04-16-18 – News This Past Week

The way we regulate self-driving cars is broken—here’s how to fix it
The key issue is this: the current system is built around an assumption that cars will be purchased and owned by customers. But the pioneers of the driverless world—including Waymo, Cruise, and Uber—are not planning to sell cars to the public. Instead, they’re planning to build driverless taxi services that customers will buy one ride at a time
https://arstechnica.com/cars/2018/04/the-way-we-regulate-self-driving-cars-is-broken-heres-how-to-fix-it/

Critical Infrastructure Threat Is Much Worse Than We Thought
Last October the United States Computer Emergency Readiness Team (US-CERT) published a technical alert on advanced persistent threat (APT) activity targeting energy and other critical infrastructure sectors. Recently, it was updated with new information uncovered since the original report, and there are some interesting revelations this time around
https://www.securityweek.com/critical-infrastructure-threat-much-worse-we-thought

Schneider Electric Patches 16 Flaws in Building Automation Software
U.motion is a building automation solution used around the world in the commercial facilities, critical manufacturing and energy sectors. U.motion Builder is a tool that allows users to create projects for their U.motion devices.
https://www.securityweek.com/schneider-electric-patches-16-flaws-building-automation-software

6 Myths About IoT Security
Here are common misconceptions about these securing these devices – and tips for locking them down.
https://www.darkreading.com/attacks-breaches/6-myths-about-iot-security/d/d-id/1331408

Splunk turns data processing chops to Industrial IoT
Splunk has always been known as a company that can sift through oodles of log or security data and help customers surface the important bits. Today, it announced it was going to try to apply that same skill set to Industrial Internet of Things data.

Splunk turns data processing chops to Industrial IoT

A LONG-AWAITED IOT CRISIS IS HERE, AND MANY DEVICES AREN’T READY
YOU KNOW BY now that Internet of Things devices like your router are often vulnerable to attack, the industry-wide lack of investment in security leaving the door open to a host of abuses. Worse still, known weaknesses and flaws can hang around for years after their initial discovery. Even decades. And Monday, the content and web services firm Akamai published new findings that it has observed attackers actively exploiting a flaw in devices like routers and video game consoles that was originally exposed in 2006
https://www.wired.com/story/upnp-router-game-console-vulnerabilities-exploited/

Flaw in Emergency Alert Systems Could Allow Hackers to Trigger False Alarms
The emergency alert sirens are used worldwide to alert citizens about natural disasters, man-made disasters, and emergency situations, such as dangerous weather conditions, severe storms, tornadoes and terrorist attacks
https://thehackernews.com/2018/04/hacking-emergency-alert-sirens.html

Industrial Internet Consortium Develops New IoT Security Maturity Model
The Industrial Internet Consortium (IIC) has developed a new IoT Security Maturity Model (SMM), building on its own security framework and reference architecture. This week it has published the first of two papers: IoT Security Maturity Model: Description and Intended Use. This is primarily a high-level overview aimed at the less technical of IoT stakeholders
https://www.securityweek.com/industrial-internet-consortium-develops-new-iot-security-maturity-model

Electrical Substations Exposed to Attacks by Flaws in Siemens Devices
On March 8, Siemens and ICS-CERT published advisories to warn organizations of the existence of three vulnerabilities in SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices, which provide integrated protection, control, measurement, and automation functions for electrical substations and other applications. The vendor has released patches and mitigations for each of the flaws
https://www.securityweek.com/electrical-substations-exposed-attacks-flaws-siemens-devices

Why Mass Transit Could Be the Next Big Target for Cyber Attacks—and What to do About it
The constantly evolving tools and methods of cyber attackers has resulted in specific industries becoming the unfortunate subjects of sudden upswings in incident volume and severity. In recent years, for example, we’ve seen waves of ransomware attacks in healthcare and large-scale customer data breaches in technology. So, this trend begs the question, who’s next?
https://www.securityweek.com/why-mass-transit-could-be-next-big-target-cyber-attacks%E2%80%94and-what-do-about-it

Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear text passwords, expose sensitive information, trigger a crash, and more.

Moxa plugs serious vulnerabilities in industrial secure router

Severe Flaws Expose Moxa Industrial Routers to Attacks
Cisco’s Talos intelligence and research group has reported identifying a total of 17 vulnerabilities in an industrial router from Moxa, including many high severity command injection and denial-of-service (DoS) flaws
https://www.securityweek.com/severe-flaws-expose-moxa-industrial-routers-attacks

04-09-18 – News This Past Week

Businesses Fear ‘Catastrophic Consequences’ of Unsecured IoT
Businesses’ concern about risk from the Internet of Things (IoT) is evolving faster than their security practices, according to a new survey about the danger of third-party devices. Risk management is still relatively immature, and it’s posing a threat to sensitive and confidential data, researchers report
https://www.darkreading.com/iot/businesses-fear-catastrophic-consequences-of-unsecured-iot-/d/d-id/1331476

Critical Flaws Expose Natus Medical Devices to Remote Attacks
According to Cisco, an attacker with access to the targeted network can remotely execute arbitrary code on the device or cause a service to crash by sending specially crafted packets. An attack does not require authentication
https://www.securityweek.com/critical-flaws-expose-natus-medical-devices-remote-attacks

“Open sesame”: Industrial network gear hackable with the right username
This week, two separate security alerts have revealed major holes in devices from Moxa, an industrial automation networking company. In one case, attackers could potentially send commands to a device’s operating system by using them as a username in a login attempt
https://arstechnica.com/information-technology/2018/04/open-sesame-industrial-network-gear-hackable-with-the-right-username/

Skilled Hackers Gaining Access to U.S. Energy Systems
iDefense hasn’t said who it believes may be behind the attacks. But U.S. federal agencies last month said hackers backed by the Russian government have targeted U.S. energy and other industries in a new wave of attacks since March 2016.
https://www.cio-today.com/article/index.php?story_id=107715

Four Gas Pipeline Firms Hit in Attack on Their EDI Service Provider
Several cybersecurity experts this week cautioned against underestimating the seriousness of a cyberattack on an EDI service provider that disrupted data communication services at four major US interstate gas pipeline companies in the last few days
https://www.darkreading.com/perimeter/four-gas-pipeline-firms-hit-in-attack-on-their-edi-service-provider/d/d-id/1331458

