8-26-19 – News This Past Weeek

Adwind Spyware-as-a-Service Attacks Utility Grid Operators
Critical infrastructure facilities are high-risk targets, and the fact that Adwind is available as a paid service is very concerning

Adwind Spyware-as-a-Service Attacks Utility Grid Operators

New Tool From Cisco Hunts Flaws in Automotive Computers
Access to the vehicle computer, Cisco notes, is possible via Wi-Fi, Bluetooth, or cellular communication protocols, but the backbone of a vehicle’s network is a Controller Area Network

Top 5 IoT networking security mistakes
IT supplier Brother International shares five of the most common internet-of-things security errors it sees among buyers of its printers and multi-function devices

Securing IoT involves developers, manufacturers and end users alike
Who’s to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating legislation enforcing security measures?

8-19-19 – News This Past Week

ICS security threats rising, targeting oil and gas facilities
In its latest report on industrial control system threats, Dragos said it believes the first major ‘destructive’ ICS attack will likely occur at an oil and gas facility.

Delta ICS Flaw Allows Total Industrial Takeover
The Delta enteliBUS Manager centralizes control for various pieces of hardware often found in corporate or industrial settings. Taking it over could have plenty of repercussions, such as enabling remote manipulation of access control systems, boiler rooms, alarms and sensors in a factory, temperature control for critical systems or lighting in a business

DEF CON 2019: Delta ICS Flaw Allows Total Industrial Takeover

Democratic presidential nominees are ignoring the issue of our cybersecurity infrastructure
When we think about existential threats, government has to understand that electricity doesn’t reside in its own silo and that if something happens to (companies like) us, it would have a potentially cataclysmic impact on finance as well

Democratic presidential nominees are ignoring the issue of our cybersecurity infrastructure

Biohackers chase Johnny Mnemonic with ‘Pegleg’ implanted hard drive
The Four Thieves Vinegar biohacking collective has not figured out how to precisely mimic the memory data transfer scenario Gibson conjured, but it has built a device to enable people to store and transfer data wirelessly in their bodies

Biohackers chase Johnny Mnemonic with ‘Pegleg’ implanted hard drive

Hackers can use phone/device sound to damage human hearing
According to researcher lead Matt Wixey, for the PwC UK Cyber Security practice, a doctoral student discovered an exploit in speaker and volume controls through a range of different devices

Siemens SCALANCE X Switches Vulnerable to DoS Attacks
Siemens on Tuesday released several new advisories describing vulnerabilities in the company’s products, including an unpatched denial-of-service (DoS) flaw affecting SCALANCE X industrial switches

Smart ovens have been turning on overnight and preheating to 400 degrees
At least three smart June Ovens have turned on in the middle of the night and heated up to 400 degrees Fahrenheit or higher. The ovens’ owners aren’t sure why this happened, and June tells The Verge that user error is at fault.

A Major Cyber Attack Could Be Just as Deadly as Nuclear Weapons, Says Scientist
People around the world may be worried about nuclear tensions rising, but I think they’re missing the fact that a major cyberattack could be just as damaging – and hackers are already laying the groundwork.

Hackers just found serious vulnerabilities in F-15 fighter jet
They even found bugs that the Air Force had tried but failed to fix after the same group of hackers performed similar tests in November without actually touching the device.

8-12-19 – News This Past Week

Connected Cars Could be a Threat to National Security, Group Claims
The cyber threat to connected cars (cars with a connection to the internet) is known and accepted. Now Los Angeles-based Consumer Watchdog (CW) has elevated that threat to one of national security in a new report titled, “Kill Switch: Why Connected Cars Can be Killing Machines and How to Turn Them Off.”

