Securing ICS Environments

Threat actors have much to gain when attacking Industrial Control Systems (ICS). But how exactly are ICS attacked and what can be done to protect them?
At least three hacking groups have been identified aiming to interfere with or disrupt power grids across the United States. Attempts in attacking the utilities industry are on the rise, according to a report on the state of industrial control systems (ICSs).
With a little SDR knowledge and a $20 USB dongle, attackers can read unencrypted pager messages from far away. This time, we look at what that means for nuclear plants, HVAC, manufacturers and other industries still using pagers.
This research paper looks at the mining industry as a target for a broad set of threat actors, its role in regional and global supply chains, and its vulnerabilities.
In the US and other locations worldwide, gas stations are primarily privately owned. While most of them have been modernized, there are still a lot of risks tied to their business, especially those that are connected to the Internet.
TRITON or TRISIS (detected by Trend Micro as TROJ_TRISIS.A) is a recently discovered malware that was designed to manipulate industrial safety systems and most notably was involved in shutting down an industrial plant’s operations.
This research provides a comprehensive look into the security challenges and attacks on critical infrastructure that member states of the Organization of American States had to face in 2014.
A cyber attack on a German steel plant has been confirmed to suffer a significant amount of damage, putting the spotlight on the evident lack of security across a number of different critical facilities and institutions.
By analyzing ICS-CERT advisories and the vulnerabilities provided by our network of world-wide researchers working with the Zero Day Initiative program, it is possible to get an understanding of the attack surface that is exposed by HMI solutions.
To compete in today’s market driven global economy, businesses opt for control systems that automatically manage processes. ICS enables efficiency, but are connected, heightening threat exposure and corresponding business risks.
As smart devices become more prevalent and are used in critical situations, software developers will have to understand that they now have a greater responsibility to keep their software products safe.