U.S. official sees more cyber attacks on industrial control systems

JIM FINKLE | April 26, 2016

article image
A U.S. government cyber security official warned that authorities have seen an increase in attacks that penetrate industrial control system networks over the past year, and said they are vulnerable because they are exposed to the Internet.Industrial control systems are computers that control operations of industrial processes, from energy plants and steel mills to cookie factories and breweries.“We see more and more that are gaining access to that control system layer," said Marty Edwards, who runs the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT.ICS-CERT helps U.S. firms investigate suspected cyber attacks on industrial control systems as well as corporate networks.Interest in critical infrastructure security has surged since late last month when Ukraine authorities blamed a power outage on a cyber attack from Russia, which would make it the first known power outage caused by a cyber attack.Experts attending the S4 conference of some 300 critical infrastructure security specialists in Miami said the incident has caused U.S. firms to ask whether their systems are vulnerable to similar incidents.

Spotlight

Parablu, Inc.

Parablu, an award winning CASB based solutions provider, engineers new-age cloud data protection and management solutions for the digital enterprise. The advanced Cloud Access Security Broker (CASB) based solution protects your enterprise data completely and provides total visibility into your data movement. Our suite of products include: BluKrypt, an on-premise CASB that completely secures your critical data on the cloud; BluSync, a hybrid file sharing and collaboration application for the agile enterprise; BluVault, a powerful and secure data backup solution in the cloud; BluDrive, a secure large file transfer solution. These solutions easily integrate with your existing infrastructure making it a seamless solution for your enterprise data protection and management needs. Get a demo today.

OTHER ARTICLES

MERGING AND SORTING FILES IN LINUX: EASIER THAN YOU THINK

Article | November 24, 2020

There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. azure linux Shutterstock Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. Syntax $join [OPTION] FILE1 FILE2 Example: Assume file1.txt contains ... 1 Aarav 2 Aashi 3 Sukesh And, file2.txt contains ... 1 101 2 102 3 103 The command ... $ join file1.txt file2.txt will result in: 1 Aarav 101 2 Aashi 102 3 Sukesh 103 Note that by default, the join command takes the first column as the key to join multiple files. Also, if you wish to store the final data of the two files joined into another file, you can use this command: $ cat file1.txt file2.txt > result.txt Paste The paste command is used to join multiple files horizontally by performing parallel merging. The command outputs the lines from each file specified, separated by a tab as a delimiter by default to the standard output. Assume there is a file called numbers.txt containing numbers from 1 to 4. And there are another two files called countries.txt and capital.txt containing four countries and their corresponding capitals, respectively. The command below will join the information of these three files and will be separated by a tab space as a delimiter. $ paste numbers.txt countries.txt capital.txt However, you can also specify any delimiter by adding a delimiter option to the above command. For example, if we need the delimited to be "-" you can use this command: $ paste -d “-” numbers.txt countries.txt capital.txt Sort The sort command in Linux, as the name suggests, is used to sort a file as well as arrange the records in a particular order. Sort can also be paired with multiple other Linux commands such as cat by simply joining the two commands using a pipe "|" symbol. For instance, if you wish to merge multiple files, sort them alphabetically and store them in another file, you can use this command: $ cat file1.txt file2.txt file3.txt | sort > finalfile.txt There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. azure linux Shutterstock Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. Syntax $join [OPTION] FILE1 FILE2 Example: Assume file1.txt contains ... 1 Aarav 2 Aashi 3 Sukesh And, file2.txt contains ... 1 101 2 102 3 103 The command ... $ join file1.txt file2.txt will result in: 1 Aarav 101 2 Aashi 102 3 Sukesh 103 Note that by default, the join command takes the first column as the key to join multiple files. Also, if you wish to store the final data of the two files joined into another file, you can use this command: $ cat file1.txt file2.txt > result.txt Paste The paste command is used to join multiple files horizontally by performing parallel merging. The command outputs the lines from each file specified, separated by a tab as a delimiter by default to the standard output. Assume there is a file called numbers.txt containing numbers from 1 to 4. And there are another two files called countries.txt and capital.txt containing four countries and their corresponding capitals, respectively. The command below will join the information of these three files and will be separated by a tab space as a delimiter. $ paste numbers.txt countries.txt capital.txt However, you can also specify any delimiter by adding a delimiter option to the above command. For example, if we need the delimited to be "-" you can use this command: $ paste -d “-” numbers.txt countries.txt capital.txt There are several other options available for the paste command, and more information can be found here. Sort The sort command in Linux, as the name suggests, is used to sort a file as well as arrange the records in a particular order. Sort can also be paired with multiple other Linux commands such as cat by simply joining the two commands using a pipe "|" symbol. For instance, if you wish to merge multiple files, sort them alphabetically and store them in another file, you can use this command: $ cat file1.txt file2.txt file3.txt | sort > finalfile.txt The above command is going to merge the files, sort the overall content, and then store it in the finalfile.txt You can also use the sort command to simply sort a single file containing information: $ sort file.txt The command above does not change or modify the data in file.txt and is, therefore, just for displaying the sorted data on the console. There are several other ways of merging and sorting files and data in the Linux operating system. What makes Linux unique is its ability to pair up multiple commands to achieve its purpose. Once users start to make themselves acquainted with these commands, it can save a lot of time and effort while performing tasks with more precision and efficiency.

