1-27-20 – News So Far This Year

Hackers Can Exploit Siemens Control System Flaws in Attacks on Power Plants
According to Siemens, the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impacted by 35 security holes, including weaknesses rated critical that can be exploited for denial-of-service (DoS) attacks or arbitrary code execution on the server.

Critical Remote Code-Execution Bugs Threaten Global Power Plants
Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution.

Critical Remote Code-Execution Bugs Threaten Global Power Plants

New Orleans mayor declares state of emergency in wake of city cyberattack
By 11 a.m., technician investigators detected “a cybersecurity incident” and the city’s information technology department began powering down servers and city computers as a precaution, the New Orleans Office of Homeland Security and Emergency Preparedness said in a series of tweets.

FDA Approves An Interoperable, Automated Insulin Pump
Dubbed the t:slim X2, this is an insulin pump that has been approved by the FDA where it can now work together with glucose monitoring devices like the Dexcom G6 glucose monitor. What this means is that as the monitor checks on the user’s glucose levels and based on that, it can dynamically adjust the required insulin levels to keep users in the safe glucose range.

Bill to Protect U.S. Energy Grid From Cyberattacks Passes With NDAA
The annual military bill includes the Securing Energy Infrastructure Act, which establishes a two-year pilot program within Energy Department national laboratories with the goal of identifying vulnerabilities and isolating critical grid systems.

Schneider Electric Patches Vulnerabilities in Modicon, EcoStruxure Products
The vendor says all three flaws are caused by “improper check for unusual or exceptional conditions.” Two of the vulnerabilities have been rated high severity, and one medium severity due to Schneider determining that the attack complexity is higher compared to the other two.Modicon controller vulnerabilities

Large Hospital System Hit by Ransomware Attack
The system said it was advised by experts not to disclose until Friday that it had been the victim of a ransomware attack. It said that its network’s primary clinical systems had returned to being operational, and that information technology specialists were working to bring all of its applications back online.

Internet of crap (encryption): IoT gear is generating easy-to-crack keys
This was the conclusion reached by the team at security house Keyfactor, which analyzed a collection of 75 million RSA certificates gathered from the open internet and determined that number combinations were being repeated at a far greater rate than they should, meaning encrypted connections could possibly be broken by attackers who correctly guess a key.

Several Critical Vulnerabilities Found in WAGO Controllers
Several critical vulnerabilities found by Cisco Talos researchers in programmable logic controllers (PLCs) made by WAGO can be exploited remotely for arbitrary code execution and denial-of-service (DoS) attacks.

Medigate and Cerner provide medical device security across healthcare orgs
For clients that choose to implement Medigate’s medical device security and asset management, Cerner’s team of cybersecurity experts will be equipped to help accurately inventory IoT and IoMT environments and support creation of effective clinical-based policies that help protect all connected devices and reduce the risk of cyberattacks.

Medigate and Cerner provide medical device security across healthcare orgs

ICS security challenges and how to overcome them
Security cannot be an afterthought in internet-connected industrial control systems. IEEE member Kayne McGladrey offers best practices to stay safe in a connected world.

Connected medical devices experts highlight IoT remote monitoring
Medical technology manufacturers were one of the early adopters of IIoT, but that doesn’t mean manufacturers know how to get started with IoT remote monitoring.

Oddly specific ‘cyber attack’ hits Alaskan airline RavnAir and one plane type
RavnAir Group declared on 21 December that it had “experienced a malicious cyber attack on our company’s IT network” the day before, causing it to cancel all of its flights operated with Dash 8s on its RavnAir Alaska airline.

Las Vegas Suffers Cyberattack on First Day of CES
On the opening day of the huge Consumer Electronics Show (CES), officials in Las Vegas were busy assessing the damage from a cyberattack that hit the city. Officials there reportedly said preliminary analysis indicated that no sensitive data was compromised in the attack, which began around 4:30 a.m. local time Tuesday, Jan. 7.

Car Hacking Hits the Streets
The top-three carmakers sell only connected vehicles in the United States – and other manufacturers are catching up – creating a massive opportunity for attacks, which black-hat hackers are not overlooking.

Threat Posed by Iran to Industrial Systems After Killing of Top General
Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems (ICS), organizations have still been advised to prepare for the possibility of being targeted.

MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems
MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems (ICS).

ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more.

ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries

Smart cities are on the rise, what are the dangers?
A combination of job prospects, local amenities and other attractions is drawing more people to city living than ever before. Indeed, the UN estimates that by 2050 two-thirds of the global population will be living in cities, up from just over half currently. However, at the same time central government investment for urban areas continues to shrink, with UK cities being on “life support” due to lack of funding from Westminster for instance.

Smart cities are on the rise, what are the dangers?

Connected Cars Moving Targets for Hackers
Israeli cybersecurity firm GuardKnox demonstrated the threat in a Formula 1 driving simulation at the Consumer Electronics show this week in Las Vegas.

More Threat Groups Target Electric Utilities in North America
As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases

Here’s What We Know About the Password Spraying Attacks Conducted by Iranian Hackers
Yesterday, Dragos Inc., a cybersecurity outfit that focuses on the protection of industrial control systems (ICS), published a report which details the activities of eleven Iran-linked hacking groups, and, more specifically, their attacks against the US’ electrical grid.

Oil-and-Gas APT Pivots to U.S. Power Plants
That’s according to a report from Dragos, released Thursday, which noted that the discovery is part of a broader trend in which cybercriminals focused on critical infrastructure are branching out from a single-vertical operation to multiple industrial sectors. While that reality doesn’t necessarily threaten a physically disruptive attack, it also certainly doesn’t rule it out, the firm said.

Oil-and-Gas APT Pivots to U.S. Power Plants

Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
Consumer Reports has issued a letter to 25 connected camera manufacturers, urging them to adopt stronger security and privacy measures for cameras, doorbells, and security systems.

‘Fancy Bear’ Targets Ukrainian Oil Firm Burisma in Phishing Attack
Burisma Holdings, a Ukrainian oil & gas company, has been hit with a phishing campaign that began in early November 2019 and is ongoing, according to Area 1 Security, which spotted the campaign it says came out of the Main Intelligence Directorate of the General Staff of the Russian Army (GRU).

Industrial Control System Features at Risk
A new analysis of industrial control systems (ICS) running in the networks of oil and gas, power generation, refining and chemicals, pulp and paper, and mining industries sheds light on how some legitimate and deeply rooted product features and functions can actually threaten their security.

Design Weaknesses Expose Industrial Systems to Damaging Attacks
An analysis of industrial control systems (ICS) has shown that many products contain features and functions that have been designed with no security in mind, allowing malicious hackers to abuse them and potentially cause serious damage.

Iran-Linked RAT Used in Recent Attacks on European Energy Sector
Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan (RAT) previously associated with Iran-linked threat actors, Recorded Future reports.

FDA warns hospitals about security flaws in some GE medical equipment
Some GE medical equipment have vulnerabilities that make them easy to tamper with, according to the FDA. The agency has warned hospitals and healthcare providers that a third-party cybersecurity firm has identified flaws in certain GE Healthcare Clinical Information Central Stations and Telemetry Server models

MDhex vulnerabilities impact GE patient vital signs monitoring devices
The vulnerabilities impact seven GE Healthcare devices meant for patient vital signs monitoring. These are devices installed near patient beds, meant to collect data from sick patients, and send it back to a telemetry server, monitored by clinical staff.

RSA Conference 2020 Sandbox

In past years, the RSA Conference has run a Sandbox space, hosting groups like the ICS Village, Car Hacking Village, and IoT Village.

This year the Sandbox area will be greatly expanded, and will include the Biohacking Village, Voting Village, Aerospace Village.

Totally new this year, we will be running a Supply Chain Sandbox. Supply chain management is a critical factor of business success. At RSAC 2020, we’ll explore the impacts of supply chain issues and learn concepts and approaches to manage software supply chains more effectively.

If you’re at RSA come by and see us. We also have a discount code for $150 off, if you haven’t already registered: 30UIACFCD

12-9-19 – News This Past Month

New 5G flaws can track phone locations and spoof emergency alerts
Security researchers at Purdue University and the University of Iowa have found close to a dozen vulnerabilities, which they say can be used to track a victim’s real-time location, spoof emergency alerts that can trigger panic or silently disconnect a 5G-connected phone from the network altogether.

New 5G flaws can track phone locations and spoof emergency alerts

NTSB Investigation Into Deadly Uber Self-Driving Car Crash Reveals Lax Attitude Toward Safety
The Uber car that hit and killed Elaine Herzberg in Tempe, Ariz., in March 2018 could not recognize all pedestrians, and was being driven by an operator likely distracted by streaming video, according to documents released by the U.S. National Transportation Safety Board (NTSB) this week.

