12-10-18 – News This Past Week

Vulnerability Exposes Rockwell Controllers to DoS Attacks
Some of Rockwell Automation’s MicroLogix controllers and ControlLogix communications modules are affected by a potentially serious vulnerability that can be exploited for denial-of-service (DoS) attacks
https://www.securityweek.com/vulnerability-exposes-rockwell-controllers-dos-attacks

Siemens Wants to Release Security Advisories on Patch Tuesday
The company carried out a pilot test last month, when it published a total of 16 advisories – including new advisories and updates to previously posted announcements – on November 13
https://www.securityweek.com/siemens-wants-release-security-advisories-patch-tuesday

DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) this week issued an alert on activity related to SamSam, one of the most prevalent ransomware families at the moment
https://www.securityweek.com/dhs-says-samsam-ransomware-targeting-critical-infrastructure-entities

Major flaws uncovered in leading IoT protocols
Trend Micro warned organizations to revisit their operational technology (OT) security after finding major design flaws and vulnerable implementations related to two popular machine-to-machine (M2M) protocols, Message Queuing Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP).
https://www.helpnetsecurity.com/2018/12/05/flaws-iot-protocols/

M2M Protocols Expose Industrial Systems to Attacks
Some machine-to-machine (M2M) protocols can be abused by malicious actors in attacks aimed at Internet of Things (IoT) and industrial Internet of Things (IIoT) systems, according to research conducted by Trend Micro and the Polytechnic University of Milan
https://www.securityweek.com/m2m-protocols-expose-industrial-systems-attacks

Symantec Unveils USB Scanning Station for ICS, IoT Environments
Symantec on Wednesday unveiled a new product designed to protect critical infrastructure organizations, including industrial and Internet of Things (IoT) environments, against USB-borne threats
https://www.securityweek.com/symantec-unveils-usb-scanning-station-ics-iot-environments

Flaws in Siglent Oscilloscope Allow Hackers to Tamper With Measurements
Researchers discovered that an oscilloscope from Siglent Technologies is affected by several potentially serious vulnerabilities that could allow hackers to tamper with measurements
https://www.securityweek.com/flaws-siglent-oscilloscope-allow-hackers-tamper-measurements

12-03-18 – News This Past Week

IIoT technologies integration creates expansion opportunities in the industrial cybersecurity industry
High penetration of Industrial Internet of Things (IIoT) technology in critical infrastructure and the manufacturing sector has resulted in a growing number of potential cyber-attack surfaces
https://www.helpnetsecurity.com/2018/12/03/iiot-technologies-integration/

Best practice methodology for industrial network security: SEC-OT
Secure Operations Technology (SEC-OT) is a methodology and collection of best practices inspired by a decade of experience working with secure industrial sites. The SEC-OT approach is counter-intuitive to many IT and even industrial control system (ICS) security practitioners. It turns out that secure industrial sites ask different questions and get different answers
https://www.helpnetsecurity.com/2018/12/03/sec-ot/

Vulnerability discovered in safety controller configuration software
The software is used to configure safety controllers, providing the user with the ability to modify elements such as IP addresses, download and upload project files and run other setup functions
https://www.helpnetsecurity.com/2018/12/03/pilz-pnozmulti-configurator/

SCADAfence partners with Demisto to extend automated incident response to OT networks
SCADAfence is partnering with Demisto to enable industrial organizations to respond to the threats that spread from IT to OT networks. With the integration of SCADAfence’s Continuous Network Monitoring (CNM) solution with Demisto’s Enterprise platform, security managers can assess their exposure to cyberattacks that move laterally from IT to OT.
https://www.helpnetsecurity.com/2018/11/29/scadafence-demisto-partnership/

FDA to overhaul more than 40-year-old process for approving medical devices that some say puts consumers at risk
Since 1976, manufacturers have been able to pursue an expedited approval process if they could prove new products were substantially equivalent to those that were grandfathered in when Congress established the pathway, known as 510(k).
https://www.cnbc.com/2018/11/26/fda-to-overhaul-510k-medical-device-approval-process.html