Industrial Giants Respond to ‘Urgent/11’ Vulnerabilities
In late July, IoT security firm Armis disclosed eleven vulnerabilities found by its researchers in the VxWorks real time operating system (RTOS). The flaws, six of which have been described as critical, can allow a remote attacker to take control of impacted systems

A Boeing Code Leak Exposes Security Flaws Deep in a 787’s Guts
Late one night last September, security researcher Ruben Santamarta sat in his home office in Madrid and partook in some creative googling, searching for technical documents related to his years-long obsession: the cybersecurity of airplanes

Siemens S7 PLCs Share Same Crypto Key Pair, Researchers Find
Wool, Eli Biham and Sara Bitan of Technion, and Uriel Malin of Tel Aviv University reverse-engineered the S7’s cryptographic protocol and were able to attack the S7-1500 PLC with a fake engineering workstation posing as a Siemens TIA (Totally Automated Integration Portation) system that forced the S7 to power on and off and follow other commands, as well as download rogue code

Hackers Can Use Rogue Engineering Stations to Target Siemens PLCs
Malicious actors could use rogue engineering workstations to take control of Siemens programmable logic controllers (PLCs), and they can hide the attack from the engineer monitoring the system, researchers from two universities in Israel have demonstrated

Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc
Critical vulnerabilities in the Siemens S7 Simatic programmable logic controller (PLC) have been discovered by cybersecurity researchers at Tel Aviv University and the Technion Institute of Technology

8-5-19 – News This Past Week

200 million devices—some mission-critical—vulnerable to remote takeover
For the 200 million devices Armis estimated are running a version that’s susceptible to a serious attack, however, the stakes may be high. Because many of the vulnerabilities reside in the networking stack known as IPnet, they can often be exploited by little more than boobytrapped packets sent from the Internet.

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks
A cadre of 11 vulnerabilities, six of them critical remote code-execution (RCE) bugs, have been uncovered that affect millions of critical infrastructure systems, such as SCADA gear at utilities, elevator and industrial controllers, patient monitors and MRI machines, programmable logic controllers (PLCs), robotic arms and more – as well as firewalls, routers, satellite modems, VoIP phones and printers.

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks

‘Urgent/11’ flaws affect 200 million devices – from routers to elevators
According to Armis Labs, attackers could exploit them to take control of affected devices via the TCP/IP stack without user interaction. Firewalls wouldn’t be able to detect or stop such attacks and any using affected software would be at direct risk themselves.
‘Urgent/11’ flaws affect 200 million devices – from routers to elevators

U.S. Issues Hacking Security Alert for Small Planes
Most airports have security in place to restrict unauthorized access and there is no evidence that anyone has exploited the vulnerability. But a DHS official told The Associated Press that the agency independently confirmed the security flaw with outside partners and a national research laboratory, and decided it was necessary to issue the warning.

Cyberattacks on connected cars could gridlock entire cities
Thanks a whole bunch, Internet of Things (IoT): you’ve already brought us autonomous vehicles and other connected cars that can be turned into steel/glass/combustible whirling dervishes, as in, Jeep Cherokees that can be paralyzed by remote attackers 10 miles away and whose steering wheels could be spun 90 degrees while the car was zooming down the highway at 60 mph.
Cyberattacks on connected cars could gridlock entire cities

A newly discovered hacking group is targeting energy and telecoms companies
Industrial security company Dragos, which discovered the group, calls it “Hexane,” but remains largely tight-lipped on its activities. The security company said Thursday, however, that the group’s activity has ramped up in recent months amid heightened tensions in the region since the group first emerged a year ago.

A newly discovered hacking group is targeting energy and telecoms companies

Learn to Safeguard Critical Industrial Targets at Black Hat USA
Some of the most grievous cybersecurity breaches happen at industrial facilities responsible for providing critical services like power, so it pays to stay on top of what’s happening in the field of industrial security. Black Hat USA offers an entire track of Smart Grid and Industrial Security Briefings that will help you do just that.

US Utilities Hit with Phishing Attack
A new phishing attack is hitting US utilities with threats that their engineers could be in danger of losing their professional licenses. But in reality, the only danger comes from panicked employees clicking on the embedded Word document and infecting their computers with a remote access Trojan (RAT) and command-and-control proxy.

New “LookBack” Malware Used in Attacks Against U.S. Utilities Sector
Sent on July 19  and July 25, the phishing emails had Word documents attatched that contained malicious macros designed to deploy and execute LookBack, a new RAT that uses a proxy mechanism for command and control (C&C) communication.

