9-9-19 – News This Past Week

Report reveals play-by-play of first U.S. grid cyberattack
A first-of-its-kind cyberattack on the U.S. grid created blind spots at a grid control center and several small power generation sites in the western United States, according to a document posted yesterday from the North American Electric Reliability Corp.

Critical Bugs Open Food-Safety Systems to Remote Attacks
The issues affect the AK-EM 800 product from SCADA vendor Danfoss. It’s an enterprise management solution for the food retail industry that provides a central architecture for alarm management, automatic data collection and food-quality reporting.

Code Execution Flaws Found in EZAutomation PLC, HMI Software
Researchers discovered that two pieces of software made by U.S.-based industrial automation solutions provider EZAutomation are affected by potentially serious vulnerabilities that can be exploited for remote code execution.

Critical vulnerabilities uncovered in Danfoss SCADA product, patch now!
Researchers found two critical vulnerabilities. One is effectively a backdoor into highly privileged functionality to manage the software. Although this backdoor was likely created to help the vendor’s support team log into systems to assist their clients, the password can be easily determined by attackers.

9-3-19 – News This Past Week

How to reduce the attack surface associated with medical devices
Most medical devices available in the healthcare system today were not built with security in mind and it will take years until they are replaced (if they are at all) with next-generation devices

Securing Our Infrastructure: 3 Steps OEMs Must Take in the IoT Age
Security has lagged behind adoption of the Internet of Things. The devices hold much promise, but only if a comprehensive security model is constructed

Researchers Analyze Tools Used by ‘Hexane’ Attackers Against Industrial Firms
Security researchers from Secureworks have analyzed several tools used by the Hexane threat actor in attack campaigns against industrial organizations over the past several months.

Senators Question NHTSA on Risks of Connected Vehicles
Two United States senators have sent a letter to the National Highway Traffic Safety Administration (NHTSA) to inquire about cyber-risks associated with connected vehicles

Sex robots with ‘coding errors’ could STRANGLE you in the act
The world is getting pretty kinky, but I think this new story really tops them all – killer robots that will strangle their partners, is something that is being warned if robotics are not regulated properly.

8-26-19 – News This Past Weeek

Adwind Spyware-as-a-Service Attacks Utility Grid Operators
Critical infrastructure facilities are high-risk targets, and the fact that Adwind is available as a paid service is very concerning

Adwind Spyware-as-a-Service Attacks Utility Grid Operators

New Tool From Cisco Hunts Flaws in Automotive Computers
Access to the vehicle computer, Cisco notes, is possible via Wi-Fi, Bluetooth, or cellular communication protocols, but the backbone of a vehicle’s network is a Controller Area Network

Top 5 IoT networking security mistakes
IT supplier Brother International shares five of the most common internet-of-things security errors it sees among buyers of its printers and multi-function devices

Securing IoT involves developers, manufacturers and end users alike
Who’s to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating legislation enforcing security measures?

8-19-19 – News This Past Week

ICS security threats rising, targeting oil and gas facilities
In its latest report on industrial control system threats, Dragos said it believes the first major ‘destructive’ ICS attack will likely occur at an oil and gas facility.

Delta ICS Flaw Allows Total Industrial Takeover
The Delta enteliBUS Manager centralizes control for various pieces of hardware often found in corporate or industrial settings. Taking it over could have plenty of repercussions, such as enabling remote manipulation of access control systems, boiler rooms, alarms and sensors in a factory, temperature control for critical systems or lighting in a business

DEF CON 2019: Delta ICS Flaw Allows Total Industrial Takeover

Democratic presidential nominees are ignoring the issue of our cybersecurity infrastructure
When we think about existential threats, government has to understand that electricity doesn’t reside in its own silo and that if something happens to (companies like) us, it would have a potentially cataclysmic impact on finance as well

Democratic presidential nominees are ignoring the issue of our cybersecurity infrastructure

Biohackers chase Johnny Mnemonic with ‘Pegleg’ implanted hard drive
The Four Thieves Vinegar biohacking collective has not figured out how to precisely mimic the memory data transfer scenario Gibson conjured, but it has built a device to enable people to store and transfer data wirelessly in their bodies

Biohackers chase Johnny Mnemonic with ‘Pegleg’ implanted hard drive

Hackers can use phone/device sound to damage human hearing
According to researcher lead Matt Wixey, for the PwC UK Cyber Security practice, a doctoral student discovered an exploit in speaker and volume controls through a range of different devices

Siemens SCALANCE X Switches Vulnerable to DoS Attacks
Siemens on Tuesday released several new advisories describing vulnerabilities in the company’s products, including an unpatched denial-of-service (DoS) flaw affecting SCALANCE X industrial switches

Smart ovens have been turning on overnight and preheating to 400 degrees
At least three smart June Ovens have turned on in the middle of the night and heated up to 400 degrees Fahrenheit or higher. The ovens’ owners aren’t sure why this happened, and June tells The Verge that user error is at fault.

