10-14-19 – News This Past Week

Experts expect hospital ransomware attacks to continue
One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.
https://searchsecurity.techtarget.com/news/252472010/Experts-expect-hospital-ransomware-attacks-to-continue

Utilities’ Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.
https://www.darkreading.com/security-management/utilities-operational-networks-continue-to-be-vulnerable/d/d-id/1336035

Vulnerabilities Expose TwinCAT Industrial Systems to DoS Attacks
A couple of vulnerabilities affecting the TwinCAT PLC runtime from Beckhoff can be exploited for denial-of-service (DoS) attacks, which may be triggered by malicious actors or by accident.
https://www.securityweek.com/vulnerabilities-expose-twincat-industrial-systems-dos-attacks

Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers
There are a total of 11 security holes affecting Modicon M580, M340, BMENOC 0311, BMENOC 0321, Quantum (no longer supported), Premium, and Modicon BMxCRA and 140CRA modules. The M580 PLC, which is the newest Modicon controller, is the only one affected by all the vulnerabilities, while the rest are impacted by 2-8 flaws.
https://www.securityweek.com/cisco-finds-11-vulnerabilities-schneider-electric-modicon-controllers

Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey
Representatives of the utilities industry believe the risk of cyberattacks on the sector has increased and many expect an attack on critical infrastructure in the next year, according to a study conducted by Siemens and the Ponemon Institute.
https://www.securityweek.com/many-utilities-sector-expect-attacks-critical-infrastructure-survey

Can microsegmentation help IoT security?
Deploying microsegmentation as part of a broad IoT security strategy can enable more granular control of network systems and better isolation if a security flaw is exploited.
https://www.networkworld.com/article/3442753/iot-can-be-a-security-minefield-can-microsegmentation-help.html

ICS cybersecurity investment should be a priority in protecting operations from disruption
93% of ICS security professionals are concerned about cyberattacks causing operational shutdown or customer-impacting downtime, according to a Tripwire survey.
https://www.helpnetsecurity.com/2019/10/11/ics-cybersecurity-investment/

A glimpse into the present state of security in robotics
The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across the globe.
https://securelist.com/robots-social-impact/94431/

New data analysis approach could strengthen the security of IoT devices
A multi-pronged data analysis approach that can strengthen the security of IoT devices, such as smart TVs, home video cameras and baby monitors, against current risks and threats has been created by a team of Penn State World Campus students.
https://www.helpnetsecurity.com/2019/10/14/data-analysis-and-iot-security/

Hospitals Resume Accepting Patients After Malware Attack
The DCH Health System said its hospitals in the west Alabama cities of Tuscaloosa, Northport and Fayette resumed admitting patients Thursday, and its imaging and patient scheduling services were going back online Friday.
https://www.securityweek.com/hospitals-resume-accepting-patients-after-malware-attack

Posted in Uncategorized.