devices
In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software
https://www.schneier.com/blog/archives/2019/10/measuring_the_s.html

Ransomware attacks paralyze, and sometimes crush, hospitals
Major hospitals and some health clinics in the US and Australia have been crippled in new ransomware attacks, forcing some into emergency manual mode and one to close permanently due to extensive loss of patient healthcare records encrypted by data kidnappers.
https://nakedsecurity.sophos.com/2019/10/03/ransomware-attacks-paralyze-and-sometimes-crush-hospitals/

Researcher Shows How Adversaries Can Gather Intel on U.S. Critical Infrastructure
A researcher has used a free tool that he created and open source intelligence (OSINT) to demonstrate how easy it is for adversaries to gather intelligence on critical infrastructure in the United States.
https://www.securityweek.com/researcher-shows-how-adversaries-can-gather-intel-us-critical-infrastructure

Posted in Uncategorized.