8 Tips for Preventing Credential Theft Attacks on Critical Infrastructure
It’s no secret that hacked critical infrastructure can have a detrimental safety impact, shut businesses down, and cost millions of dollars in lost revenue and brand damage. Unfortunately, attacks on critical infrastructure are showing no signs of abating.
https://www.darkreading.com/endpoint/8-tips-for-preventing-credential-theft-attacks-on-critical-infrastructure-/a/d-id/1333312

Siemens Warns of Linux, GNU Flaws in Controller Platform
Siemens informed customers on Tuesday that some of the Linux and GNU components of a multifunctional platform for its SIMATIC S7-1500 industrial automation controllers are affected by over 20 vulnerabilities
https://www.securityweek.com/siemens-warns-linux-gnu-flaws-controller-platform

The current state of cybersecurity in the connected hospital
Abbott and The Chertoff Group released a white paper that shares key findings from a recent study of 300 physicians and 100 hospital administrators on cybersecurity challenges in the hospital environment
https://www.helpnetsecurity.com/2018/11/27/connected-hospital/

Ransomware Attack Forced Ohio Hospital System to Divert ER Patients
Malware infection fallout sent ambulances away from East Ohio Regional Hospital and Ohio Valley Medical Center over the Thanksgiving weekend.
https://www.darkreading.com/vulnerabilities—threats/ransomware-attack-forced-ohio-hospital-system-to-divert-er-patients-/d/d-id/1333333

Tenable Research Advisory: Multiple ICS Vulnerabilities in Schneider Modicon Quantum PLC
Tenable Research discovered multiple vulnerabilities in Schneider’s Modicon Quantum programmable logic controller. Schneider has recommended mitigations for impacted end users
https://www.tenable.com/blog/tenable-research-advisory-multiple-ics-vulnerabilities-in-schneider-modicon-quantum-plc

11-26-18 – News These Past Two Weeks

New IoT Security Regulations
Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ — from toys to light bulbs to major appliances­ — to the Internet at breakneck speeds. This is the Internet of Things, and it’s a security nightmare
https://www.schneier.com/blog/archives/2018/11/new_iot_securit.html

Siemens Patches Firewall Flaw That Put Operations at Risk
Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to industrial networks and ultimately put operations and production at risk
https://threatpost.com/siemens-patches-firewall-flaw-that-put-operations-at-risk/139082/

DARPA uses a remote island to stage a cyberattack on the US power grid
There was the sound of breakers tripping in all seven of the grid’s low-voltage substation, and then, the station was plunged into darkness. It was the worst possible scenario: swaths of the country’s grid had already been offline for a month, exhausting battery backups at power plants and substations alike.
https://nakedsecurity.sophos.com/2018/11/15/darpa-uses-a-remote-island-to-stage-a-cyberattack-on-the-us-power-grid/

Security warning: UK critical infrastructure still at risk from devastating cyber attack
An ongoing failure to act with “meaningful sense of purpose or urgency” in the face of threats posed by cyber criminals and hackers puts critical national infrastructure at unnecessary risk from cyber attacks, a UK Parliamentary committee has warned.
https://www.zdnet.com/article/uk-critical-national-infrastructure-at-risk-from-devastating-cyber-attacks-says-government-report/

Texas hospital becomes victim of Dharma ransomware
In a statement on its website, the Texas-based hospital said that ABH discovered an unauthorized threat actor rifling through the organization’s systems on roughly September 3.
https://www.zdnet.com/article/texas-hospital-becomes-victim-of-ransomware-patient-data-potentially-leaked/

Stopping the Infiltration of Things
The Internet of Things – connected devices that contain network sensors to allow for remote monitoring and control, are expected to hit 75-billion devices installed by 2025. These devices include everything from home routers, remote cameras to healthcare devices.
https://threatpost.com/stopping-the-infiltration-of-things/139204/

