Category Archives: Stuxnet

New code-validation project tries to spot the next industrial supply chain attack

Posted on by

A few years ago, Eric Byres, a veteran cybersecurity executive, was studying the aftermath of a clever attack on the supply chain. A Russian hacking group known as Dragonfly had in 2013 and 2014 breached the websites of three vendors of software that supported industrial control systems (ICS). The attackers slipped malicious software into legitimate updates hosted on those websites. The planted malware did not affect critical operations for companies, but Byres was troubled by the notion that outsiders could pull this off at all. The attackers made it clear to him that many companies he had worked with lacked an effective way of verifying whether they were using legitimate software worthy of their trust. The problem is that just comparing digital hashes isn’t necessarily enough to mark software as trusted. A hash, as Byres put it, is “a binary answer to a non-binary problem.” A hash either passes or fails, but the task of validating critical software can be more complex. Two years after […]

The post New code-validation project tries to spot the next industrial supply chain attack appeared first on CyberScoop.

Continue reading New code-validation project tries to spot the next industrial supply chain attack

Iran says Stuxnet is back, claims Israel tried to hack Iranian infrastructure

Posted on by

Is Stuxnet back? Iran’s Telecommunications Minister Mohammad Javad Azari-Jahromi alleges that Israel attempted a cyberattack on Iran’s telecommunications infrastructure through a new version of Stuxnet, so Iran will take the matter to the I… Continue reading Iran says Stuxnet is back, claims Israel tried to hack Iranian infrastructure

USB threat to industrial facilities comes into sharp focus with new Honeywell data

Posted on by

With their ability to carry malware into sensitive environments, USB drives have long been a red flag for industrial facilities. A new study puts hard data behind those concerns and shows how the drives can propagate advanced threats like Stuxnet and Trisis. Of the 50 industrial sites on four continents where Honeywell International analyzed USB usage, 44 percent of sites detected and blocked at least one malicious file. These weren’t just run-of-the-mill files: 15 percent of the threats detected and blocked were infamous malware packages like Stuxnet and Trisis (2 percent each), Mirai (6 percent) and WannaCry (1 percent). About a quarter of the threats blocked could cause “a major disruption to an industrial control environment,” according to Honeywell, an industrial automation giant. The overall volume of USB-based malware found by Honeywell researchers was relatively small, but the types of threats detected were more serious than researchers had anticipated. “It’s […]

The post USB threat to industrial facilities comes into sharp focus with new Honeywell data appeared first on Cyberscoop.

Continue reading USB threat to industrial facilities comes into sharp focus with new Honeywell data

USB threats from malware to miners

Posted on by

In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. 98% of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content. For a hacker trying to infect a computer network, those are pretty irresistible odds. Continue reading USB threats from malware to miners

Maliciuos hacking activity increasingly targeting critical infrastructure

Posted on by

In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about how the traditional focus of most hackers has been on software, but the historical focus of crime is on anything… Continue reading Maliciuos hacking activity increasingly targeting critical infrastructure

In the opaque world of government hacking, private firms grapple with allegiances

Posted on by

Private sector cybersecurity companies are increasingly stuck with difficult decisions when it comes to publicizing research into malware. Over the past few years, nation-states have increasingly devoted time, money and man-hours to creating sophisticated weapons that wreak havoc once they are unleashed on the internet. When private companies find these nation-state tools and break them apart for examination, the dynamic gets complicated very quickly: No longer are they just trying to figure out who is responsible — they have to tiptoe around the ramifications of how a public report could impact relationships with governments around the world. Beyond merely attributing sophisticated malware, large-scale cybersecurity firms are often left with tough questions: Should those based in the United States avoid publicly releasing research on cyber-espionage campaigns if they look to be conducted by allied governments? What does a company owe its clients when handling homegrown digital threats? Do these companies have a plan of action for […]

The post In the opaque world of government hacking, private firms grapple with allegiances appeared first on Cyberscoop.

Continue reading In the opaque world of government hacking, private firms grapple with allegiances

U.S. Is the Nation Most Susceptible to Cyberattacks

Posted on by

No one is safe against hacking. However, users and organizations based in certain countries appear to be more vulnerable to cyberattacks than others, as is the case with the United States. It appears that the U.S. is the nation which…Read more
The po… Continue reading U.S. Is the Nation Most Susceptible to Cyberattacks

Nuclear Power Plants Have a ‘Blind Spot’ for Hackers. Here’s How to Fix That.

Posted on by

Malware hunters, regulators, and plant employees are hunting further down the supply chain for vulnerabilities as hackers continue to target critical infrastructure. Continue reading Nuclear Power Plants Have a ‘Blind Spot’ for Hackers. Here’s How to Fix That.