How critical infrastructure operators rate their security controls
Indegy revealed that nearly 60 percent of executives at critical infrastructure operators polled in a recent survey said they lack appropriate controls to protect their environments from security threats

How critical infrastructure operators rate their security controls

INSECURE SCADA SYSTEMS BLAMED IN RASH OF PIPELINE DATA NETWORK ATTACKS
After a cyberattack shut down numerous pipeline communication networks this week, experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments

Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks

Internet of Battle Things: a militarized IoT where “cognitive bandwidth constraints” require “autonomous cyber agents”
Alexander Kott is chief of the Network Science Division at the Army Research Laboratory; in a new paper, he rounds up several years’ worth of papers that he wrote or co-authored, along with some essays and articles by others, on what an “Internet of Battle Things” will look like.

Internet of Battle Things: a militarized IoT where “cognitive bandwidth constraints” require “autonomous cyber agents”

Several U.S. Gas Pipeline Firms Affected by Cyberattack
Several natural gas pipeline operators in the United States have been affected by a cyberattack that hit a third-party communications system, but the incident does not appear to have impacted operational technology
https://www.securityweek.com/several-us-gas-pipeline-firms-affected-cyberattack

Medical Device Security Startup Launches
Cynerio lands multi-million dollar funding round.
https://www.darkreading.com/risk/medical-device-security-startup-launches/d/d-id/1331444

Public Hearing on IoT Risks
The U.S. Consumer Product Safety Commission (CPSC, Commission, or we) will conduct a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products
https://www.schneier.com/blog/archives/2018/04/public_hearing_.html

Research Reports Reveal Concerns About IoT Risks and Microsoft Flaws
Multiple research reports released the week of March 26-30, reveal prevailing trends in the cyber-security attack landscape
http://www.eweek.com/security/research-reports-reveal-concerns-about-iot-risks-and-microsoft-flaws

Report Warns U.S. Industry About Need to Thwart Russian Cyber-Attacks
A report from the U.S. Computer Emergency Readiness Team provides a detailed look at how alleged Russian attackers planned and executed a long-term cyber-attack against unprepared energy installations
http://www.eweek.com/security/report-warns-u.s.-industry-about-need-to-thwart-russian-cyber-attacks

Nation-state hackers are attacking our trust in critical systems
In the last few years, the lines between cyber criminals and nation-states have become increasingly blurry and it has become obvious that the private sector is not capable of handling cyber threats on its own, Chris Inglis, former deputy director of the National Security Agency, told the crowd at World Cyber Security Congress this week

Nation-state hackers are attacking our trust in critical systems

04-02-18 – News This Past Week

Third-party IoT risk management not a priority
With the proliferation of IoT devices used in organizations to support business, technology and operations innovation, respondents to an Ponemon Institute study were asked to evaluate their perception of IoT risks, the state of current third party risk management programs, and governance practices being employed to defend against IoT-related cyber attacks

Third-party IoT risk management not a priority

Energy Sector Most Impacted by ICS Flaws, Attacks: Study
The security firm has analyzed a total of 322 flaws disclosed in 2017 by ICS-CERT, vendors and its own researchers, including issues related to industrial control systems (ICS) and general-purpose software and protocols used by industrial organizations
https://www.securityweek.com/energy-sector-most-impacted-ics-flaws-attacks-study

Baltimore’s 911 dispatch system was hacked last weekend
Baltimore’s 911 dispatch system was hacked over the weekend and authorities temporarily shut it down. The mayor’s office confirmed to The Baltimore Sun that the system was digitally infiltrated early Saturday morning, but provided no other details while the investigation is ongoing
https://www.engadget.com/2018/03/28/baltimore-s-911-dispatch-system-was-hacked-last-weekend/

Hackers hit 911 system, emergency dispatch affected
James Bentley, a spokesman for Pugh, told the newspaper that the attack, which came around 8:30 am on Sunday morning, affected messaging functions within the computer-aided dispatch (CAD) system
Hackers hit 911 system, emergency dispatch affected

Cyberattack disrupted Baltimore emergency responders
CAD is used to automatically divert calls to the closest emergency responders, in order to make assistance in emergencies as efficient and quick as possible. Manually taking phone calls and details is far slower
http://www.zdnet.com/article/cyberattack-disrupted-baltimore-emergency-responders/

People are really worried about IoT data privacy and security—and they should be
A new study from the Economist Intelligence Unit (EIU) shows that consumers around the world are deeply worried about in how their personal information is collected and shared by the Internet of Things (IoT). But let’s be honest, the problem isn’t that unsophisticated consumers are panicking for no reason. In fact, consumers are merely picking up on the very real inherent risks and uncertainties surrounding IoT data.
https://www.networkworld.com/article/3267065/internet-of-things/people-are-really-worried-about-iot-data-privacy-and-securityand-they-should-be.html

Internet of insecure Things: Software still riddled with security holes
An audit of the security of IoT mobile applications available on official stores has found that tech to safeguard the world of connected things remains outstandingly mediocre
https://www.theregister.co.uk/2018/03/28/iot_software_still_insecure/

Critical Flaws Found in Siemens Telecontrol, Building Automation Products
Siemens informed customers this week that critical vulnerabilities have been found in some of its telecontrol and building automation products, and revealed that some SIMATIC systems are affected by a high severity flaw
https://www.securityweek.com/critical-flaws-found-siemens-telecontrol-building-automation-products

Nation-state hackers are attacking our trust in critical systems
In the last few years, the lines between cyber criminals and nation-states have become increasingly blurry and it has become obvious that the private sector is not capable of handling cyber threats on its own, Chris Inglis, former deputy director of the National Security Agency, told the crowd at World Cyber Security Congress this week

Nation-state hackers are attacking our trust in critical systems

03-26-18 – News These Past Two Weeks

Threat Landscape for Industrial Automation Systems in H2 2017
For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users.