Only 14% have complete organizational awareness of IoT threats
86 percent of IT and security decision makers across the globe believe their organization needs to improve its awareness of IoT threats, according to Trend Micro. This significant lack of knowledge accompanies rising threat levels and security challenges related to connected devices, which leaves organizations at great risk
https://www.helpnetsecurity.com/2018/11/20/iot-threats-awareness/

Threat predictions for industrial security in 2019
The past few years have been very intense and eventful when it comes to incidents affecting the information security of industrial systems. That includes new vulnerabilities, new threat vectors, accidental infections of industrial systems and detected targeted attacks
https://securelist.com/ksb-threat-predictions-for-industrial-security-in-2019/88940/

The perils of using voice commands with IoT machines
Combine the IoT, voice commands and machines, and you’re creating a potentially disastrous recipe of unintended consequences
https://www.networkworld.com/article/3321737/internet-of-things/the-perils-of-using-voice-commands-with-iot-machines.html

Securing the IoT has become business-critical
Investments in IoT security can have significant positive business implications, a recent survey from DigiCert finds.
https://www.networkworld.com/article/3321919/internet-of-things/securing-the-iot-has-become-business-critical.html

11-12-18 – News This Past Week

Flaws in Roche Medical Devices Can Put Patients at Risk
The affected products consist of a base unit and a handheld device that communicates wirelessly – including over Wi-Fi if an optional module is available – with the base unit. Medigate researchers discovered that an attacker with access to the local network can hack the base station and from there target the handheld devices.
https://www.securityweek.com/flaws-roche-medical-devices-can-put-patients-risk

Implications of the NIS Directive for the industrial sector
Under the law, operators of essential services and digital service providers are required to abide by the requirements of the new regulations. These are intended to provide a framework for countries and operators to strengthen the security of critical infrastructures and allied information systems. Any operator with 50 or more employees and/or a balance sheet of greater than €10 million must comply with the NIS Directive
https://www.helpnetsecurity.com/2018/11/12/nis-directive-industrial-sector/

IT-to-OT Solutions That Can Bolster Security in the IIoT
The Industrial Internet of Things (IIoT) — within companies and across the entire global IIoT ecosystem — is an intricately intertwined and negotiated merger of information technology (IT) and operational technology (OT). OT systems are not only business-critical, they can be nation-critical or life-and-death-critical.
https://www.darkreading.com/attacks-breaches/it-to-ot-solutions-that-can-bolster-security-in-the-iiot/a/d-id/1333210

How A New Wave of Cyber-Attacks is Targeting Maritime Trade
In concrete terms, the historical “air gap” separating industrial control systems from enterprise networks meant that factories and shipyards were more or less immune to cyber-attack. As long as systems were air-gapped it didn’t matter how pernicious or effective the cyber-threat became, we felt confident that these virtual concerns couldn’t impact our physical infrastructure.
https://www.securityweek.com/troubled-waters-how-new-wave-cyber-attacks-targeting-maritime-trade

11-05-18 – News This Past Week

USB threat vector trends and implications for industrial operators
In an attempt to make industrial control systems less accessible to attackers, industrial players are limiting network access and increasingly using USB media devices to transfer patches, updates and files to those systems
https://www.helpnetsecurity.com/2018/11/02/industrial-usb-threats/

Researchers find Stuxnet, Mirai, WannaCry lurking in industrial USB drives
When we consider threats to our industrial systems, specifically crafted malware, such as the Industroyer strain which cut off the power to the city of Kiev in Ukraine for an hour, often comes to mind
https://www.zdnet.com/article/almost-half-of-usb-drives-in-industrial-settings-pose-severe-security-risk/

USB Drives Deliver Dangerous Malware to Industrial Facilities: Honeywell
Malware is still being delivered to industrial facilities via USB removable storage devices and some threats can cause significant disruptions, according to a report published on Thursday by Honeywell
https://www.securityweek.com/usb-drives-deliver-dangerous-malware-industrial-facilities-honeywell

Sauter Quickly Patches Flaw in Building Automation Software
A serious vulnerability that allows an attacker to steal files from an affected system has been found by a researcher in a building automation product from Swiss-based Fr. Sauter AG. It took the vendor only 10 days to release a patch.
https://www.securityweek.com/sauter-quickly-patches-flaw-building-automation-software