Read More

CYBERSECURITY AND CORONAVIRUS: KEEPING YOUR BUSINESS SAFE

Article | March 19, 2020

Measures to mitigate the outbreak of COVID-19 have led to an unprecedented increase in remote working across the board. Our guest author Philip Blake, European Regional Director at EC-Council and cybersecurity expert, outlines key challenges and tips for staying secure while away from the office. As governments and businesses work on mitigating the impact of the ongoing COVID-19 outbreak, social distancing measures are leading to an increase in remote working across all sectors. The reasoning behind the measures is best left to health authorities, and are discussed at length elsewhere. The purpose of this article is to shed light on some of the key cybersecurity challenges around the sudden spike in remote work arrangements, and propose potential measures to keep networks as secure as possible during these times.

Read More

A Closer Look at the Microsoft Exchange Server Cyberattacks

Article | May 13, 2021

We recently posted an article that highlighted the high-profile Microsoft Exchange hack that impacted hundreds of thousands of organizations across the globe. (This article offered some recommendations on how this could have been avoided as well as a special three-month offer to help any company who may have been affected.) Since this cyber attack, even more details are emerging. For example, the White House recently urged victims to quickly patch applications and systems and pushed for them to do it as quickly as possible. One senior administration official emphasized that the window to update these systems could be measured in hours, not even days.