Threat Landscape for Industrial Automation Systems in H2 2017

Penn State secures building automation, IoT traffic with microsegmentation
Penn State chose microsegmentation technology from Tempered Networks to isolate and cloak traffic from its smart-building systems, which rely on the BACnet communications protocol to share data
https://www.networkworld.com/article/3265065/lan-wan/penn-state-secures-building-automation-iot-traffic-with-microsegmentation.html

Puerto Rico’s Electric Utility Hacked in Weekend Attack
Service was disrupted but no customer records compromised, officials said.
https://www.darkreading.com/attacks-breaches/puerto-ricos-electric-utility-hacked-in-weekend-attack/d/d-id/1331328

Siemens Patches Flaws in SIMATIC Controllers, Mobile Apps
Organizations using SIMATIC products were informed by both Siemens and ICS-CERT this week of a denial-of-service (DoS) vulnerability that can be exploited by sending specially crafted PROFINET DCP packets to affected systems
https://www.securityweek.com/siemens-patches-flaws-simatic-controllers-mobile-apps

Middle East oil and gas companies are unprepared to address OT cyber risk
Cyber security breaches in the Middle East are widespread and frequently undetected, with 30 percent of the region’s attacks targeting operational technology (OT), finds a new study by Siemens and Ponemon Institute

Middle East oil and gas companies are unprepared to address OT cyber risk

Critical Infrastructure: Stop Whistling Past the Cyber Graveyard
An open letter to former colleagues in Homeland Security, peers in private sector cybersecurity firms, those who own and operate critical systems, academics, and politicians
https://www.darkreading.com/critical-infrastructure-stop-whistling-past-the-cyber-graveyard/a/d-id/1331308

PROGRAMS CONTROLLING ICS ROBOTICS ARE ‘WIDE OPEN’ TO VULNERABILITIES
Most manufacturers have connected their operational technology – including industrial control systems and robotic equipment –to the internet, yet the lack of basic security protocols leave these companies open to cyberattacks

Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities

Russia accused of burrowing into US energy networks
This week the Department of Homeland Security (DHS) added cyber-intrusion and surveillance of the US critical infrastructure sector to the growing list of accusations – in a move that might have been missed by commentators had it not come packaged with sanctions connected to alleged interference in elections
Russia accused of burrowing into US energy networks

DHS and FBI warn Russia is behind cyberattacks on US infrastructure
The Department of Homeland Security and the FBI released a report today detailing Russian efforts to hack into US government entities and infrastructure sectors, including energy, nuclear, commercial, water, aviation and critical manufacturing sectors
https://www.engadget.com/2018/03/15/dhs-fbi-warn-russia-behind-infrastructure-cyberattacks/

China-linked Hackers Target Engineering and Maritime Industries
Referred to as Leviathan or TEMP.Periscope, the group has been historically interested in targets connected to South China Sea issues, which hasn’t changed in the recently observed attacks. Targets include research institutes, academic organizations, and private firms in the United States
https://www.securityweek.com/china-linked-hackers-target-engineering-and-maritime-industries

IoT security warning: Cyber-attacks on medical devices could put patients at risk
More collaboration is needed in order to ensure internet-connected medical devices can’t cause harm to patients, says research
http://www.zdnet.com/article/iot-security-warning-cyber-attacks-on-medical-devices-could-put-patients-at-risk/

Medical Apps Come Packaged with Hardcoded Credentials
Vulnerabilities in DocuTrac applications also include weak encryption, according to Rapid7.
https://www.darkreading.com/endpoint/medical-apps-come-packaged-with-hardcoded-credentials/d/d-id/1331268

Time of death? A therapeutic postmortem of connected medicine
At last year’s Security Analyst Summit 2017 we predicted that medical networks would be a titbit for cybercriminals. Unfortunately, we were right. The numbers of medical data breaches and leaks are increasing. According to public data, this year is no exception.

Time of death? A therapeutic postmortem of connected medicine

IIC Publishes Best Practices for Securing Industrial Endpoints
The Industrial Internet Consortium (IIC) has published a new paper designed to provide a concise overview of the countermeasures necessary to secure industrial endpoints; that is, the industrial internet of things
https://www.securityweek.com/iic-publishes-best-practices-securing-industrial-endpoints

IIC addresses industrial IoT security on endpoints
In a new document, the Industrial Internet Consortium abridges IEC and NIST publications, offering clear, concise guidance to ensure IIoT security in connected plants
http://internetofthingsagenda.techtarget.com/news/252436665/IIC-addresses-industrial-IoT-security-on-endpoints

IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Proposed new connected-product repair laws will provide hackers with more tools to make our lives less secure
https://www.darkreading.com/endpoint/iot-product-safety-if-it-appears-too-good-to-be-true-it-probably-is-/a/d-id/1331227

Auto manufacturers are asleep at the wheel when it comes to security
That’s the conclusion of a series of speakers at the Kaspersky Security Analyst Summit. These security researchers have demonstrated how easy it is to introduce software into vehicles to steal data, take control of vital functions, get around alarm and electronic key systems and even crash the car
https://www.theregister.co.uk/2018/03/10/auto_manufacturers_are_asleep_at_the_wheel_when_it_comes_to_security/

Ransomware for robots is the next big security nightmare
Researchers found they were able to infect robots with ransomware; in the real world, such attacks could be highly damaging to businesses if robotic security isn’t addressed
http://www.zdnet.com/article/ransomware-for-robots-is-the-next-big-security-nightmare/

Researchers say quantum computing could improve self-driving cars’ cyber security
Quantum computers could transform the security of self-driving cars, claim researchers
https://www.v3.co.uk/v3-uk/news/3027885/researchers-say-quantum-computing-could-improve-self-driving-cars-cyber-security

03-13-18 – News This Past Week

Infrastructure security: Don’t just sit there, do something!
Confused by conflicting indications from the control panel, operators made a series of bad decisions which exacerbated the problems. The reactor core, starved of vital coolant, started to overheat. Radioactive material began to vent into the outer protective enclosure.

Infrastructure security: Don’t just sit there, do something!