‘Machete’ Cyberspies Target Military in Venezuela, Ecuador
The threat actor behind the cyberespionage campaign dubbed Machete continues to be active and some of its most recent attacks targeted the military in Venezuela and Ecuador, ESET reported on Monday

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger
Researchers have uncovered vulnerabilities in a popular smart deadbolt could allow attackers to remotely unlock doors and break into homes. Making matters worse, the smart door lock manufacturer has not yet acknowledged nor fixed the flaws.

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger

Cisco to pay $8.6 million fine for selling hackable surveillance technology
The tech giant continued to sell the software and didn’t fix the massive security weakness for about four years after a whistleblower alerted the company about it in 2008, according to a settlement unsealed Wednesday with the Justice Department and 15 states as well as the District of Columbia

7-29-19 – News These Past Two Weeks

Georgia State Patrol hit with ransomware attack
A week ago Lawrenceville Police department was targeted by hackers in a cyber attack. As a result of ransomware found on the precinct’s system, police were unable to utilize email and other digital forms of communications, as well as access digital reports.

Ransomware Causes Disruptions at Johannesburg Power Company
The electricity provider and local authorities informed residents on Twitter that a “ransomware virus” encrypted all its databases and applications, and impacted most of its network

South Africans shivering in the dark after file-scrambling nasty hits Johannesburg power biz
That infection basically prevents pre-paid customers from refilling their accounts, and therefore leaves them without electricity if their account balance falls too low

How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure
For manufacturers, improving security often means building better defenses against malware, botnets and other external threats. What may be further from their minds, however, are the threats that come from within the organization

Boost Infrastructure Immunity Against the Ransomware Epidemic
Despite the recent incidents at the City of Baltimore, aluminum giant Norsk Hydro, and ASCO Industries, ransomware attacks have declined in both 2018 and 2019. Researchers report that only four percent of organizations worldwide experienced ransomware infection in 2018 — that’s a 44 percent drop compared to 2017

7-15-19 – News This Past Week

Cybersecurity should not be an afterthought within industrial environments
The basics of cyber security are still not being practized regularly and new cyber security risks are emerging as more and more untested technologies are integrated within the critical infrastructures upon which society depends, according to Applied Risk

Cybersecurity should not be an afterthought within industrial environments

U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels
The U.S. Coast Guard on Monday issued a safety alert advising commercial vessel owners and operators to ensure that effective cybersecurity measures are in place to protect the network and important control systems on their ships

GE Says Anesthesia Machine Vulnerability Poses No Risk to Patients
Researchers have discovered a vulnerability that can be used to hack some of GE Healthcare’s hospital anesthesia devices, but the vendor says it does not pose a direct risk to patients

Coast Guard Warns Shipping Firms of Maritime Cyberattacks
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.

Several Siemens Devices Affected by Intel MDS Vulnerabilities
Siemens informed customers on Tuesday that several of its products are affected by the Microarchitectural Data Sampling (MDS) vulnerabilities impacting a majority of the Intel processors made in the last decade

Anaesthetic devices ‘vulnerable to hackers’
A type of anaesthetic machine that has been used in NHS hospitals can be hacked and controlled from afar if left accessible on a hospital computer network, a cyber-security company says.

‘World’s first Bluetooth hair straighteners’ can be easily hacked
Glamoriser, a U.K. firm that bills itself as the maker of the “world’s first Bluetooth hair straighteners,” allows users to link the device to an app, which lets the owner set certain heat and style settings. The app can also be used to remotely switch off the straighteners within Bluetooth range.

‘World’s first Bluetooth hair straighteners’ can be easily hacked

Hacked Hair Straighteners Can Threaten Homes
Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners

Hacked Hair Straighteners Can Threaten Homes

7-8-19 – News This Past Week

US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks
The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result

Cyberwarfare in space: Satellites at risk of hacker attacks
Old IT systems, supply-chain vulnerabilities and other technological issues leave military satellite communications open to disruption and tampering with potentially chaotic consequences, says research paper

Intel and Auto Industry Leaders Publish New Automated Driving Safety Framework
Intel, in collaboration with 10 industry leaders in automotive and autonomous driving technology, today published “Safety First for Automated Driving,” a framework for the design, development, verification and validation of safe automated passenger vehicles