Read More

Top Three Cybersecurity Threats You Should Mitigate Before It Is Too Late

Article | December 15, 2020

There are three significant and disruptive cybersecurity threats that are catching organizations of all types and sizes by surprise: Ransomware; Cloud misconfigurations; and Supply chain backdoors. Let me explain with recent examples and guide you on what you can do to avoid making other’s mistakes and falling victim to the threats. Let’s start with ransomware. It is one of the most disruptive risks facing your organization today. Why? Because it can literally bring your operations, no matter who you are, to a standstill and inflict significant cost, pain and suffering. Just look at the recent example of one organization. It was infected with ransomware, and IT systems were shut down for several weeks, bringing operations to a standstill. It had to gradually re-start systems over several more weeks. It estimates it will cost around $95 million from lost sales, recovery and remediation, impacting profitability. Also, it announced it will not be able to attain its growth plans for the year. Take another recent example. A three-hospital system was infected and IT systems were shut down and it could not accept any incoming patients for several days. It had to operate using paper, until gradually the IT systems were re-started over several days. Fortunately, in this case, the incoming patients turned away did not suffer any loss of life and were able to be diverted to other hospitals timely, but it could have been tragic. No organization is immune to ransomware and it can rear its ugly head anytime and inflict severe pain. There are many variants and each can be tweaked easily by the attackers to evade the defense. The Ryuk ransomware is an example of one that has already inflicted significant pain to hundreds of organizations this year in the U.S. and across the globe. Previously, the SamSam ransomware attacked a variety of organizations in the U.S. and Canada, and provided over $6 million in ransom payments and inflicted over $30 million in losses. Prior to that, NotPetya ransomware rapidly inflicted hundreds of organizations in various parts of the world, and caused over $10 billion in damages. The attackers are seeing that with ransomware it is quicker and easier to make the intrusion, and encrypt some of the data than try to exfiltrate all of it. They are asking themselves, why take all the time and trouble to look for all of the data and try to steal it, when only some critical systems and data can be locked up, until a ransom is paid? They are seeing that with ransomware there will be immediate adverse impact since the victim will not be able to access critical data and systems, and will not be able to operate. So, there is high probability the ransom will be paid to stop the pain and suffering, especially if the victim has cyber insurance in place. The organization is likely to use the insurance policy to pay the ransom, rather than continue to have its operations disrupted or shut down. They are also seeing that while most organizations have put in place various controls to prevent and detect data theft, they have not placed an equal weight to preventing and detecting ransomware. Most organizations have a lot of data and given all of the data thefts that have occurred and continue to occur and reported in the press, the bias has been to focus on data theft. But ransomware risk cannot be ignored or approached less seriously. Imagine that you are infected with ransomware and your people cannot access documents, files or systems, and operate. All critical files and systems are locked out from the ransomware encryption, and a ransom payment is demanded by the hacker for the keys to unlock the encryption. What if, it will take you days, weeks or months to recover? What impact would it have on your organization? You may think that you will be able to recover quickly from back up files and systems, but are you sure? The new ransomware variants are devised to hunt down and delete or encrypt backup files and systems also, and in some cases, first, before encrypting rest of the files and systems. The organization that was recently infected that estimates $95 million in financial impact from the ransomware thought it had the risk under control, until it was hit with the ransomware and realized it was not prepared to manage the risk. Now, let’s move to the threat from cloud misconfigurations. You are most probably in the cloud completely or partially. Whether you have completely outsourced your infrastructure and services to a cloud provider or are utilizing one partially, remember, ultimately, you own the cybersecurity and that you are responsible for security in the cloud, while the cloud provider is responsible for security of the cloud. While the cloud provider will provide perimeter security, you are responsible for security of your data, IP and other assets in the cloud, and are equally susceptible to attackers in the cloud as you are on the premises. Even if any of the “big six” cloud providers, such as Amazon Web Services or Microsoft Azure or others, provide the cybersecurity, attackers can exploit weak links in the chain, break in and steal data or cause other harm. A common weak link in the chain are misconfigurations of the various systems that the cloud provider makes available as part of its service. You are responsible for all of the configurations, not the cloud provider. So, if your team does not take the time to fully understand all of the configurations that are necessary and complete them timely, security holes will arise and remain open for the attackers to exploit. Just look at the recent example of an organization that fell victim where the data of over 100 million customers was stolen. This organization was using one of the “big six” cloud providers, but missed making all of the necessary configurations. A former employee of the cloud provider, who was familiar with the systems and configurations, discovered a misconfiguration in a web application firewall and exploited it to break in. The attacker then was able to query a metadata service to obtain keys and tokens, which allowed the attacker to query and copy storage object data and eventually exfiltrate it. This was a case where configuration errors in a web application firewall coupled with unrestricted metadata service access and other errors handed the attacker the keys to the kingdom for the theft of 100 million customers data. Other common cloud misconfigurations that create opportunities for attackers to exploit include: Unrestricted in bound access on uncommon ports Unrestricted outbound access Unrestricted access to non-http/https ports Unrestricted metadata service requests Inactivate monitoring of keys and tokens You may think that you do not have any misconfigurations in your cloud environment, but how do you know? The organization that recently lost 100 million customers data thought it had strong security in its cloud infrastructure, until it was hit with the data theft and realized it was not prepared to manage the risk. Now, let’s move to the threat from supply chain backdoors. No matter what type of organization you are or your size, you most probably have a supply chain, comprised of independent contractors, vendors or partners. Each of these could be the weakest link in the chain. In other words, the attackers may find that one of your suppliers may be easier to break into first because of weaker cybersecurity and may have privileged access to your organization, given their role and responsibilities. So why not first attack the weaker supplier, steal their privileged user credentials and use it to break into your organization and eventually attain the ultimate objective, steal data or commit other harm? Or they may find that one of your suppliers has part of your data in order to provide the outsourced service, so they can steal the data simply by breaking into the supplier with the weaker cybersecurity, so no need to attack you directly. There are many examples of supply chain risk, such as with a government agency, where the credentials of a background check vendor were first stolen to access the agency’s systems, then to move laterally and find other unprotected privileged users credentials to access databases and steal data of 21.5 million individuals, including fingerprints data of 5.6 million individuals. But just look at the recent example of an organization that had outsourced billing and collections to a supplier. This is a case where the attackers did not have to attack directly. In this case, attackers broke into the supplier and injected malicious code into the payments webpages managed by the supplier and stole credit card, banking, medical and other personal information, such as social security numbers, of 11.9 million consumers. The attackers had access to the supplier’s system for eight months, during which it skimmed the data being input by consumers on the payments webpages. So, while your cybersecurity may be in good shape, the weakest link in the chain may be one of your suppliers, who may unwittingly provide the attackers the backdoor into your organization or to your data or IP. So, ransomware, cloud misconfigurations and supply chain backdoors are three significant and disruptive threats facing your organization today that you should mitigate. What c

Read More

Spotlight

Parablu, Inc.

Parablu, an award winning CASB based solutions provider, engineers new-age cloud data protection and management solutions for the digital enterprise. The advanced Cloud Access Security Broker (CASB) based solution protects your enterprise data completely and provides total visibility into your data movement. Our suite of products include: BluKrypt, an on-premise CASB that completely secures your critical data on the cloud; BluSync, a hybrid file sharing and collaboration application for the agile enterprise; BluVault, a powerful and secure data backup solution in the cloud; BluDrive, a secure large file transfer solution. These solutions easily integrate with your existing infrastructure making it a seamless solution for your enterprise data protection and management needs. Get a demo today.

Events