Smart traffic lights cause jams when fed spoofed data
But no, we can’t have nice things like smooth, smart, algorithmically timed sailing through intersections – at least, not with the current state of traffic technology. A team of five researchers from the University of Michigan have found that the DOT’s I-SIG (Intelligent Traffic Signal System) is way too easy to spoof with bad data.
Smart traffic lights cause jams when fed spoofed data

BlackBerry’s post-phone future includes IoT security
BlackBerry hasn’t been shy about shifting its focus away from hardware and toward technologies you can find inside others’ devices, such as self-driving cars and secure comms. If you need any further proof, though, you just got it: BlackBerry has struck a deal with Swiss electronics maker Punkt to secure an upcoming range of Internet of Things devices.
https://www.engadget.com/2018/03/07/blackberry-punkt-deal-secures-iot-devices/

How can IoT stakeholders mitigate the risk of life-threatening cyberattacks?
With an estimated 20 billion Internet-connected devices set to appear in our homes and offices by the end of the decade, future cyberattacks will dwarf what we’ve seen to date. These connected devices will feed into fundamental infrastructure we rely on every day: transportation, power plants, medical devices, and supply chains, for example. As cyberattacks move from financial and reputation risks into the realm of ‘life and death’ consequences, which IoT stakeholders should we turn to to address this?

How can IoT stakeholders mitigate the risk of life-threatening cyberattacks?

Connected Cars Pose New Security Challenges
Very few objects are as personal to their owners as their cars. But today’s cars have grown beyond a form of self-expression and turned into our personal concierges, navigating the best routes, making our dinner reservations, and potentially reserving parking spots ahead of our arrival. But with all the advantages connected vehicles can bring to our lives, they can also potentially expose us to security risks.
https://www.darkreading.com/endpoint/connected-cars-pose-new-security-challenges/a/d-id/1331166

IOT SECURITY DISCONNECT: AS ATTACKS SPIKE, DEVICE PATCHING STILL LAGS
According to a report by Trustwave released last week, 61 percent of companies surveyed who have deployed some level of connected technology have also had to deal with a security incident that they can trace back to an IoT device. On the flip side, only 49 percent of those same businesses surveyed said they have formal patching policies and procedures in place that would help prevent attacks.

IoT Security Disconnect: As Attacks Spike, Device Patching Still Lags

What to understand about health care IoT and its security
As we have seen, the Internet of Things will disrupt and change every industry and how actors within it do business. Along with new paradigms in services and products that one can offer due to the proliferation of IoT, come business risks as well as heightened security concerns – both physical and cyber. In our prior column, we spoke about this topic in the context of the Smart Electric Grid. Today we’re taking a look at how IoT is disrupting the health care market and how we can take steps to secure it.
https://www.networkworld.com/article/3260788/internet-of-things/what-to-understand-about-health-care-iot-and-securing-it.html

Backdooring connected cars for covert remote control
We’ve all known for a while now that the security of connected cars leaves a lot to be desired. The latest proof of that sad state of affairs comes from Argentinian security researchers and hackers Sheila Ayelen Berta and Claudio Caracciolo. The pair is set to demonstrate a hardware backdoor for the CAN bus that can be controlled remotely at the upcoming Hack in the Box conference in Amsterdam.

Backdooring connected cars for covert remote control

03-05-18 – News This Past Week

Delta Patches Vulnerabilities in HMI, PLC Products
A researcher who uses the online moniker “Axt” informed Delta via Trend Micro’s Zero Day Initiative (ZDI) and ICS-CERT that its WPLSoft product, a programming software for programmable logic controllers (PLCs), is affected by several types of vulnerabilities.
https://www.securityweek.com/delta-patches-vulnerabilities-hmi-plc-products

Keeping on top of ICS-focused hacking groups, defenses
“While only one has demonstrated an apparent capability to impact ICS networks through ICS-specific malware directly, all have engaged in at least reconnaissance and intelligence gathering surrounding the ICS environment,” the company noted in a recently published report.

Keeping on top of ICS-focused hacking groups, defenses

Phillips clinical imaging solution plagued by vulnerabilities
Phillips is developing a software update to mitigate 35 CVE-numbered vulnerabilities in the Philips IntelliSpace Portal (ISP), a clinical imaging visualization and analysis solution that is used by healthcare and public health organizations around the world

Phillips clinical imaging solution plagued by vulnerabilities

Philips Working on Patches for 35 Flaws in Healthcare Product
Philips has informed customers that it’s working on patches for dozens of vulnerabilities affecting the company’s IntelliSpace Portal, a visualization and analysis solution designed for healthcare organizations
https://www.securityweek.com/philips-working-patches-35-flaws-healthcare-product

What Enterprises Can Learn from Medical Device Security
In today’s cloud-native world, organizations need a highly distributed approach that ties security to the workload itself in order to prevent targeted attacks
https://www.darkreading.com/cloud/what-enterprises-can-learn-from-medical-device-security-/a/d-id/1331145

ICS Under Fire in 2017
New Dragos report finds rising number of public vulnerability advisories around ICS with not enough reasonable guidance around how to deal with these flaws
https://www.darkreading.com/vulnerabilities—threats/ics-under-fire-in-2017/d/d-id/1331163

Public Advisories Fail to Convey True Impact of ICS Flaws
Public advisories describing vulnerabilities in industrial control systems (ICS) often fail to convey the true impact of the flaws, according to a report published today by ICS cybersecurity firm Dragos
https://www.securityweek.com/public-advisories-fail-convey-true-impact-ics-flaws

Five Threat Groups Target Industrial Systems
There are at least five sophisticated threat groups whose activities focus on industrial control systems (ICS), according to a report published on Thursday by industrial cybersecurity firm Dragos
https://www.securityweek.com/five-threat-groups-target-industrial-systems-dragos

Emerson Patches Severe Flaw in ControlWave Controllers
Automation solutions provider Emerson has patched a potentially serious denial-of-service (DoS) vulnerability in its ControlWave Micro Process Automation Controller product
https://www.securityweek.com/emerson-patches-severe-flaw-controlwave-controllers

Siemens Releases BIOS Updates to Patch Intel Chip Flaws
Siemens has released BIOS updates for several of its industrial devices to patch vulnerabilities discovered recently in Intel chips, including Meltdown, Spectre and flaws affecting the company’s Management Engine technology
https://www.securityweek.com/siemens-releases-bios-updates-patch-intel-chip-flaws