US-CERT warns of critical flaws in Medtronic equipment
The problem this time is in the Valleylab FT10 (V4.0.0 and below) and Valleylab FX8 (v1.1.0 and below), electrosurgical generators used by surgeons for procedures such as cauterisation during operations.
US-CERT warns of critical flaws in Medtronic equipment

Trend Micro Launches New ICS Security Solutions
The number of Industrial Internet of Things (IIoT) devices that control and monitor industrial processes such as manufacturing is expected to continue to grow, the same as the number of reported ICS vulnerabilities, which went up 224% from 2017 to 2018.

IoT Security Woes Plague Healthcare Industry
More hospitals are adopting internet of things (IoT) devices, from wearables to smart insulin pens. But neither hospitals nor the device manufacturers themselves are ready to address the onslaught of security and privacy challenges that come with medical connected devices.

IoT Security Woes Plague Healthcare Industry

US-CERT Warns of Remotely Exploitable Bugs in Medical Devices
Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.

Undocumented Access Feature Exposes Siemens PLCs to Attacks
Siemens is working on addressing a vulnerability that can be exploited by a skilled attacker to execute arbitrary code on its SIMATIC S7-1200 programmable logic controller (PLC) by abusing a hardware-based access mode

Security of North American Energy Grid Tested in GridEx Exercise
The grid security exercise, GridEx V, was organized last week by the North American Electric Reliability Corporation (NERC) and it was hosted by its Electricity Information Sharing and Analysis Center (E‑ISAC).

A Notorious Iranian Hacking Crew Is Targeting Industrial Control Systems
The recent shift away from IT networks raises the possibility that Iran’s APT33 is exploring physically disruptive cyberattacks on critical infrastructure.

5G security and privacy for smart cities
The 5G telecommunications revolution is imminent. It is the next generation of cellular network, making use of the existing 4G LTE in addition to opening up the millimeter wave band. 5G will be able to welcome more network-connected devices and increase speeds considerably for users. It will serve as the foundation for advanced services, including

5G security and privacy for smart cities

Iran’s APT33 sharpens focus on industrial control systems
Iran’s elite hacking group is upping its game, according to new evidence delivered at a cybersecurity conference this week. The country’s APT33 cyberattack unit is evolving from simply scrubbing data on its victims’ networks and now wants to take over its targets’ physical infrastructure by manipulating industrial control systems (ICS), say reports.
Iran’s APT33 sharpens focus on industrial control systems

How Medical Device Vendors Hold Healthcare Security for Ransom
While being pummeled by ransomware attacks, healthcare centers also face growing IoT-related threats. Here’s how they manage security amid a complex set of risks.

Compromised by Connection: 5G Will Unite Cities and Also Put Them at Risk
Watch enough old science fiction movies, and you’re bound to look outside and wonder why the cars on the road don’t drive themselves, why the litter on the sidewalk hasn’t been cleaned up by drones, and why robots aren’t whizzing by with bags full of groceries. The present, it seems, has failed to make good on past promises of the future.

Bon sang! French hospital contracts 6,000 PC-locking ransomware infection
Rouen’s Centre Hospitalier Universitaire (CHU) reverted to pen and paper instead of computerised record-keeping during last week’s attack, according to Le Monde.

What’s the answer for 5G security?
Learn about the planning of 3GPP in developing specifications for 5G security in this synopsis of 5G Americas’ white paper, ‘The Evolution of Security in 5G.’

5G IoT security: Opportunity comes with risks
Slowly but surely, 5G digital cellular networks are being set up around the world

5G IoT security: Opportunity comes with risks

Hacking robotic vehicles is easier than you might think
Robotic vehicles like Amazon delivery drones or Mars rovers can be hacked more easily than people may think, a research from the University of British Columbia suggests.

Hacking robotic vehicles is easier than you might think

Uber’s first safety review contains thousands of sexual assault reports
Over the last few years Uber — among other ridesharing services — has been accused of failing to respond adequately to reports of sexual assault and other crimes linked to those on its platform. Now the company has released its first safety report (PDF), along with a number of notes about steps it’s taking to make things safer for passengers and drivers.

Moxa Addresses Industrial AP Vulnerabilities Several Months After Disclosure
More than a dozen serious vulnerabilities have been found in an industrial wireless access point (AP) made by Taiwan-based industrial networking and automation solutions provider Moxa, but the vendor only addressed the flaws several months after exploits were made public.