Intel and Auto Industry Leaders Publish New Automated Driving Safety Framework

Autonomous vehicles fooled by drones that project too-quick-for-humans road-signs
Such an attack would leave no physical evidence behind and could be used to trick cars into making maneuvers that compromised the safety or integrity of their passengers and other users of the road — from unexpected swerves to sudden speed-changes to detours into unsafe territory

Autonomous vehicles fooled by drones that project too-quick-for-humans road-signs

YouTube’s Policy on Hacking Tutorials is Problematic
Recently YouTube changed its policy on “hacking” tutorials to an essential blanket ban. In the past, such content was occasionally removed under YouTube’s broad “Harmful and Dangerous Content” clause, which prohibited videos “encouraging illegal activity”.

YouTube’s Policy on Hacking Tutorials is Problematic

Many Phoenix Contact PLCs Still Vulnerable Months After Researcher Issues Warning
Several months after a researcher issued a warning about over 1,200 Phoenix Contact programmable logic controllers (PLCs) being exposed to remote attacks from the internet, many organizations still haven’t taken any measures to secure their systems

Cybersecurity Experts Worry About Satellite & Space Systems
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines

Cybersecurity Experts Worry About Satellite & Space Systems
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines

Intel and the auto industry pen first safety rules for self-driving cars
Aptiv, Audi, Baidu, BMW, Continental, Daimler, Fiat Chrysler Automobiles, Here Technologies, Infineon and Volkswagen were all involved in crafting the paper, which established 12 principles for autonomous vehicles

Building a Higher Standard: NVIDIA Selected to Lead Industry Safety Group
These organizations, which count major automakers, suppliers and startups as members, are critical in developing regulations and standards for autonomous vehicles

Senate passes cybersecurity bill to decrease grid digitization, move toward manual control
A 2015 cyberattack in Ukraine that led to a blackout for 250,000 people “inspired in part” the legislation, according to King’s statement. Manual controls on Ukraine’s system prevented the attack from having a larger impact.

Hardcoded Credentials Expose SICK Controllers to Remote Attacks
The affected controllers, which according to the U.S. Department of Homeland Security (DHS) are used worldwide, particularly in the critical manufacturing sector, are affected by a critical vulnerability tracked as CVE-2019-10979

7-1-19 – News This Past Week

Mission Possible: ICS Attacks On Buildings Are a Reality
In the 1996 thriller, Mission Impossible I, Ethan Hunt hacks the HVAC system of a building to breach its security controls and carry out his mission. Well, the future has arrived

What is Critical Infrastructure and How Should We Protect It?
We hear a lot these days about critical infrastructure, and the importance of protecting it. But what exactly is “critical infrastructure,” what are the greatest threats to it, and what are the best ways to protect it from those threats?

NIST Issues IoT Risk Guidelines
A new report offers the first step toward understanding and managing IoT cybersecurity risks

Interoperability and security remain critical factors in any smart city deployment
Over half of respondents expect to see widespread smart city deployments in 10 or more years, while a third predict 5-10 years. Just 15 per cent expect it in less than 5 years

Interoperability and security remain critical factors in any smart city deployment

Medtronic recalls vulnerable MiniMed insulin pumps
The potential risks are related to the wireless communication between Medtronic’s MiniMed insulin pumps and other devices such as blood glucose meters, continuous glucose monitoring systems, the remote controller and CareLink USB device used with these pumps

Medtronic recalls vulnerable MiniMed insulin pumps

Scumbags can program vulnerable MedTronic insulin pumps over the air to murder diabetics – insecure kit recalled
Health implant maker MedTronic is recalling some of its insulin pumps following the discovery of security vulnerabilities in the equipment that can be exploited over the air to hijack them

Industry Reactions to Nation-State Hacking of Global Telcos
The immediate purpose was to steal mobile phone call data records (CDR), and Cybereason believes the primary targets may be foreign intelligence agents, politicians, opposition candidates in an election, or even law enforcement officers. The long-term potential would be to destroy the telcos’ networks in an attack against critical infrastructure

6-24-19 – News This Past Week

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks
This was the first documented digital attack known to have compromised electrical grid operations in the United States due to a moderately basic hack and showed us how the potential for far more significant disruption is a legitimate concern to industry professionals and consumers alike.