How to Shield Against IoT Security Threats
While politicians and security experts are constantly warning about the risk of cyber-attacks, they rarely, if ever, mention the risks associated with the Internet of Things (IoT). They should, since there are already plenty of examples of successful IoT security attacks
https://www.securityweek.com/how-shield-against-iot-security-threats

02-26-18 – News This Past Week

Anatomy of an Attack on the Industrial IoT
We like to think that cyberattacks are focused primarily on stealing credit card numbers and that attackers don’t know much about the control systems that run critical infrastructure. Unfortunately, that’s just wishful thinking. In 2017, we saw an increasing number of threat actors bypass existing network perimeter security controls to perform sophisticated reconnaissance of industrial process control networks
https://www.darkreading.com/vulnerabilities—threats/anatomy-of-an-attack-on-the-industrial-iot-/a/d-id/1331097

Arm Reveals More Details About Its IoT Platform Security Architecture
When it announced its Platform Security Architecture for IoT devices last year, Arm said that “security can no longer be optional.” Now, shortly after it announced the iSim SoC that’s supposed to connect more devices to the IoT, the company revealed more about the PSA framework
http://www.tomshardware.com/news/arm-iot-platform-security-architecture,36564.html

The Rise of ICS Malware: How Industrial Security Threats Are Becoming More Surgical
Last December, a malware variant specifically designed to attack industrial safety systems was discovered. It was apparently used to cause an operational outage at a critical infrastructure facility in The Middle East
https://www.securityweek.com/rise-ics-malware-how-industrial-security-threats-are-becoming-more-surgical

MEDICAL CYBERSECURITY & DENSE VULNERABILITIES
During my onstage interview with Dan Geer at S4x18, we discussed what is the best course of action when vulnerabilities are dense (listen beginning at 28:15). I suggested that medical device and software were a great example of dense vulnerabilities, so is the current approach to find and fix vulnerabilities a good approach when a single exploitable bug can take out a hospital for a week

MEDICAL CYBERSECURITY & DENSE VULNERABILITIES

Protecting safety instrumented systems from malware attacks
Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures
http://searchsecurity.techtarget.com/tip/Protecting-safety-instrumented-systems-from-malware-attacks

Is the IoT backlash finally here?
After years of worry, the long-anticipated backlash to the changes wrought by the Internet of Things may finally be arriving. That could be a good thing.
https://www.networkworld.com/article/3256215/internet-of-things/is-the-iot-backlash-finally-here.html

Getting Started with IoT Security in Healthcare
It’s estimated that by 2025, more than 30 percent of all Internet of Things (IoT) devices will be dedicated to the realm of healthcare – more than in retail, transportation and the personal security sectors combined. Already today, practitioners are using IoT tech to conduct portable monitoring, enact electronic record keeping initiatives, and to apply drug safeguards – all efforts that are streamlining operations and delivering safer, more comprehensive care to patients
https://www.darkreading.com/partner-perspectives/iboss/getting-started-with-iot-security-in-healthcare/a/d-id/1331090

NIST Working on Global IoT Cybersecurity Standards
The Internet of Things (IoT) is here and growing. It has the potential to facilitate or obstruct the further evolution of the Fourth Industrial Revolution; largely depending upon whether it is used or abused. Its abusers will be the same criminal and aggressor state actors that currently abuse information systems
https://www.securityweek.com/nist-working-global-iot-cybersecurity-standards

Expected changes in IT/OT convergence and industrial security
Ten years ago, I was brought into the industrial security arena by a top company executive in who was convinced that we needed traditional endpoint protection on smart meters. I had spent fifteen years before that in enterprise security, so it took a while to shape my focus around the nature of the problem of IT/OT convergence and industrial security

Expected changes in IT/OT convergence and industrial security

02-19-18 – News This Past Week

Siemens Leads Launch of Global Cybersecurity Initiative
The so-called Charter of Trust centers around the basic goals of protecting the data of individuals and businesses; preventing harm to critical infrastructure, businesses, and individuals via cyberattacks
https://www.darkreading.com/threat-intelligence/siemens-leads-launch-of-global-cybersecurity-initiative/d/d-id/1331083

US sets up dedicated office for energy infrastructure cybersecurity
The US government is setting up a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER) at the US Department of Energy. The CESER office will focus on energy infrastructure security and enable more coordinated preparedness and response to natural and man-made threats

US sets up dedicated office for energy infrastructure cybersecurity

IBM Releases Spectre, Meltdown Patches for Power Systems
IBM started releasing firmware patches for its POWER processors within a week after the Spectre and Meltdown attack methods were disclosed. Firmware updates were first released for the POWER7+ and POWER8 processors, but customers would have to wait another month for operating system patches
https://www.securityweek.com/ibm-releases-spectre-meltdown-patches-power-systems

Cryptocurrency Miners Not Uncommon on Industrial Systems
Industrial cybersecurity firm Radiflow reported last week that it had identified a piece of malware designed to mine Monero on a human-machine interface (HMI) system at a wastewater facility in Europe
https://www.securityweek.com/cryptocurrency-miners-not-uncommon-industrial-systems

Exploring a New Reference Architecture for Industrial Control Systems Security
As it relates to threats targeting industrial control systems (ICS) and critical infrastructure networks, it should be completely clear that “the times – they are a changing.” We have entered a new era over the past 6 months – demonstrated by the collateral damage caused by WannaCry and NotPetya, and even more clearly by the deliberate and alarming targeting of the widely used Schneider Electric Triconex safety platform by the Triton malware.
https://www.securityweek.com/exploring-new-reference-architecture-industrial-control-systems-security

Schneider Electric Patches Several Flaws in IGSS Products
Ivan Sanchez of Nullcode discovered that the IGSS SCADA software is affected by a configuration issue that leads to Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) mitigations not being implemented properly
https://www.securityweek.com/schneider-electric-patches-several-flaws-igss-products

Rogue IT admin goes off the rails, shuts down Canadian train switches
Christopher Victor Grupe, 46, had a rocky relationship with his employers: in December 2015, he was suspended for 12 days for insubordination and just not making the grade as a sysadmin
https://www.theregister.co.uk/2018/02/14/rogue_it_admin_canadian_railway_switches/

Consumers want more IoT regulation
A demand for more regulation may seem counterintuitive in today’s world and yet that’s exactly what consumers who understand IoT technologies want, according to a new study from Market Strategies International.