11-11-19 – News This Past Week

DHS Warns of Critical Flaws in Medtronic Medical Devices
An advisory published by the DHS’s Cybersecurity & Infrastructure Security Agency (CISA) warns of three recently patched vulnerabilities in Medtronic Valleylab FT10 and FX8 devices that could allow attackers to install a non-root shell.

Hospital Cyberattacks Linked to Increase in Heart Attack Mortality
Ransomware attacks and data breaches targeting hospitals may cause a higher mortality rate among heart patients in the months and years after an incident, Vanderbilt University researchers report, as breach remediation time interferes with patient care and outcomes.

Man Pleads Guilty to Remotely Controlling His Girlfriend’s Car With a Computer
The 38-year-old man, who worked as a mechanic for the Army’s Royal Australian Corps of Transport at the time, allegedly engaged in a string of unhinged behavior that left his former partner with a fear of technology, according to a report for Australia’s ABC News.

Only 47% of cybersecurity pros are prepared to deal with attacks on their IoT devices
Fewer than half (47%) of cybersecurity professionals have a plan in place to deal with attacks on their IoT devices and equipment, despite that fact that nine out of ten express concerns over future threats, according to the Neustar International Security Council (NISC) research.

Only 47% of cybersecurity pros are prepared to deal with attacks on their IoT devices

How to Secure Critical Infrastructure When Patching Isn’t Possible
Securing such critical infrastructure systems introduces a frustrating paradox: On the one hand, defending safety-critical systems is key because any maliciously motivated malfunction invites potential disaster. Yet our need for these crucial systems to be “always-on” complicates standard cyber-procedures.

How to Secure Critical Infrastructure When Patching Isn’t Possible

Boeing’s insecure networks threaten security and safety
Aircraft manufacturer Boeing’s insecure networks leave the company–and potentially its aircraft–at risk of exploitation. Security researcher Chris Kubecka uncovered these threats in April, and new reporting by CSO’s J.M. Porup reveals little has been done to patch these vulnerabilities. They both join Juliet to discuss how Kubecka discovered this information and what it means for national security and passenger safety.

11-4-19 – News This Past Week

Details of Attack on Electric Utility Emerge
The March 5 DDoS attack interrupted communications between generating facilities and the electrical grid in three western states

Cisco Firewall Exploited in Attack on U.S. Renewable Energy Firm
A report published earlier this year by the National Energy Technology Laboratory revealed that a cyber event caused problems at a utility in the western part of the U.S. on March 5. The incident affected California, Utah and Wyoming, but it did not result in any power outages.

ICS Attackers Set To Inflict More Damage With Evolving Tactics
While it remains difficult to attack critical infrastructure successfully, adversaries aim to use past experience to launch more destructive future attacks, according to analysis.

ICS Attackers Set To Inflict More Damage With Evolving Tactics

Indian nuclear power plant’s network was hacked, officials confirm
In a press release today, NPCIL Associate Director A. K. Nema stated, “Identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In [India’s national computer emergency response team] when it was noticed by them on September 4, 2019.”

Critical Vulnerabilities Found in Rittal Cooling System
Rittal, a subsidiary of German manufacturing and services company Friedhelm Loh Group, specializes in making enclosure systems for industrial environments and data centers

Indian nuke plant’s network reportedly hit by malware tied to N. Korea
A former analyst for India’s National Technical Research Organization (NTRO) has tied a malware report published by VirusTotal to a cyber attack on India’s Kudankulam Nuclear Power Plant. The malware, identified by researchers as North Korea’s Dtrack, was reported by Pukhraj Singh to have gained “domain controller-level access” at Kudankulam. The attack has been reported to the government.

Pwn2Own Adds Industrial Control Systems to Hacking Contest
Vulnerability research competition Pwn2Own is expanding to include industrial control system (ICS), giving researchers an opportunity to hunt for bugs in popular ICS software and protocols.

Industrial equipment to come under fire at the world’s largest hacking contest
Software for industrial equipment will be the primary focus of the next edition of Pwn2Own, the world’s largest and most well-known hacking contest.