ICS Devices Vulnerable to Side-Channel Attacks
Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek’s ICS Cyber Security Conference in Atlanta, GA
https://www.securityweek.com/ics-devices-vulnerable-side-channel-attacks-researcher

Cyberattacks Against Energy Sector Are Higher Than Average
Attacks against critical infrastructure industries such as those targeting the energy supply — actual and potential — are rarely out of the news. Russia and Russian state actors are the probable aggressors. But we are still in the Cold War era of attacks against energy utilities. There has been no cyber related-successful attack against the supply of energy in the United States.
https://www.securityweek.com/cyberattacks-against-energy-sector-are-higher-average-report

Cyberattacks against energy and utilities firms begin inside enterprise IT networks
New research from Vectra has revealed that while industrial control systems are being targeted by hackers, most cyberattacks against energy and utilities firms occur inside enterprise IT networks
https://www.techradar.com/news/cyberattacks-against-energy-and-utilities-firms-begin-inside-enterprise-it-networks

Many water and energy systems vulnerable to significant cyber risk
New Trend Micro research revealed how exposed human machine interface (HMI) systems in thousands of critical water and energy organizations around the world could be exploited, causing significant real-world impacts, such as contaminating the water supply.
https://www.helpnetsecurity.com/2018/10/31/vulnerable-critical-systems/

Internet-Exposed HMIs Put Energy, Water Facilities at Risk
Malicious actors could cause serious damage to organizations in the energy and water sectors by targeting their human-machine interfaces (HMIs), according to a report released by Trend Micro on Tuesday
https://www.securityweek.com/internet-exposed-hmis-put-energy-water-facilities-risk-report

IoT Flaw Allows Hijacking of Connected Construction Cranes
A connected construction crane, from Telecrane, has a vulnerability that would allow cyberattackers to intercept its communications and take the equipment over.
https://threatpost.com/iot-flaw-allows-hijacking-of-connected-construction-cranes/138648/

IoT Now Top Internet Attack Target
A new threat analysis report shows that IoT devices are now the primary target of criminals working on the Internet. And those criminals are learning and adapting their tactics to meet the improved defenses being put into place
https://www.darkreading.com/attacks-breaches/new-report-iot-now-top-internet-attack-target/d/d-id/1333147

The Seven Leading Security Gaps in Industrial Environments
October is officially National Cyber Security Awareness month, and this year one of the program’s key messages is working together to secure critical infrastructure from cyber threats
https://www.securityweek.com/seven-leading-security-gaps-industrial-environments

10-29-18 – News This Past Week

FDA strengthens medical device cybersecurity program
The FDA recently took additional steps to encourage better medical device cybersecurity, including releasing a cybersecurity playbook for healthcare organizations
https://searchhealthit.techtarget.com/feature/FDA-strengthens-medical-device-cybersecurity-program

What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection
US-CERT is advising some customers of Telecrane construction cranes to patch their control systems – following the disclosure of a security bug that could allow a nearby attacker to wirelessly hijack the equipment.
https://www.theregister.co.uk/2018/10/25/crane_command_vulnerability/

How to protect enterprise ICS networks with firewalls
ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected
https://searchsecurity.techtarget.com/tip/How-to-protect-enterprise-ICS-networks-with-firewalls

10-24-18 – News This Past Week

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware
Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia.
https://thehackernews.com/2018/10/russia-triton-ics-malware.html

Russia was likely behind dangerous critical infrastructure attack, report says
The malware, alternately dubbed Triton and Trisis, was most likely designed to cause physical damage inside critical infrastructure sites, such as gas refineries and chemical plants, FireEye researchers said in a report published in December.
https://arstechnica.com/information-technology/2018/10/russia-was-likely-behind-dangerous-critical-infrastructure-attack-report-says/