A Major Cyber Attack Could Be Just as Deadly as Nuclear Weapons, Says Scientist
People around the world may be worried about nuclear tensions rising, but I think they’re missing the fact that a major cyberattack could be just as damaging – and hackers are already laying the groundwork.

Hackers just found serious vulnerabilities in F-15 fighter jet
They even found bugs that the Air Force had tried but failed to fix after the same group of hackers performed similar tests in November without actually touching the device.

8-12-19 – News This Past Week

Connected Cars Could be a Threat to National Security, Group Claims
The cyber threat to connected cars (cars with a connection to the internet) is known and accepted. Now Los Angeles-based Consumer Watchdog (CW) has elevated that threat to one of national security in a new report titled, “Kill Switch: Why Connected Cars Can be Killing Machines and How to Turn Them Off.”

Industrial Giants Respond to ‘Urgent/11’ Vulnerabilities
In late July, IoT security firm Armis disclosed eleven vulnerabilities found by its researchers in the VxWorks real time operating system (RTOS). The flaws, six of which have been described as critical, can allow a remote attacker to take control of impacted systems

A Boeing Code Leak Exposes Security Flaws Deep in a 787’s Guts
Late one night last September, security researcher Ruben Santamarta sat in his home office in Madrid and partook in some creative googling, searching for technical documents related to his years-long obsession: the cybersecurity of airplanes

Siemens S7 PLCs Share Same Crypto Key Pair, Researchers Find
Wool, Eli Biham and Sara Bitan of Technion, and Uriel Malin of Tel Aviv University reverse-engineered the S7’s cryptographic protocol and were able to attack the S7-1500 PLC with a fake engineering workstation posing as a Siemens TIA (Totally Automated Integration Portation) system that forced the S7 to power on and off and follow other commands, as well as download rogue code

Hackers Can Use Rogue Engineering Stations to Target Siemens PLCs
Malicious actors could use rogue engineering workstations to take control of Siemens programmable logic controllers (PLCs), and they can hide the attack from the engineer monitoring the system, researchers from two universities in Israel have demonstrated

Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc
Critical vulnerabilities in the Siemens S7 Simatic programmable logic controller (PLC) have been discovered by cybersecurity researchers at Tel Aviv University and the Technion Institute of Technology

8-5-19 – News This Past Week

200 million devices—some mission-critical—vulnerable to remote takeover
For the 200 million devices Armis estimated are running a version that’s susceptible to a serious attack, however, the stakes may be high. Because many of the vulnerabilities reside in the networking stack known as IPnet, they can often be exploited by little more than boobytrapped packets sent from the Internet.

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks
A cadre of 11 vulnerabilities, six of them critical remote code-execution (RCE) bugs, have been uncovered that affect millions of critical infrastructure systems, such as SCADA gear at utilities, elevator and industrial controllers, patient monitors and MRI machines, programmable logic controllers (PLCs), robotic arms and more – as well as firewalls, routers, satellite modems, VoIP phones and printers.

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks

‘Urgent/11’ flaws affect 200 million devices – from routers to elevators
According to Armis Labs, attackers could exploit them to take control of affected devices via the TCP/IP stack without user interaction. Firewalls wouldn’t be able to detect or stop such attacks and any using affected software would be at direct risk themselves.
‘Urgent/11’ flaws affect 200 million devices – from routers to elevators

U.S. Issues Hacking Security Alert for Small Planes
Most airports have security in place to restrict unauthorized access and there is no evidence that anyone has exploited the vulnerability. But a DHS official told The Associated Press that the agency independently confirmed the security flaw with outside partners and a national research laboratory, and decided it was necessary to issue the warning.

Cyberattacks on connected cars could gridlock entire cities
Thanks a whole bunch, Internet of Things (IoT): you’ve already brought us autonomous vehicles and other connected cars that can be turned into steel/glass/combustible whirling dervishes, as in, Jeep Cherokees that can be paralyzed by remote attackers 10 miles away and whose steering wheels could be spun 90 degrees while the car was zooming down the highway at 60 mph.
Cyberattacks on connected cars could gridlock entire cities

A newly discovered hacking group is targeting energy and telecoms companies
Industrial security company Dragos, which discovered the group, calls it “Hexane,” but remains largely tight-lipped on its activities. The security company said Thursday, however, that the group’s activity has ramped up in recent months amid heightened tensions in the region since the group first emerged a year ago.

