Displaying items by tag: industrial control systems

Quarter two 2023 proved to be an exceptionally active period for ransomware groups, posing significant threats to industrial organisations and infrastructure, according to industrial cyber security firm Dragos’ latest ransomware attack analysis.  

Updates to core functionality make it easier than ever for IT security teams to gain visibility, security and compliance for their OT environments

COMPANY NEWS: Tenable, the Exposure Management company, today announced new capabilities within Tenable OT Security, providing broader protection for operational technology (OT), critical infrastructure and industrial control systems, regardless of size of deployment or configuration of environment. The new functionality keeps the CISO’s organization front and center — making it even easier to secure and maintain governance of the entire attack surface, using the same tools and processes across their infrastructure, be it OT, IT, IoT, cloud or other platforms.

GUEST RESEARCH: Nozomi Networks, the leader in operational technology (OT) and IoT security, today announced the SANS 2022 OT/ICS Cybersecurity Report finds industrial control systems (ICS) cybersecurity threats remain high as adversaries set their sights on control system components. In response, organisations have significantly matured their security postures since last year. In spite of the progress, more than a third (35%) don't know whether their organisations had been compromised and attacks on engineering workstations doubled in the last 12 months.

Malware that can gain full system access to multiple industrial control systems and supervisory control and data acquisition devices has been spotted by a number of US Government agencies, with the claims being backed up by a security firm that specialises in ICS security.

The chief executive of an American company that specialises in the security of industrial control systems is not exactly enthusiastic about governments forcing companies to report incidents that affect such systems, given that sharing of information from the government side is limited.

Steps to mitigate attacks against industrial control systems, outlined by three US Government entities — the Cybersecurity and Infrastructure Security Agency, the FBI and the Department of Energy — have come in for some sharp criticism from Robert M. Lee, the chief executive of Dragos, a company that specialises in security for such systems.

The CIA has invested US$1.6 million (A$2.2 million) in the company behind the secure messaging app Wickr, through its investment arm In-Q-Tel, the American website Motherboard reports, citing public disclosure records as a source.

Industrial control systems security specialist Dragos has gained a well-known investor as it expands its presence in Australia and New Zealand, with former prime minister Malcolm Turnbull having ploughed some of his hard-earned into the firm.

Integration Provides Full-spectrum IT/OT Visibility and Threat Detection Coverage

COMPANY NEWS: Claroty, the global leader in operational technology (OT) security, today announced it is partnering with CrowdStrike, a leader in cloud-delivered endpoint and workload protection, on an integration between The Claroty Platform and the CrowdStrike Falcon platform. This integration delivers comprehensive visibility into industrial control system (ICS) networks and endpoints, with a one-stop-shop for information technology (IT) and OT asset information directly within The Claroty Platform. It also delivers enhanced detection of ICS threats across the IT/OT boundary without the need for added connectivity, signature reconfiguration, or manual updates. The result is more effective and efficient IT/OT security governance and strengthened security posture spanning all connected sites.

An European body representing 42 electric transmission system operators in 35 countries recently experienced a compromise of its office network, the security firm Dragos says, adding it was an IT network that was infiltrated.

A Windows ransomware attack on a gas pipeline in the US, briefly detailed by the US Cyber Security and Infrastructure Agency recently, is probably the same as that reported by the US Coast Guard in 2019, the security firm Dragos claims.

Security control solutions provider Forescout Technologies has joined a newly established alliance designed to provide a technical and organisational framework for safe and secure operational technology (OT).

Industrial security intelligence provider Dragos has issued a warning about a threat group it has baptised Xenotime, which it says has expanded its field of operations from the oil and gas industry to now also target electricity utilities in the US.

Security company FireEye says it has been responding to a second attack by the group behind the Triton malware which was used to attack the Saudi Arabian oil company Saudi Aramco last year.

US security firm FireEye claims that malware named Triton that was used to attack industrial control systems last year is connected to a Russian Government-owned research institute.

Attacking industrial control system computers is an attack on the computers that control the world around you, be it at a utility, factory, air-con systems and more, and these attacks are rising.

The use of remote administration tools to monitor, control and maintain industrial control systems is adding to their attack surface, while simultaneously increasing the ability of attackers to mask malicious activity and increase the difficulty of attribution, a study claims.

Forcepoint says its new Critical Infrastructure business unit will "address the challenge of balancing insider threat detection and data security with availability for industrial control systems and industrial IoT connected devices".