Plaintext Passwords Often Put Industrial Systems at Risk
Plaintext passwords crossing the network, outdated operating systems, direct connections to the Internet, and the lack of automated updates for security solutions often put industrial systems at risk of attacks, according to a new report published on Tuesday by industrial cybersecurity firm CyberX.
https://www.securityweek.com/plaintext-passwords-often-put-industrial-systems-risk-report

The Danger and Opportunity in 5G Connectivity and IoT
The IoT is already rife with security issues resulting from poor incentives to fix vulnerabilities. At the same time, we are spiraling closer towards a hyper-connected world with the increasing momentum around 5G infrastructure. As telecommunications organizations build more infrastructure for 5G networks, we can expect to see wider adoption of IoT devices and an increase in the impact of the threats they pose.
https://threatpost.com/the-danger-and-opportunity-in-5g-connectivity-and-iot/138493/

Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking
Commandeered equipment – think Internet-of-Things sensors and gizmos, and automotive and industrial systems – can then be used to, say, spy on owners, siphon data out of a network, launch other cyber-attacks, and so on.
https://www.theregister.co.uk/2018/10/22/freertos_iot_platform_security_flaws/

AWS FreeRTOS Bugs Allow Compromise of IoT Devices
The bugs could allow hackers to crash connected devices in smart homes or critical infrastructure systems, leak information from the devices’ memory, and take them over. And while patches have been issued, researchers warn that it still may take time for smaller vendors to update.
https://threatpost.com/aws-freertos-bugs-allow-compromise-of-iot-devices/138455/

New Security Woes for Popular IoT Protocols
They found that the widely used device-to-device communications protocols contained inherent security weaknesses, especially in the way they are implemented in IoT devices – exposing flaws that could allow attackers to execute denial-of-service (DoS) attacks on devices or gain remote control of industrial IoT or consumer IoT devices for cyber espionage or worse.
https://www.darkreading.com/vulnerabilities—threats/new-security-woes-for-popular-iot-protocols/d/d-id/1333069

FBI Investigates Attack on Critical Water Utility
According to a media release from Onslow Water and Sewer Authority (ONWASA) issued on October 15, 2018, a critical water utility in North Carolina was targeted in a cyber-attack. Federal and state officials are now working with the water utility as part of the investigation into the attack on some of its computer systems.
https://www.infosecurity-magazine.com/news/fbi-investigates-attack-on/

Vulnerable controllers could allow attackers to manipulate marine diesel engines
These security flaws could be exploited by attackers to change the firmware and configuration files, install malware, and perform actions that effectively allow them to take control of a vessel’s engines
https://www.helpnetsecurity.com/2018/10/18/manipulate-marine-diesel-engines/

Medical device maker Medtronic finally fixes its hackable pacemaker
The company said in a notice this week that it’s switching off the software distribution network after researchers found that a hacker could update the pacemaker’s software with malicious software that could manipulate the impulses that regulate a patient’s heartbeat. The researchers, Jonathan Butts and Billy Rios, revealed the vulnerability at the Black Hat conference in August, more than a year after first reporting the vulnerability to Medtronic
https://techcrunch.com/2018/10/16/medical-device-maker-medtronic-finally-fixes-its-hackable-pacemaker/

GreyEnergy group targeting critical infrastructure with espionage
BlackEnergy has been terrorizing Ukraine for years and rose to prominence in December 2015 when they caused a blackout that left 230,000 people without electricity – the first-ever blackout caused by a cyberattack. Around the time of that incident, ESET researchers began detecting another malware framework named GreyEnergy.
https://www.helpnetsecurity.com/2018/10/17/greyenergy-group/

In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack
The Onslow Water and Sewer Authority (ONWASA) said in a Monday release that a “sophisticated ransomware attack… has left the utility with limited computer capabilities.” While customer data was not compromised as part of the attack, the lack of computing ability will impact the timeliness of service from ONWASA “for several weeks to come.”
https://threatpost.com/in-county-crippled-by-hurricane-water-utility-targeted-in-ransomware-attack/138327/