Consumers want more IoT regulation

NOW CRYPTOJACKING THREATENS CRITICAL INFRASTRUCTURE, TOO
The rise of cryptojacking—which co-opts your PC or mobile device to illicitly mine cryptocurrency when you visit an infected site—has fueled mining’s increasing appeal
https://www.wired.com/story/cryptojacking-critical-infrastructure/

Surgery affected by ‘distressing’ power outage glitch at Royal Adelaide Hospital
Two operations were disrupted when a software failure left part of the Royal Adelaide Hospital without power for up to 20 minutes yesterday morning
http://www.abc.net.au/news/2018-02-07/power-failure-at-royal-adelaide-hospital-disrupts-surgery/9406270

02-12-18 – News This Past Week

Ukraine Power Distro Plans $20 Million Cyber Defense System
After NotPetya and severe blackouts, Ukrenergo responds with an investment in cybersecurity
https://www.darkreading.com/operations/ukraine-power-distro-plans-$20-million-cyber-defense-system/d/d-id/1330994

When crypto-mining malware hits a SCADA network
Stealthy crypto-mining is on track to surpass ransomware as cybercriminals’ most favorite money-making option, and companies with computers and servers that run all day and night long are the preferred targets

When crypto-mining malware hits a SCADA network

Water Utility Infected by Cryptocurrency Mining Software
A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack: hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I’ve seen it infect SCADA systems, though
https://www.schneier.com/blog/archives/2018/02/water_utility_i.html

Tips for securing IoT on your network
As internet of things devices proliferate, it’s more important to discover how many and what kind are on your network and figure out how to make them secure. Here’s how
https://www.networkworld.com/article/3254185/internet-of-things/tips-for-securing-iot-on-your-network.html

Tennessee Hospital Hit With Cryptocurrency Mining Malware
Decatur County General Hospital (DCGH) in Parsons, Tennessee, recently discovered cryptocurrency mining malware on its its Electronic Medical Record (EMR) server. The hospital began informing 24,000 patients of the attack on January 26
https://www.darkreading.com/attacks-breaches/tennessee-hospital-hit-with-cryptocurrency-mining-malware/d/d-id/1331014

02-06-18 – News This Past Month

Verizon Boards the NB-IoT Train
Unlike consumer LTE, NB-IoT offers an efficient option for hooking up smart sensors and other machine-to-machine applications because it uses very little power for its 200 Kbit/s connections and very little spectrum, which gives devices a battery life that can be measured in years.
http://www.lightreading.com/iot/nb-iot/verizon-boards-the-nb-iot-train/d/d-id/740257

DT, Nokia Put 5G to the Industrial Test
Deutsche Telekom AG (NYSE: DT) and Nokia Corp. (NYSE: NOK) are to embark on the joint testing of 5G technology in the Port of Hamburg, carrying out various trials of 5G functionality — such as so-called “network slicing” — within an industrial context. Applications of the technology within the 8,000-hectare port area will include traffic lights management, data processing from mobile sensors and virtual reality. To facilitate the test program, an antenna has already been installed on the Hamburg TV tower, at a height of more than 150 meters.
http://www.lightreading.com/mobile/services-apps-mobile/eurobites-dt-nokia-put-5g-to-the-industrial-test/d/d-id/740262

Does The U.S. Need a National Cybersecurity Safety Board?
It is time, suggest two academics from Indiana University-Bloomington, for Congress to establish a National Cybersecurity Safety Board (NCSB) as an analogue of the National Transportation Safety Board (NTSB), to improve the level of cybersecurity in the U.S.
http://www.securityweek.com/does-us-need-national-cybersecurity-safety-board

Number of Internet-accessible ICS components is increasing every year
The number of industrial control system (ICS) components – which run factories, transport, power plants and other facilities – left open to Internet access, is increasing every year. In Germany, for example, researchers from Positive Technologies found 13,242 IP addresses for ICS components, up from 12,542 in 2016.

Number of Internet-accessible ICS components is increasing every year

Critical Infrastructure More Vulnerable Than Ever Before
The PT research team also noted that more and more Internet-accessible ICS components are actually network devices, such as Lantronix and Moxa interface converters, which represented 12.86% of detected components in 2017, up from 5.06% in 2016.
https://www.infosecurity-magazine.com/news/critical-infrastructure-more/

Increasing Number of Industrial Systems Accessible From Web
The number of industrial control systems (ICS) accessible from the Internet has increased significantly in the past year, reaching more than 175,000 components, according to a new report from Positive Technologies
http://www.securityweek.com/increasing-number-industrial-systems-accessible-web-study

Hospital MRI and CT scanners at risk of cyberattack
Last year’s WannaCry attack had many disruptive effects across the world but the one that sticks in the minds of many security experts is the damage it did to the UK’s National Health Service (NHS).
Hospital MRI and CT scanners at risk of cyberattack

Siemens Patches Flaws in Plant Management Product
Siemens has informed customers that a component of its TeleControl Basic product is affected by several vulnerabilities that can be exploited by an attacker to escalate privileges, bypass authentication, and launch denial-of-service (DoS) attacks
http://www.securityweek.com/siemens-patches-flaws-plant-management-product

IoT Botnets by the Numbers
Even before Mirai burst onto the scene a year-and-a-half ago, security experts had been warning anyone who listened about how juicy Internet of things (IoT) devices were looking to criminal botnet herders. Proliferating faster than black t-shirts at a security conference, IoT sensors have spread throughout our personal and business lives inside cameras, automobiles, TVs, refrigerators, wearable technology, and more
https://www.darkreading.com/perimeter/iot-botnets-by-the-numbers/d/d-id/1330924