10-28-19 – News This Past Week

Upstream Security raises $30 million to protect connected cars from cyberattacks
Upstream Security, a cloud-based cybersecurity platform for connected cars, has raised $30 million in a series B round of funding led by Alliance Ventures, an automotive alliance constituting Renault, Mitsubishi, and Nissan. Volvo Group, Hyundai, CRV, Glilot Capital, Maniv Mobility, and Nationwide also participated in the round.

Upstream Security raises $30 million to protect connected cars from cyberattacks

Outdated OSs Still Present in Many Industrial Organizations
The company’s 2020 Global IoT/ICS Risk Report is based on data passively collected by CyberX from over 1,800 networks around the world between October 2018 and October 2019. It’s worth mentioning that the previous annual risk report from CyberX was based on information from roughly 850 networks

Japanese hotel chain sorry that hackers may have watched guests through bedside robots
Japanese hotel chain HIS Group has apologised for ignoring warnings that its in-room robots were hackable to allow pervs to remotely view video footage from the devices.

Some ICS Security Incidents Resulted in Injury, Loss of Life
CS2AI is a non-profit organization focused on the growth and expansion of networking opportunities and professional development of everyone involved in the field of control systems cybersecurity. The organization, which currently has over 16,000 members worldwide, is conducting a yearly analysis of the state of ICS cybersecurity through a survey that aims to help answer key questions on how critical systems can be best protected.

The Threat to SoHo IoT Devices is Growing Rapidly
A network of 50 honeypots deployed around the world has been catching and monitoring attacks against IoT devices. Such detected attacks have increased almost nine-fold between H1 2018 and H1 2019, from 12 million to 105 million. During the same period, the number of unique attacking IP addresses increased from 69,000 to 276,000.

Integrating security into IoT projects is not easy, but it’s increasingly urgent
Much of that data will be sensitive, whether about an individual’s privacy or confidential business information. As such, it presents a lucrative opportunity for threat actors, as data has become a highly commoditized asset in modern societies.

Integrating security into IoT projects is not easy, but it’s increasingly urgent

10-21-19 – News This Past Week

Security still top priority as more enterprises scale IoT solutions company-wide
The Zebra Technologies Corporation global survey analyzes the extent to which companies connect the physical and digital worlds to drive innovation through real-time guidance, data-powered environments and collaborative mobile workflows.

Security still top priority as more enterprises scale IoT solutions company-wide

IoT Attacks Up Significantly in First Half of 2019
New research shows attacks increased ninefold year-over-year, coming from more than a quarter-million unique IP addresses

Why Bricking Vulnerable IoT Devices Comes with Unintended Consequences
Infosec vigilantism can cause serious harm in the era of industrial IoT and connected medical devices.

Microsegmentation for refining safety systems
When the TRITON (aka TRISIS) attack struck three refining sites in the Middle East in November of 2017, it was the first known cyber incident to target safety instrumented systems (SIS), specifically Schneider Electric’s Triconex gear

Microsegmentation for refining safety systems

IoT: a malware story
Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot install any kind of security software. How do we deal with that?

IoT: a malware story

“Smart city” governments should also be smart about security
While the definition of “smart city” is still under debate, one thing is indisputable: the technologies used to make smart cities a reality are currently acquired and deployed after very little (or even no) security testing.

“Smart city” governments should also be smart about security

US, UK: Russian Hackers Hijacked Iranian Malware, Infrastructure
The U.S. National Security Agency (NSA) and Britain’s National Cyber Security Centre (NCSC) reported on Monday that the Russia-linked threat group known as Turla has hijacked malware and infrastructure from Iranian hackers.

10-14-19 – News This Past Week

Experts expect hospital ransomware attacks to continue
One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.

Utilities’ Operational Networks Continue to Be Vulnerable
More than half of utilities have suffered an outage or data loss in the last 12 months, but only a minority of organizations seem ready for an attack that could affect operations, a survey finds.

Vulnerabilities Expose TwinCAT Industrial Systems to DoS Attacks
A couple of vulnerabilities affecting the TwinCAT PLC runtime from Beckhoff can be exploited for denial-of-service (DoS) attacks, which may be triggered by malicious actors or by accident.

Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers
There are a total of 11 security holes affecting Modicon M580, M340, BMENOC 0311, BMENOC 0321, Quantum (no longer supported), Premium, and Modicon BMxCRA and 140CRA modules. The M580 PLC, which is the newest Modicon controller, is the only one affected by all the vulnerabilities, while the rest are impacted by 2-8 flaws.

Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey
Representatives of the utilities industry believe the risk of cyberattacks on the sector has increased and many expect an attack on critical infrastructure in the next year, according to a study conducted by Siemens and the Ponemon Institute.

Can microsegmentation help IoT security?
Deploying microsegmentation as part of a broad IoT security strategy can enable more granular control of network systems and better isolation if a security flaw is exploited.

ICS cybersecurity investment should be a priority in protecting operations from disruption
93% of ICS security professionals are concerned about cyberattacks causing operational shutdown or customer-impacting downtime, according to a Tripwire survey.

A glimpse into the present state of security in robotics
The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across the globe.

New data analysis approach could strengthen the security of IoT devices
A multi-pronged data analysis approach that can strengthen the security of IoT devices, such as smart TVs, home video cameras and baby monitors, against current risks and threats has been created by a team of Penn State World Campus students.

Hospitals Resume Accepting Patients After Malware Attack
The DCH Health System said its hospitals in the west Alabama cities of Tuscaloosa, Northport and Fayette resumed admitting patients Thursday, and its imaging and patient scheduling services were going back online Friday.

10-7-19 – News This Past Bit

Honeywell Launches New Industrial Cybersecurity Platform
Honeywell on Wednesday announced the launch of a new industrial cybersecurity platform designed to help organizations protect their operational technology (OT) and industrial internet of things (IIoT) assets from cyber threats

76% medical devices of healthcare facilities in Philippines may be infected by malicious code
These are alarming numbers, and certainly demand that healthcare facilities take a serious look at their infrastructures, data storage, and human resources, to see how best to secure not just data of patients, but also secure all devices, from computers, laptops, mobile phones, to medical IoT devices that are critical for medical care and emergencies.

Kaspersky Unveils ICS Vulnerabilities Database
Kaspersky on Thursday announced the ICS Vulnerabilities Database, a new service designed to help industrial organizations keep track of relevant security flaws and protect their networks against potential threats.

California’s IoT Security Law Causing Confusion
The law, which goes into effect January 1, requires manufacturers to equip devices with ‘reasonable security feature(s).’ What that entails is still an open question.

Improving the security, privacy and safety of future connected vehicles
The security, privacy and safety of connected autonomous vehicles (CAVs) has been improved thanks to testing at WMG, University of Warwick.

Iran’s Oil Sector on ‘Full Alert’ Against Attacks
Iran’s oil minister on Sunday ordered his country’s energy sector to be on high alert to the threat of “physical and cyber” attacks.

German Auto and Defense Firm Rheinmetall Says Malware Hit Several Plants
Germany-based car parts and defense solutions provider Rheinmetall announced on Thursday that production at its automotive plants in the United States, Brazil and Mexico was disrupted as a result of a malware attack.

Threat landscape for smart buildings
The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among other things, the conference will address the security of automation systems in buildings — industrial versions of the now common smart home

SOHOpelessly Broken 2.0
Internet of Things (IoT) devices have always been vulnerable to a variety of security issues. In 2013, Independent Security Evaluators (ISE) performed research on IoT devices that showed how rich feature sets could be leveraged to compromise devices

Serious Flaws in CODESYS Products Expose Industrial Systems to Remote Attacks
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) last week published several advisories describing vulnerabilities in CODESYS products, many of which can be exploited remotely for arbitrary code execution, denial-of-service (DoS) attacks, and other purposes. 3S-Smart published its own advisories for most of the security bugs in late July.

Volkswagen’s bold plan to create a new car operating system
Discrete electronic control units started to appear under the hood, controlling fuel management or anti-lock brakes. New functions required new code, run on new little black boxes, metastasizing to the point where today, a new car might have up to 70 different modules, with software from as many as 200 different vendors

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction
For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine’s national grid operator, Ukrenergo

IoT devices still major target for cyberattacks
The firm’s “Attack Landscape H1 2019” report highlighted the threat unsecured IoT devices can pose to businesses and consumers as well as the continued popularity of Eternal Blue and similar exploits two years after the WannaCry ransomware was released on the world.

U.S. to Help Secure Baltic Energy Grid Against Cyber Attacks
US Energy Secretary Rick Perry and his Lithuanian, Latvian and Estonian counterparts termed the agreement “a critical moment for the Baltic States in strengthening cybersecurity” in strategic energy infrastructure.