A newly discovered hacking group is targeting energy and telecoms companies

Learn to Safeguard Critical Industrial Targets at Black Hat USA
Some of the most grievous cybersecurity breaches happen at industrial facilities responsible for providing critical services like power, so it pays to stay on top of what’s happening in the field of industrial security. Black Hat USA offers an entire track of Smart Grid and Industrial Security Briefings that will help you do just that.

US Utilities Hit with Phishing Attack
A new phishing attack is hitting US utilities with threats that their engineers could be in danger of losing their professional licenses. But in reality, the only danger comes from panicked employees clicking on the embedded Word document and infecting their computers with a remote access Trojan (RAT) and command-and-control proxy.

New “LookBack” Malware Used in Attacks Against U.S. Utilities Sector
Sent on July 19  and July 25, the phishing emails had Word documents attatched that contained malicious macros designed to deploy and execute LookBack, a new RAT that uses a proxy mechanism for command and control (C&C) communication.

‘Machete’ Cyberspies Target Military in Venezuela, Ecuador
The threat actor behind the cyberespionage campaign dubbed Machete continues to be active and some of its most recent attacks targeted the military in Venezuela and Ecuador, ESET reported on Monday

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger
Researchers have uncovered vulnerabilities in a popular smart deadbolt could allow attackers to remotely unlock doors and break into homes. Making matters worse, the smart door lock manufacturer has not yet acknowledged nor fixed the flaws.

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger

Cisco to pay $8.6 million fine for selling hackable surveillance technology
The tech giant continued to sell the software and didn’t fix the massive security weakness for about four years after a whistleblower alerted the company about it in 2008, according to a settlement unsealed Wednesday with the Justice Department and 15 states as well as the District of Columbia

7-29-19 – News These Past Two Weeks

Georgia State Patrol hit with ransomware attack
A week ago Lawrenceville Police department was targeted by hackers in a cyber attack. As a result of ransomware found on the precinct’s system, police were unable to utilize email and other digital forms of communications, as well as access digital reports.

Ransomware Causes Disruptions at Johannesburg Power Company
The electricity provider and local authorities informed residents on Twitter that a “ransomware virus” encrypted all its databases and applications, and impacted most of its network

South Africans shivering in the dark after file-scrambling nasty hits Johannesburg power biz
That infection basically prevents pre-paid customers from refilling their accounts, and therefore leaves them without electricity if their account balance falls too low

How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure
For manufacturers, improving security often means building better defenses against malware, botnets and other external threats. What may be further from their minds, however, are the threats that come from within the organization

Boost Infrastructure Immunity Against the Ransomware Epidemic
Despite the recent incidents at the City of Baltimore, aluminum giant Norsk Hydro, and ASCO Industries, ransomware attacks have declined in both 2018 and 2019. Researchers report that only four percent of organizations worldwide experienced ransomware infection in 2018 — that’s a 44 percent drop compared to 2017

7-15-19 – News This Past Week

Cybersecurity should not be an afterthought within industrial environments
The basics of cyber security are still not being practized regularly and new cyber security risks are emerging as more and more untested technologies are integrated within the critical infrastructures upon which society depends, according to Applied Risk

Cybersecurity should not be an afterthought within industrial environments

U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels
The U.S. Coast Guard on Monday issued a safety alert advising commercial vessel owners and operators to ensure that effective cybersecurity measures are in place to protect the network and important control systems on their ships

GE Says Anesthesia Machine Vulnerability Poses No Risk to Patients
Researchers have discovered a vulnerability that can be used to hack some of GE Healthcare’s hospital anesthesia devices, but the vendor says it does not pose a direct risk to patients

Coast Guard Warns Shipping Firms of Maritime Cyberattacks
A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.

Several Siemens Devices Affected by Intel MDS Vulnerabilities
Siemens informed customers on Tuesday that several of its products are affected by the Microarchitectural Data Sampling (MDS) vulnerabilities impacting a majority of the Intel processors made in the last decade

Anaesthetic devices ‘vulnerable to hackers’
A type of anaesthetic machine that has been used in NHS hospitals can be hacked and controlled from afar if left accessible on a hospital computer network, a cyber-security company says.

‘World’s first Bluetooth hair straighteners’ can be easily hacked
Glamoriser, a U.K. firm that bills itself as the maker of the “world’s first Bluetooth hair straighteners,” allows users to link the device to an app, which lets the owner set certain heat and style settings. The app can also be used to remotely switch off the straighteners within Bluetooth range.