Forget cyber crims, it’s time to start worrying about GPS jammers – UK.gov report
The UK must reduce the dependency of its critical infrastructure and emergency services on GPS technology to mitigate against the potentially disastrous impact of signal jamming, a government report has warned.
https://www.theregister.co.uk/2018/01/31/gps_signal_jammers_critical_infrastructure/

An Infrastructure Plan in the 21st Century Needs to Address Cybersecurity
U.S. President Trump is expected to discuss his long-awaited infrastructure plan in tonight’s State of the Union address, but we should not expect full details for a few more weeks. The focus on upgrading our roads, bridges, tunnels and other physical infrastructure is welcome. But we need to do more than address these weak brick-and-mortar foundations.
https://www.tenable.com/blog/an-infrastructure-plan-in-the-21st-century-needs-to-address-cybersecurity

UK Warns Critical Industries to Boost Cyber Defense or Face Hefty Fines
NISD is designed to ensure the security of network systems not already covered by the GDPR — but its primary purpose is to ensure the security of the industries that comprise the critical infrastructure (such as power and water, healthcare and transport). These companies, or covered entities, are defined within the directive as ‘operators of essential services’ (OES), and ‘digital service providers’ (DSPs).
http://www.securityweek.com/uk-warns-critical-industries-boost-cyber-defense-or-face-hefty-fines

Parrot 3.11 Security OS Brings New “Car Hacking” Menu
Coming one and a half months after Parrot Security OS 3.10, the Parrot Security OS 3.11 release sports a new “Car Hacking” menu that contains a great collection of open-source tools designed for testing real-world cars against hacks, as well as to simulate Controller Area Network (CAN bus) networks.
http://news.softpedia.com/news/parrot-3-11-security-os-brings-new-car-hacking-menu-meltdown-spectre-patches-519592.shtml

What do you press when flaws in Bluetooth panic buttons are exposed?
Wearsafe’s button was vulnerable to denial-of-service attacks. If flooded with connection requests, a hacker could lock the user out of the device until the battery is removed and reinserted. The device also continually broadcasts its Bluetooth radio, meaning it can be tracked
https://www.theregister.co.uk/2018/01/29/bluetooth_panic_buttons_hackable/

A series of new IoT botnets plague connected devices
The first of the IoT botnets causing trouble was discovered by security researchers at Bitdefender and is called Hide ‘N Seek, or HNS. HNS was first noticed on January 10, “faded away” for a few days and then reemerged on January 20 in a slightly different form, according to Bitdefender senior e-threat analyst Bogdan Botezatu
http://searchsecurity.techtarget.com/news/252433896/A-series-of-new-IoT-botnets-plague-connected-devices

Researchers warn of invisible attacks on electrical sensors
To simplify, transducers are electronic components that turn analogue signals such as radio, sound or light waves, or the physical movement of something like a gyroscope, into an electrical signal that can be digitised by a computer
Researchers warn of invisible attacks on electrical sensors

An Internet of Things ‘crime harvest’ is coming unless security problems are fixed
“All new technologies, all changes in the way that society is ordered — particularly if it is technology — always has a crime harvest. So, when cars were invented, people started drink-driving and stealing cars and it’s exactly the same with the Internet of Things,” said chief constable Michael Barton, head of the Durham Constabulary.
http://www.zdnet.com/article/an-internet-of-things-crime-harvest-is-coming-unless-security-problems-are-fixed/

Industrial Safety Systems in the Bullseye
TRITON/TRISIS attack on Schneider Electric plant safety systems could be re-purposed in future attacks, experts say
https://www.darkreading.com/operations/industrial-safety-systems-in-the-bullseye/d/d-id/1330912

Vulnerable industrial controls directly connected to Internet? Why not?
Yesterday, Siemens issued an update to a year-old product vulnerability warning for its SIMATIC S7-300 and S7-400 families of programmable logic controllers (PLCs)—industrial control systems used to remotely monitor and operate manufacturing equipment. The alert, originally issued in December of 2016, was updated on Wednesday to include another version of the S7-400 line
https://arstechnica.com/information-technology/2018/01/the-internet-of-omg-vulnerable-factory-and-power-grid-controls-on-internet/

The moving target of IoT security
As the explosive growth of IoT continues, businesses, vendors and consumers all have to confront the issue that the world is more connected than ever before, with potentially gigantic consequences
https://www.networkworld.com/article/3250624/internet-of-things/the-moving-target-of-iot-security.html

Risks to ICS Environments From Spectre and Meltdown Attacks
The recently disclosed Spectre and Meltdown vulnerabilities, which affect hardware running in the majority of the world’s computing devices have made headlines recently. The list of at risk equipment includes workstations, servers, phones, tablets, as well as Microsoft Windows, Linux, Android, Google ChromeOS, Apple macOS on most Intel chips manufactured after 2010. Many AMD, ARM and other chipsets are also affected
http://www.securityweek.com/risks-ics-environments-spectre-and-meltdown-attacks

IoT Devices Fuel Complex DDoS Attacks: Report
According to the company’s 13th Annual Worldwide Infrastructure Security Report (WISR), attackers focused on increasing complexity in 2017, and the exploitation of IoT devices helped them achieve this goal. The frequency of attacks has increased as well, following a trend seen for the past several years
http://www.securityweek.com/iot-devices-fuel-complex-ddos-attacks-report

Gemalto Sentinel flaws could lead to ICS attacks
Researchers from Kaspersky Lab Industrial Control System Cyber Emergency Response Team (ICS CERT) said they decided to investigate Gemalto Sentinel USB tokens after penetration tests showed the “solution provides license control for software used by customers and is widely used in ICS and IT systems.”
http://searchsecurity.techtarget.com/news/252433668/Gemalto-Sentinel-flaws-could-lead-to-ICS-attacks

Serious ‘category one’ cyberattack not far off – warns security chief
This week, the head of Britain’s National Cyber Security Centre (NCSC), Ciaran Martin, said something rather alarming in a newspaper interview that generated plenty of headline heat – the UK has never suffered the most serious category one (C1) cyberattack but it is only a matter of time before it does
Serious ‘category one’ cyberattack not far off – warns security chief

Satori Botnet Malware Now Can Infect Even More IoT Devices
Latest version targets systems running ARC processors
https://www.darkreading.com/vulnerabilities—threats/satori-botnet-malware-now-can-infect-even-more-iot-devices/d/d-id/1330875