Remote Code Implantation Flaw Found in Medtronic Cardiac Programmers
A flaw in Medtronic’s CareLink 2090 and CareLink Encore 29901 programmers, which are portable computer systems used to manage implanted cardiac devices in clinical settings, would have allowed remote code implantation over Medtronic’s dedicated Software Deployment Network (SDN).
https://threatpost.com/remote-code-implantation-flaw-found-in-medtronic-cardiac-programmers/138363/

FDA Warns of Flaws in Medtronic Programmers
A vulnerability in the software update process of certain Medtronic Programmer models has determined the vendor to block the functionality on affected devices, the U.S. Food and Drug Administration (FDA) informs.
https://www.securityweek.com/fda-warns-flaws-medtronic-programmers

Feds Investigate After Hackers Attack Water Utility
The head of the Onslow Water and Sewer Authority said in a news release Monday that its internal computer system, including servers and personal computers, were subjected to what was characterized as “a sophisticated ransomware attack.”
https://www.securityweek.com/feds-investigate-after-hackers-attack-water-utility

NotPetya Linked to Industroyer Attack on Ukraine Energy Grid
The massive NotPetya ransomware outbreak that crippled organizations around the world last year turns out to have links to the Industroyer backdoor, which targets industrial control systems (ICS) and took down the Ukrainian power grid in Kiev in 2016
https://threatpost.com/notpetya-linked-to-industroyer-attack-on-ukraine-energy-grid/138287/

10-15-18 – News This Past Week

The future of OT security in modern industrial operations
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations
https://www.helpnetsecurity.com/2018/10/15/future-ot-security/

It’s the real Heart Bleed: Medtronic locks out vulnerable pacemaker programmer kit
The watchdog’s alert this week comes after Irish medical device maker Medtronic said it will lock some of its equipment out of its software update service, meaning the hardware can’t download and install new code from its servers
https://www.theregister.co.uk/2018/10/12/medtronic_pacemaker_programmer_security/

Internet Hacking Is About to Get Much Worse
The risks are about to get worse, because computers are being embedded into physical devices and will affect lives, not just our data. Security is not a problem the market will solve. The government needs to step in and regulate this increasingly dangerous space.
https://www.nytimes.com/2018/10/11/opinion/internet-hacking-cybersecurity-iot.html

The Better Way: Threat Analysis & IIoT Security
Threat analysis offers a more nuanced and multidimensional approach than go/no-go patching in the Industrial Internet of Things. But first, vendors must agree on how they report and address vulnerabilities.
https://www.darkreading.com/perimeter/the-better-way-threat-analysis-and-iiot-security-/a/d-id/1332983

New Pentagon Weapons Systems Easily Hacked: Report
The Government Accountability Office said the Pentagon was unaware of how easy it could be for an adversary to gain access to the computer brains and software of the weapons systems and operate inside them undetected
https://www.securityweek.com/new-pentagon-weapons-systems-easily-hacked-report

Many Siemens Products Affected by Foreshadow Vulnerabilities
The security holes could allow malicious applications to obtain potentially sensitive information from a device’s memory, including data associated with operating systems, apps and virtual machines
https://www.securityweek.com/many-siemens-products-affected-foreshadow-vulnerabilities

Constructing the Future of ICS Cybersecurity
As industrial control systems are connected to the cloud and the IoT, experts discuss security challenges
https://www.darkreading.com/perimeter/constructing-the-future-of-ics-cybersecurity/d/d-id/1332995

Security Vulnerabilities in US Weapons Systems
The US Government Accounting Office just published a new report: “Weapons Systems Cyber Security: DOD Just Beginning to Grapple with Scale of Vulnerabilities” (summary here). The upshot won’t be a surprise to any of my regular readers: they’re vulnerable
https://www.schneier.com/blog/archives/2018/10/security_vulner_17.html

Report: US weapons systems are highly vulnerable to cyber attacks
The Department of Defense will have to ramp up its cybersecurity efforts now that it’s planning to spend $1.66 trillion to develop major weapons systems. According to a new report (PDF) by the Government Accountability Office, nearly all of Pentagon’s weapons systems are vulnerable to cyberattacks
https://www.engadget.com/2018/10/10/pentagon-weapons-systems-gao-report/