‘World’s first Bluetooth hair straighteners’ can be easily hacked

Hacked Hair Straighteners Can Threaten Homes
Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners

Hacked Hair Straighteners Can Threaten Homes

7-8-19 – News This Past Week

US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks
The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result

Cyberwarfare in space: Satellites at risk of hacker attacks
Old IT systems, supply-chain vulnerabilities and other technological issues leave military satellite communications open to disruption and tampering with potentially chaotic consequences, says research paper

Intel and Auto Industry Leaders Publish New Automated Driving Safety Framework
Intel, in collaboration with 10 industry leaders in automotive and autonomous driving technology, today published “Safety First for Automated Driving,” a framework for the design, development, verification and validation of safe automated passenger vehicles

Intel and Auto Industry Leaders Publish New Automated Driving Safety Framework

Autonomous vehicles fooled by drones that project too-quick-for-humans road-signs
Such an attack would leave no physical evidence behind and could be used to trick cars into making maneuvers that compromised the safety or integrity of their passengers and other users of the road — from unexpected swerves to sudden speed-changes to detours into unsafe territory

Autonomous vehicles fooled by drones that project too-quick-for-humans road-signs

YouTube’s Policy on Hacking Tutorials is Problematic
Recently YouTube changed its policy on “hacking” tutorials to an essential blanket ban. In the past, such content was occasionally removed under YouTube’s broad “Harmful and Dangerous Content” clause, which prohibited videos “encouraging illegal activity”.

YouTube’s Policy on Hacking Tutorials is Problematic

Many Phoenix Contact PLCs Still Vulnerable Months After Researcher Issues Warning
Several months after a researcher issued a warning about over 1,200 Phoenix Contact programmable logic controllers (PLCs) being exposed to remote attacks from the internet, many organizations still haven’t taken any measures to secure their systems

Cybersecurity Experts Worry About Satellite & Space Systems
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines

Cybersecurity Experts Worry About Satellite & Space Systems
As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines

Intel and the auto industry pen first safety rules for self-driving cars
Aptiv, Audi, Baidu, BMW, Continental, Daimler, Fiat Chrysler Automobiles, Here Technologies, Infineon and Volkswagen were all involved in crafting the paper, which established 12 principles for autonomous vehicles

Building a Higher Standard: NVIDIA Selected to Lead Industry Safety Group
These organizations, which count major automakers, suppliers and startups as members, are critical in developing regulations and standards for autonomous vehicles

Senate passes cybersecurity bill to decrease grid digitization, move toward manual control
A 2015 cyberattack in Ukraine that led to a blackout for 250,000 people “inspired in part” the legislation, according to King’s statement. Manual controls on Ukraine’s system prevented the attack from having a larger impact.

Hardcoded Credentials Expose SICK Controllers to Remote Attacks
The affected controllers, which according to the U.S. Department of Homeland Security (DHS) are used worldwide, particularly in the critical manufacturing sector, are affected by a critical vulnerability tracked as CVE-2019-10979

7-1-19 – News This Past Week

Mission Possible: ICS Attacks On Buildings Are a Reality
In the 1996 thriller, Mission Impossible I, Ethan Hunt hacks the HVAC system of a building to breach its security controls and carry out his mission. Well, the future has arrived

What is Critical Infrastructure and How Should We Protect It?
We hear a lot these days about critical infrastructure, and the importance of protecting it. But what exactly is “critical infrastructure,” what are the greatest threats to it, and what are the best ways to protect it from those threats?

NIST Issues IoT Risk Guidelines
A new report offers the first step toward understanding and managing IoT cybersecurity risks

Interoperability and security remain critical factors in any smart city deployment
Over half of respondents expect to see widespread smart city deployments in 10 or more years, while a third predict 5-10 years. Just 15 per cent expect it in less than 5 years

Interoperability and security remain critical factors in any smart city deployment

Medtronic recalls vulnerable MiniMed insulin pumps
The potential risks are related to the wireless communication between Medtronic’s MiniMed insulin pumps and other devices such as blood glucose meters, continuous glucose monitoring systems, the remote controller and CareLink USB device used with these pumps

Medtronic recalls vulnerable MiniMed insulin pumps

Scumbags can program vulnerable MedTronic insulin pumps over the air to murder diabetics – insecure kit recalled
Health implant maker MedTronic is recalling some of its insulin pumps following the discovery of security vulnerabilities in the equipment that can be exploited over the air to hijack them

Industry Reactions to Nation-State Hacking of Global Telcos
The immediate purpose was to steal mobile phone call data records (CDR), and Cybereason believes the primary targets may be foreign intelligence agents, politicians, opposition candidates in an election, or even law enforcement officers. The long-term potential would be to destroy the telcos’ networks in an attack against critical infrastructure