Cyberisques News - SCADA et milieu maritime: une cybersécurité stratégique. Cyber threats against industry - Are asset owners prepared? By Toby Colquhoun Cyber attacks targeting retailers may garner more media attention, but threats to industrial control systems are a growing concern.
The US Department of Homeland Security responded to 257 such incidents in 2013—up from 198 in 2012 and 130 in 2011—over half of them attacks on energy infrastructure. While the vulnerability of business-critical operations is widely known, the investment needed to secure them has not been made. An IHS survey of 12 major assetowning industries, including energy, automotive, and chemical, shows high awareness of the threats faced at the operations level but a resistance to investing in cybersecurity measures because of their cost (see figure). Global revenues of hardware, software, and services to secure automation/production networks across the surveyed industries are estimated at $600 million for 2013. Breaking the Code on Russian Malware. Twitter245 Facebook88 LinkedIn363 Google Plus9 Russia poses a serious cyber threat to industrial control systems (ICS), pharmaceutical, defense, aviation, and petroleum companies.
Russian government cyber operations aim to use malware to steal information on files, persist on ICS equipment, and commit espionage. According to a 2014 GData Red Paper, Uroburos malware’s “modular structure allows extending it with new features easily, which makes it not only highly sophisticated but also highly flexible and dangerous.” Understanding these threats posed by the malware and Russia’s objectives will go a long way to securing networks. There is nothing quick about studying Russian cyber operations. Attackers planting banking Trojans in industrial systems. Trend Micro researcher Kyle Wilhoit says the latest attacks on SCADA and industrial control networks are turning out to carry rather pedestrian banking Trojans, and have been on the rise since October 2014.
Talking to DarkReading, Wilhoit said rather than Stuxnet-style attacks, ne'er-do-wells are dropping banking Trojans into these networks disguised as updates to SCADA software. So far, the DarkReading piece says, he's seen the attack software disguised as Siemens' Simatic WinCC, GE Cimplicity, and Advantech device drivers. Rising numbers of attacks on SCADA environments in recent years have put sysadmins on edge.
Foreign hackers target UK Power Grid every minute. UK Power Grid is targeted by hackers every minute according to James Arbuthnot, a member of parliament who chaired the Defense Select Committee until last year.
As reported by Bloomberg, Arbuthnot plans to visit National Grid Plc (NG/) next month to discuss the issue. Arbuthnot confirmed the incessant attacks on national critical infrastructure and he doesn’t exclude a major incident despite the enormous effort spent at the National Grid. “Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year.
Commentaires :