One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 542626 |
| Date de publication | 2018-03-26 13:19:01 (vue: 2018-03-26 13:19:01) |
| Titre | Energy Sector Most Impacted by ICS Flaws, Attacks: Study (Recyclage) |
| Texte | The energy sector was targeted by cyberattacks more than any other industry, and many of the vulnerabilities disclosed last year impacted products used in this sector, according to a report published on Monday by Kaspersky Lab. The security firm has analyzed a total of 322 flaws disclosed in 2017 by ICS-CERT, vendors and its own researchers, including issues related to industrial control systems (ICS) and general-purpose software and protocols used by industrial organizations. Of the total number of security holes, 178 impact control systems used in the energy sector. Critical manufacturing organizations – this includes manufacturers of primary metals, machinery, electrical equipment, and transportation equipment – were affected by 164 of these vulnerabilities. Other industries hit by a significant number of vulnerabilities are water and wastewater (97), transportation (74), commercial facilities (65), and food and agriculture (61). Many of the vulnerabilities disclosed last year impacted SCADA or HMI components (88), industrial networking devices (66), PLCs (52), and engineering software (52). However, vulnerabilities in general purpose software and protocols have also had an impact on industrial organizations, including the WPA flaws known as KRACK and bugs affecting Intel technology. Learn More at SecurityWeek's ICS Cyber Security Conference As for the types of vulnerabilities, nearly a quarter are web-related and 21 percent are authentication issues. A majority of the flaws have been assigned severity ratings of medium or high, but 60 weaknesses are considered critical based on their CVSS score. Kaspersky pointed out that all vulnerabilities with a CVSS score of 10 are related to authentication and they are all easy to exploit remotely. Kaspersky said 265 of the vulnerabilities can be exploited remotely without authentication and without any special knowledge or skills. It also noted that exploits are publicly available for 17 of the security holes. The company has also shared data on malware infections and other security incidents. In the second half of 2017, Kaspersky security products installed on industrial automation systems detected nearly 18,000 malware variants from roughly 2,400 families. Malware attacks were blocked on almost 38 percent of ICS computers protected by the company, which was slightly less than in the second half of the previous year. Again, the energy sector was the most impacted. According to the security firm, roughly 40 percent of the devices housed by energy organizations were targeted. |
| Notes | ★★★★★ |
| Envoyé | Oui |
| Condensat | 2018 3github alerts approves april attacks: bay bounty bug chrome ciso code conference cyber devices energy fewer flaws forum half ics ietf impacted industry launches lead librariesmore links meltdown moon most news oct patchesnetflix program public receive register scada sector security singapore spectre sponsored study tags: tls usa vulnerabilities vulnerable |
| Tags | Guideline |
| Stories | Wannacry |
| Move | 
|
Les reprises de l'article (1):
| Source | SecurityWeek |
|---|---|
| Identifiant | 528234 |
| Date de publication | 2018-03-19 10:34:04 (vue: 2018-03-19 10:34:04) |
| Titre | US Accuses Russian Government of Hacking Infrastructure (Recyclage) |
| Texte | The Russian government is behind a sustained hacking effort to take over the control systems of critical US infrastructure like nuclear power plants and water distribution, according to US cyber security investigators. A technical report released by the Department of Homeland Security on Thursday singled out Moscow as directing the ongoing effort that could give the hackers the ability to sabotage or shut down energy and other utility plants around the country. It was the first time Washington named the Russian government as behind the attacks which have been taking place for nearly three years. The allegation added to a series of accusations of political meddling and hacking against Russia that led to Washington announcing fresh sanctions against the country this week. "Since at least March 2016, Russian government cyber actors ... targeted government entities and multiple US critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors," the report from the DHS Computer Emergency Readiness Team said. DHS, together with the Federal Bureau of Investigation, said the Russian hackers targeted two groups -- the infrastructure operators themselves, and also peripheral "staging targets" which could be used as stepping stone into the intended targets. Staging targets included third party firms supplying services and support to the main targets but may have less secure networks. The hackers had a deep toolbox of methods to enter target systems, they said. The hacking effort paralleled Russia's alleged operation to interfere with the 2016 US presidential election and continue with online media manipulation throughout 2017. DHS did not identify specific targets which the Russians broke into. But it said they were able to monitor the behavior of control systems, install their own software, collect the credentials of authorized users, monitor communications, and create administrator accounts to run the systems. - Sustained attack - The government has been issuing warnings to operators of US infrastructure -- power producers and distributors, water systems, and others -- about foreign hacking since 2016. In January a White House report said cyberattacks cost the United States between $57 billion and $109 billion in 2016, and warned that the broader economy could be hurt if the situation worsens. It pointed the finger mainly at attackers from Russia, China, Iran, and North Korea. |
| Notes | |
| Envoyé | Oui |
| Condensat | 2018 accuses bay ciso conference cyber forum government hacking half ics industry infrastructure links moon news oct register russian scada security sponsored tags: usa |
| Tags | |
| Stories | |
| Move |
|
L'article ne semble pas avoir été repris sur un précédent.