Securing ICS Environments

Threat actors have much to gain when attacking Industrial Control Systems (ICS). But how exactly are ICS attacked and what can be done to protect them?
A complete discussion of the different vulnerability categories, including case studies of vulnerable SCADA HMIs. The paper also provides a guide for vulnerability researchers, as well as vendors on quick and efficient bug discovery.
With a little SDR knowledge and a $20 USB dongle, attackers can read unencrypted pager messages from far away. This time, we look at what that means for nuclear plants, HVAC, manufacturers and other industries still using pagers.
This research paper looks at the mining industry as a target for a broad set of threat actors, its role in regional and global supply chains, and its vulnerabilities.
In the US and other locations worldwide, gas stations are primarily privately owned. While most of them have been modernized, there are still a lot of risks tied to their business, especially those that are connected to the Internet.
This research provides a comprehensive look into the security challenges and attacks on critical infrastructure that member states of the Organization of American States had to face in 2014.
A cyber attack on a German steel plant has been confirmed to suffer a significant amount of damage, putting the spotlight on the evident lack of security across a number of different critical facilities and institutions.
The United States Industrial Control System Cyber Emergency Response Team recently released an advisory warning operators of industrial control systems that there is an active cyber crime campaign targeting them with Trojans and backdoor attacks.
By analyzing ICS-CERT advisories and the vulnerabilities provided by our network of world-wide researchers working with the Zero Day Initiative program, it is possible to get an understanding of the attack surface that is exposed by HMI solutions.
To compete in today’s market driven global economy, businesses opt for control systems that automatically manage processes. ICS enables efficiency, but are connected, heightening threat exposure and corresponding business risks.
As smart devices become more prevalent and are used in critical situations, software developers will have to understand that they now have a greater responsibility to keep their software products safe.