Decades-Old Code Is Putting Millions of Critical Devices at Risk
In early August, the enterprise security firm Armis got a confusing call from a hospital that uses the company’s security monitoring platform. One of its infusion pumps contained a type of networking vulnerability that the researchers had discovered in a few weeks prior. But that vulnerability had been found in an operating system called VxWorks—which the infusion pump didn’t run.

The Impact of Recycling on Industrial Cyber Security
In the decade since the Stuxnet worm was discovered, multiple attacks that have been launched against operational technology (OT) networks including Shamoon, Havex, Wannycry, and Lockergoga. Looking back, a disturbing trend has emerged. Industrial attacks are being recycled.

Wyoming Hospital the Latest to Be Hit With Ransomware Attack
A hospital in Wyoming has become one of the latest ransomware victims, courtesy of an attack that began last Friday and continues to disrupt operations.

New ‘Gucci’ IoT Botnet Targets Europe
Security researchers with SecNiche Security Labs have discovered a new piece of malware that attempts to ensnare Internet of Things (IoT) devices in Europe into a distributed denial-of-service (DDoS)-capable botnet

Ransomware forces 3 hospitals to turn away all but the most critical patients
Ten hospitals—three in Alabama and seven in Australia—have been hit with paralyzing ransomware attacks that are affecting their ability to take new patients, it was widely reported on Tuesday.

Medical Practice Closing Permanently After Ransomware Attack
Wood Ranch Medical, a small medical provider located in Simi Valley, CA, is closing after a ransomware attack. A statement explaining the incident and announcing the closure is all that is left on the firm’s website. The practice will close on December 17, 2019.

Advanced ICS/SCADA Hacking Training Offered at SecurityWeek’s 2019 ICS Cyber Security Conference
Conducted in partnership with critical infrastructure cyber security firm Applied Risk, the Advanced ICS/SCADA Hacking training will enable participants to increase their knowledge of security analysis and exploitation methodologies for evaluating the cyber resilience of industrial environments and hardware, and is designed to further advance the skills of technical staff responsible for securing ICS environments

Measuring the Security of IoT Devices
In August, CyberITL completed a large-scale survey of software security practices in the IoT environment, by looking at the compiled software

Ransomware attacks paralyze, and sometimes crush, hospitals
Major hospitals and some health clinics in the US and Australia have been crippled in new ransomware attacks, forcing some into emergency manual mode and one to close permanently due to extensive loss of patient healthcare records encrypted by data kidnappers.

Researcher Shows How Adversaries Can Gather Intel on U.S. Critical Infrastructure
A researcher has used a free tool that he created and open source intelligence (OSINT) to demonstrate how easy it is for adversaries to gather intelligence on critical infrastructure in the United States.

9-16-19 – News This Past Week

Securing a Connected Future: 5G and IoT Security
Already available in some cities, 5G is ushering in an entirely new set of standards for global wireless communications. As the IoT-era continues to come into its own, businesses developing automotive, healthcare, industrial, energy and other IoT applications are planning with 5G in mind for a lot of reasons

Russian Hackers Behind Ukraine Power Outage May Have Sought More Damage
The Russia-linked hackers who triggered a power outage in Ukraine back in 2016 may have hoped to cause much more damage, according to a report published recently by U.S.-based industrial cybersecurity firm Dragos

To secure industrial IoT, use segmentation instead of firewalls
Firewalls have been the de facto standard for securing internal devices for years, but the industrial internet of things (IIoT) will change that.

IIoT security challenges: Dealing with cutting edge technologies
Dr. Jesus Molina is the Director of Business Development at Waterfall Security Solutions, and in this interview with Help Net Security he talks about the security issues related to emerging technologies

Designing IoT security: Experts warn against cutting corners
Security, though costly, is essential for IoT devices; a single breach can destroy a company’s reputation. IoT security by design can avoid devastating incidents

Siemens Issues Advisories for DejaBlue, SACK Panic Vulnerabilities
Siemens says the DejaBlue flaws impact some of its Aptio, Atellica, CentraLink, Iontris, MAGNETOM, MagicLinkA, MagicView, Medicalis, Screening Navigator, Somatom, syngo and Teamplay products. For many of these products Siemens recommends installing the patches from Microsoft, but for others the company is working on providing its own fixes

Cyberattack Disrupted Firewalls at U.S. Power Utility
A denial-of-service (DoS) attack that caused disruptions at a power utility in the United States earlier this year exploited a known vulnerability in a firewall used by the affected organization.