A silver bullet for the attacker
In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems, relatively independently and often without regard for modern secure coding practices is probably the main source of ICS security problems

A silver bullet for the attacker

Gemalto Licensing Tool Exposes ICS, Corporate Systems to Attacks
Gemalto Sentinel LDK is a software licensing solution used by many organizations worldwide on both their enterprise and industrial control systems (ICS) networks. In addition to software components, the solution provides hardware-based protection, specifically a SafeNet Sentinel USB dongle that users connect to a PC or server when they want to activate a product
http://www.securityweek.com/gemalto-licensing-tool-exposes-ics-corporate-systems-attacks

Trisis ICS malware was publicly available after attack
The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors
http://searchsecurity.techtarget.com/news/252433492/Trisis-ICS-malware-was-publicly-available-after-attack

Schneider Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System, and a RAT
ICS/SCADA vendor discloses in-depth analysis of a recent targeted attack against one of its customers
https://www.darkreading.com/vulnerabilities—threats/schneider-electric-triton-trisis-attack-used-0-day-flaw-in-its-safety-controller-system-and-a-rat/d/d-id/1330845

Triton Malware Exploited Zero-Day in Schneider Electric Devices
The recently discovered malware known as Triton and Trisis exploited a zero-day vulnerability in Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers in an attack aimed at a critical infrastructure organization
http://www.securityweek.com/triton-malware-exploited-zero-day-schneider-electric-devices

MENACING MALWARE SHOWS THE DANGERS OF INDUSTRIAL SYSTEM SABOTAGE
At the S4 security conference on Thursday, researchers from the industrial control company Schneider Electric, whose equipment Triton targeted, presented deep analysis of the malware—only the third recorded cyberattack against industrial equipment
https://www.wired.com/story/triton-malware-dangers-industrial-system-sabotage/

A NEW WAY TO TRACK DOWN BUGS COULD HELP SAVE IOT
ON A CLEAR day this summer, security researcher Ang Cui boarded a boat headed to a government biosafety facility off the northeastern tip of Long Island. Cui’s security company, Red Balloon, will spend the next year studying how its Internet of Things threat-scanning tool performs on the building control systems of Plum Island Animal Disease Center.
https://www.wired.com/story/a-new-way-to-track-down-bugs-could-help-save-iot/

Now Meltdown patches are making industrial control systems lurch
SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains.
https://www.theregister.co.uk/2018/01/15/meltdown_ics/

BlackBerry Launches Security Product for Automotive, Other Industries
Modern cars use hundreds of software components, including many provided by third-party vendors across several tiers. While this approach has some advantages, it also increases the chances of vulnerabilities making it into the software somewhere along the supply chain.
http://www.securityweek.com/blackberry-launches-security-product-automotive-other-industries

Vulnerability in ISC BIND leads to DoS, patch today!
The Internet Systems Consortium has released security updates for BIND, the most widely used Domain Name System (DNS) software on the Internet, and a patch for ISC DHCP, its open source software that implements the Dynamic Host Configuration Protocol for connection to an IP network

Vulnerability in ISC BIND leads to DoS, patch today!

Researchers Offer a ‘VirusTotal for ICS’
Free online sandbox, honeypot tool simulates a real-world industrial network environment
https://www.darkreading.com/threat-intelligence/researchers-offer-a-virustotal-for-ics/d/d-id/1330833

What the OWASP IoT security project means for device creation
The OWASP IoT security project aims to get developers to incorporate security at the beginning of a device’s life. Expert Ernie Hayden outlines how it is tackling the issue
http://searchsecurity.techtarget.com/tip/What-the-OWASP-IoT-security-project-means-for-device-creation

Now Meltdown patches are making industrial control systems lurch
SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains
https://www.theregister.co.uk/2018/01/15/meltdown_ics/

Are mass transit systems the next cybersecurity target?
Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems — and what can be done
https://www.idg.tv/video/83915/are-mass-transit-systems-the-next-cybersecurity-target-salted-hash-ep-14

Internet of Things security issues bleed into 2018
In 2017 Internet of Things (IoT) devices rose to prominence as attackers have continued to target and use them to support various cyberattacks. IoT devices are almost the perfect target for cyberthieves. They sit on internal networks, have their own IP address, and allow communication with other internet connected devices and systems.

Internet of Things security issues bleed into 2018

IoT malware targeting zero-day vulnerabilities
First, they targeted IoT devices with default or weak passwords, and manufacturers and users began changing them. Then they used known vulnerabilities, and IoT vendor increased their efforts to push out patches. Now, some botmasters are making a concentrated effort to find unknown flaws they can exploit.

IoT malware targeting zero-day vulnerabilities

More SCADA app vulnerabilities found
Two years ago, they jointly found 50 weaknesses in the security of 20 mobile apps used by a plethora of SCADA Industrial Control Systems (ICS) sectors covering things like power, water, and manufacturing
More SCADA app vulnerabilities found

Shared Accounts Increasingly Problematic for Critical Infrastructure: ICS-CERT
Assessments conducted last year by the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) showed that boundary protection remains the biggest problem in critical infrastructure organizations, but identification and authentication issues have become increasingly common
http://www.securityweek.com/shared-accounts-increasingly-problematic-critical-infrastructure-ics-cert

Serious Flaws Found in Phoenix Contact Industrial Switches
Researchers have discovered potentially serious vulnerabilities in industrial switches made by Phoenix Contact, a Germany-based company that specializes in industrial automation, connectivity and interface solutions
http://www.securityweek.com/serious-flaws-found-phoenix-contact-industrial-switches

Vulnerabilities in Phoenix Contact Industrial Switches Can Allow Hackers to Disrupt Operations
According to advisories published last week by ICS-CERT and its German counterpart CERT@VDE, Phoenix Contact’s FL SWITCH industrial ethernet switches are affected by authentication bypass and information exposure flaws. Ilya Karpov and Evgeniy Druzhinin of Positive Technologies have been credited for reporting the flaws.
http://www.securityweek.com/serious-flaws-found-phoenix-contact-industrial-switches