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

For the industrial Internet of Things, defense in depth is a requirement
What the “4.0” revision adds compared to Industries 1.0 through 3.0 is a complex set of linkages between information and operational technologies. (IT stores, transmits, and manipulates data, while “OT” detects and causes changes in physical processes, such as devices for manufacturing or climate control.)

Hospitals are being suffocated by robocalls
But it’s reaching a feverish pitch at the organizations for which it’s far more than an annoyance – rather, as hospital cybersecurity chiefs tell it, it’s a question of life and death. Spearphishers are placing spam calls to patients – using numbers spoofed to look like they’re coming from legitimate healthcare organizations and pretending to be hospital representatives
Hospitals are being suffocated by robocalls

Robocalls are overwhelming hospitals and patients, threatening a new kind of health crisis
But doctors, administrators and other hospital staff struggled to contain a much different kind of epidemic one April morning last year: a wave of thousands of robocalls that spread like a virus from one phone line to the next, disrupting communications for hours.

Power Outage Hits Millions in South America
The outage, which began in the interconnection system at the Yacyreta Dam, had a significant cybersecurity impact on one-third of the “CIA triad” — confidentiality, integrity, and availability of data

Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however

Tiny TPM Promises to Secure IoT Devices
The Trusted Computing Group, founded by companies such as AMD, HP, IBM, Intel and Microsoft in 2003 to protect cryptographic keys on computers against tampering, recently announced its work to develop the specification for the “world’s tiniest Trusted Platform Module

Smart TV Malware Is Another Thing We Have To Worry About, According To Samsung
As if worrying about our phones and computers being infected with malware wasn’t bad enough, it seems that Samsung might have caused a bit of undue panic and stress with a recent warning/reminder that the company issued

Bugs in a popular hospital pump may let attackers alter drug dosages
Healthcare security firm CyberMDX has discovered two bugs affecting a popular infusion pump, allowing hijackers to remotely access and control it. Homeland Security has disclosed the vulnerabilities in the Alaris Gateway Workstation, a hospital pump that delivers fluids into a patient’s body in a controlled manner

6-17-19 – News This Past Week

Hackproofing smart meters and boosting smart grid security
Smart electricity meters are useful because they allow energy utilities to efficiently track energy use and allocate energy production. But because they’re connected to a grid, they can also serve as back doors for malicious hackers

Hackproofing smart meters and boosting smart grid security

Critical Vulnerability Exposes Oil Tank Monitoring Devices to Attacks
A critical vulnerability has been found in oil tank monitoring devices from Tecson/GOK, but the vendor has released a patch and points out that there are less than 1,000 devices that could be affected.

Organizations Investing More in ICS Cyber Security: SANS Study
Organizations have been investing more in the cybersecurity of industrial control systems (ICS) and operational technology (OT), and the results are showing, but many still perceive the risk as severe or high, according to the SANS 2019 State of OT/ICS Cybersecurity Report published on Wednesday

IoT Cybersecurity Improvement Act: An Important Step Forward
At Tenable, we look forward to working with our partners on Capitol Hill to move the IoT Cybersecurity Improvement Act forward and strengthen the security of federal networks

Tool Links Internet-Exposed ICS to Google Street View
An open source tool named Kamerka allows users to generate a map of Internet-exposed industrial control systems (ICS) in a specified country and link results to Google Street View.

Over the past several months, security analysts at the Electric Information Sharing and Analysis Center (E-ISAC) and the critical-infrastructure security firm Dragos have been tracking a group of sophisticated hackers carrying out broad scans of dozens of US power grid targets, apparently looking for entry points into their networks

Hackers behind dangerous oil and gas intrusions are probing US power grids
The most alarming thing about this attack was its use of never-before-seen malware that targeted the facility’s safety processes. Such safety instrumented systems are a combination of hardware and software that many critical infrastructure sites use to prevent unsafe conditions from arising