8 questions to ask about your industrial control systems security

| March 19, 2018

article image
A recent incident where a likely nation-state threat actor inadvertently shut down a critical infrastructure facility in the Middle East when testing new malware has stoked widespread concerns about the vulnerability of industrial control systems (ICSs) to new cyberthreats. Many security experts see the incident as a harbinger of a new wave of destructive attacks targeting ICS and want critical infrastructure owners to urgently update the security of their operational technology (OT) networks. What is an ICS? An ICS is any device, instrumentation, and associated software and networks used to operate or automate industrial processes. Industrial control systems are commonly used in manufacturing, but they are also vital to critical infrastructure such as energy, communications, and transportation. Many of these systems connect to sensors and other devices over the internet—the industrial Internet of things (IIoT), which increases the potential ICS attack surface.

Spotlight

NTT Europe Online

NTT Communications provides consultancy, architecture, security and cloud services to optimize the information and communications technology (ICT) environments of enterprises. These offerings are backed by the company’s worldwide infrastructure, including leading global tier-1 IP network, Arcstar Universal One™ VPN network reaching 196 countries/regions, and 130 secure data centers. NTT Communications’ solutions leverage the global resources of NTT Group companies including Dimension Data, NTT DOCOMO and NTT DATA. Headquartered in Tokyo, Japan, NTT Communications Corporation (NTT Com) was founded in 1999 as the wholly owned subsidiary of Nippon Telegraph and Telephone Corporation, one of the world's largest telecommunication companies.

OTHER ARTICLES

Malicious coronavirus map hides AZORult info-stealing malware

Article | March 11, 2020

Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware. The malicious online map, found at www.Corona-Virus-Map[.]com, appears very polished and convincing, showing an image of the world that depicts viral outbreaks with red dots of various sizes, depending on the number of infections. The map appears to offer a tally of confirmed cases, total deaths and total recoveries, by country, and cites Johns Hopkins University’s Center for Systems Science and Engineering as its supposed data source. Malwarebytes issued a warning about the map last week, and Reason Cybersecurity this week has followed up with its own blog post, reporting additional details on the scam, gathered by Reason Labs researcher Shai Alfasi.

Read More

The British government thinks process sensor cyber issues are real – what about everyone else

Article | February 16, 2020

When Joe refers to analogue devices, he is generally referring to ISA99 / IEC 62443 Level 0 devices, i.e. the sensors and actuators required in any cyber physical system. The vulnerability of these devices is often ignored as the security measures required to protect them are not purely technical but also involve physical and personnel security aspects along with process security (both of the metrology and processing by the device, as well as configuration management and control issues over the lifecycle of analogue devices). The security situation is not helped by the simplistic application of the triad of security goals (confidentiality, integrity and availability) to cyber physical systems.

Read More

What Is Mac Malware, How It Penetrates Your Device, and How to Get Rid of It

Article | November 25, 2020

I would like to share my experience with you and talk about viruses created for Mac devices and how to deal with them. You may say that there are no Mac viruses as Apple does not allow it. However, I may say that there are plenty of nasty malware types like adware that open new tabs in your browser, redirect you to irrelevant pages and show numerous popups. Yes, these are not real viruses. Adware like Search Marquis cannot clone itself and infect other connected devices. It cannot encrypt your files or cause any other harm. Its activity is related only to web redirects and excessive advertising. At the same time, who knows which rogue websites adware may land you on next time. It may happen that you end up on a phishing website where cyber crooks harvest personal information that leads to identity theft. Fake antiviruses I strongly recommend removing all adware that penetrated your device. But there is a problem here. If you want to get rid of Mac adware, you cannot quickly find a solution. If you go to google and search there how to get rid of Mac malware, you will see that all top results offer you to buy and install some shady software. In reality, these Mac antiviruses do nothing, as we know that the Apple ecosystem does not allow apps to access other apps' data. No antivirus can really scan and check your files. How to remove Mac malware Solution 1: If your system is infected with adware and you do not know how to get rid of it, you may try to call Apple and ask what to do. You can find their phone number here: support.apple.com/en-gb/HT201232#us-ca. Solution 2: Another option is to try your luck on Apple communities. Thousands of tech enthusiasts help uses with their problems there. Here is a sample thread: discussions.apple.com/thread/8226644. Solution 3: There are other options too. Apple operating systems are not very difficult to use, and any person can remove adware manually by going through step-by-step guides posted on numerous malware removal websites. Here is a guide by BitAdvisors.com on how to remove Search Marquis malware. Most rogue software works by exploiting bugs and vulnerabilities in your computer's operating system. And macOS has its own bugs too. To fix these vulnerabilities, Apple periodically releases operating system updates. To date, macOS has not proved attractive enough for cybercriminals and evil developers to flood it with malware. Protection tips To stays away from any surprises, it is recommended to update your OS as well as all apps installed regularly. You should never install apps from unofficial app stores not controlled by Apple. One of the ways for adware to penetrate your Mac computer is through bundled installs. You download and install a very useful app that is often free, but in reality, you get several apps. People never read user agreements written in small print. There it can be noted that you agree to install additional tools and provide some rights to them. Whenever you install something, be careful and read user agreements, and do not miss additional unnecessary software. Do not install any software without urgent necessity. Any additional software widens the attack surface. To be able to do bad things, current Mac malware requires users to perform some actions – grant rights. So, be careful with allowing any app to access your data, change settings, etc. One more wise move is to make backups. iCloud or ordinary flash drives will help you not lose your data in case of a system glitch or malware attack. Final advice - do use VPNs. Your connection will be encrypted, and attackers will not be able to find where you are actually located or what data your traffic consists of.

Read More

A Closer Look at the Microsoft Exchange Server Cyberattacks

Article | May 13, 2021

We recently posted an article that highlighted the high-profile Microsoft Exchange hack that impacted hundreds of thousands of organizations across the globe. (This article offered some recommendations on how this could have been avoided as well as a special three-month offer to help any company who may have been affected.) Since this cyber attack, even more details are emerging. For example, the White House recently urged victims to quickly patch applications and systems and pushed for them to do it as quickly as possible. One senior administration official emphasized that the window to update these systems could be measured in hours, not even days.

Read More

Spotlight

NTT Europe Online

NTT Communications provides consultancy, architecture, security and cloud services to optimize the information and communications technology (ICT) environments of enterprises. These offerings are backed by the company’s worldwide infrastructure, including leading global tier-1 IP network, Arcstar Universal One™ VPN network reaching 196 countries/regions, and 130 secure data centers. NTT Communications’ solutions leverage the global resources of NTT Group companies including Dimension Data, NTT DOCOMO and NTT DATA. Headquartered in Tokyo, Japan, NTT Communications Corporation (NTT Com) was founded in 1999 as the wholly owned subsidiary of Nippon Telegraph and Telephone Corporation, one of the world's largest telecommunication companies.

Events