10-08-18 – News This Past Week

DHS Warns of Threats to Precision Agriculture
Relying on various embedded and connected technologies to improve agricultural and livestock management, precise agriculture is exposed to vulnerabilities and cyber-threats, a new report from the United States Department of Homeland Security (DHS) warns
https://www.securityweek.com/dhs-warns-threats-precision-agriculture

California bans default passwords on any internet-connected device
In less than two years, anything that can connect to the internet will come with a unique password — that is, if it’s produced or sold in California. The “Information Privacy: Connected Devices” bill that comes into effect on January 1, 2020, effectively bans pre-installed and hard-coded default passwords. It only took the authorities about two weeks to approve the proposal made by the state senate
https://www.engadget.com/2018/10/05/california-default-password-ban-information-privacy-connected-devices-bill/

New Splunk IoT Solution Helps Secure ICS
Splunk for Industrial IoT, expected to become available on October 30, combines the capabilities of Splunk Enterprise, Splunk Industrial Asset Intelligence, and the Splunk Machine Learning Toolkit.
https://www.securityweek.com/new-splunk-iot-solution-helps-secure-ics

How Shodan helps identify ICS cybersecurity vulnerabilities
Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security
https://searchsecurity.techtarget.com/tip/How-Shodan-helps-identify-ICS-cybersecurity-vulnerabilities

U.S. Energy Department Invests Another $28 Million in Cybersecurity
The U.S. Department of Energy on Monday announced that it’s investing up to $28 million in tools and technologies that will improve the resilience and cybersecurity of the power grid and oil and gas infrastructure
https://www.securityweek.com/us-energy-department-invests-another-28-million-cybersecurity

10-01-18 – News This Past Week

California’s new laws bolster security for connected devices
California just raised the baseline for security in the Internet of Things… to a degree. Governor Jerry Brown has signed very similar Assembly and Senate bills that require hardware makers to include “reasonable” security measures for connected devices
https://www.engadget.com/2018/09/30/california-connected-device-laws/

‘Torii’ Breaks New Ground For IoT Malware
Stealth, persistence mechanism and ability to infect a wide swath of devices make malware dangerous and very different from the usual Mirai knockoffs, Avast says.
https://www.darkreading.com/attacks-breaches/-torii-breaks-new-ground-for-iot-malware/d/d-id/1332930

Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks
Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do
https://csrc.nist.gov/publications/detail/nistir/8228/draft

Hackers are finding creative ways to target connected medical devices
Hackers are leveraging error messages from connected medical devices — including radiology, X-ray and other imaging systems — to gain valuable insights, according to Zingbox. These insights are then used to refine the attacks, increasing the chance of successful hack
https://www.helpnetsecurity.com/2018/09/28/target-connected-medical-devices/

Vulnerabilities and architectural considerations in industrial control systems
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about SCADA vulnerabilities in ICS architectures
https://www.helpnetsecurity.com/2018/09/28/scada-vulnerabilities-ics/

No Patches for Critical Flaws in Fuji Electric Servo System, Drives
ICS-CERT and Trend Micro’s Zero Day Initiative (ZDI) this week disclosed the existence of several unpatched vulnerabilities affecting servo systems and drives from Japanese electrical equipment company Fuji Electric
https://www.securityweek.com/no-patches-critical-flaws-fuji-electric-servo-system-drives

Researchers See Improvements in Vehicle Cybersecurity
Since 2013, IOActive has spent thousands of hours every year analyzing vehicle cybersecurity, and the company has published several research papers on this topic. A report made available in 2016 showed that half of the flaws found at the time had an impact level of critical (25%) or high (25%).
https://www.securityweek.com/researchers-see-improvements-vehicle-cybersecurity

Owning Security in the Industrial Internet of Things
Why IIoT leaders from both information technology and line-of-business operations need to join forces to develop robust cybersecurity techniques that go beyond reflexive patching
https://www.darkreading.com/threat-intelligence/owning-security-in-the-industrial-internet-of-things/a/d-id/1332876