Uncategorized Archives - Industrial Control Systems (ICS) Cybersecurity Conference

NSA, CISA Explain How Adversaries Plan and Execute ICS/OT Attacks

Eduard Kovacs — Sat, 24 Sep 2022 18:09:31 +0000

A joint advisory describes five typical steps involved in planning and executing an attack on Industrial control systems (ICS) and other operational technology (OT) systems

The post NSA, CISA Explain How Adversaries Plan and Execute ICS/OT Attacks appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities

Eduard Kovacs — Thu, 14 Apr 2022 14:17:25 +0000

A modular ICS attack framework and a collection of custom-made tools, can be used by threat actors to target ICS and SCADA devices, including programmable logic controllers (PLCs) from Schneider Electric and Omron, and OPC UA servers.

The post Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems

Industry News — Wed, 08 Jan 2020 16:22:59 +0000

(Eduard Kovacs – SecurityWeek) MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems (ICS). MITRE’s ATT&CK framework has been widely used by cybersecurity professionals to describe and classify attacker behavior and assess an organization’s risks. The new ATT&CK for ICS knowledge base builds upon it in an effort to help critical infrastructure and other organizations whose environments house ICS. In addition […]

The post MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Jennifer Leggio Joins Claroty as Chief Marketing Officer

Industry News — Mon, 06 Jan 2020 18:32:51 +0000

Industrial cybersecurity firm Claroty announced that Jennifer Leggio has taken the role of Chief Marketing Officer (CMO) at the company.

The post Jennifer Leggio Joins Claroty as Chief Marketing Officer appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Leadership, Security, and Support at the Clinton White House (Video)

Industry News — Tue, 30 Jul 2019 23:42:32 +0000

Presented at SecurityWeek’s 2018 ICS Cyber Security Conference How would you handle leadership in this the most stressful Chief Information Officer (CIO) job in the World – being the CIO at The White House? Colonel Gelhardt answers this question, and talks about the leadership and mentorship he used and how you can use the same skills in the civilian world. If he can do it so can you! Speaker: Colonel Mark Gelhardt – Former CIO for President Clinton

The post Leadership, Security, and Support at the Clinton White House (Video) appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Exfiltrating Reconnaissance Data from Air-Gapped ICS/SCADA Networks By Injecting Ladder Logic Code into PLCs

Industry News — Tue, 30 Jul 2019 23:40:21 +0000

Presented first at SecurityWeek’s 2017 ICS Cyber Security Conference, this presentation explains how to inject specially-crafted ladder logic code into a Siemens S7-1200 PLC. The code uses memory copy operations to generate frequency-modulated RF signals slightly below the AM band (340kHz-420kHz), with the modulation representing encoded reconnaissance data. The signal can then be picked up by a nearby antenna and decoded using a low-cost Software-Defined Radio (SDR) and a PC. The receiving equipment can be located just outside the facility […]

The post Exfiltrating Reconnaissance Data from Air-Gapped ICS/SCADA Networks By Injecting Ladder Logic Code into PLCs appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

The Growing Threat of Drones

Industry News — Wed, 24 Jul 2019 11:12:59 +0000

Drones are an increasing threat to industrial sites, enabling various attacks (cyber and physical) that historically were only possible in close proximity to a facility or device.

The post The Growing Threat of Drones appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Cisco to Acquire OT Cybersecurity Firm Sentryo

Industry News — Thu, 06 Jun 2019 14:54:30 +0000

Cisco on Thursday announced that it has agreed to acquire privately-held operational technology (OT) cybersecurity firm Sentryo for an undisclosed sum. Founded in 2014 and headquartered in Lyon, France, Sentryo, provides device visibility and security solutions for industrial control system (ICS) networks and OT assets. “Sentryo’s industrial IoT/OT technology solution helps companies like those in the energy, manufacturing, oil and gas and transportation sectors ensure the resilience of their industrial networks and protect against cybersecurity attacks,” said Rob Salvagno, VP Global Corporate […]

The post Cisco to Acquire OT Cybersecurity Firm Sentryo appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Ransomware Attack Costs Aluminum Giant Norsk Hydro Tens of Millions of Dollars

Industry News — Wed, 05 Jun 2019 14:54:57 +0000

(Eduard Kovacs – SecurityWeek) – Norwegian aluminum giant Norsk Hydro lost $35-41 million in the first quarter of 2019 as a result of the ransomware attack and expects additional losses of $23-29 million in the second quarter. A piece of file-encrypting ransomware named LockerGoga started infecting Norsk Hydro systems on March 18. The attack caused disruptions at several of the company’s plants, forcing workers to rely on manual processes. Hydro has been highly transparent regarding the impact of the incident. […]

The post Ransomware Attack Costs Aluminum Giant Norsk Hydro Tens of Millions of Dollars appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

NIST Working on IIoT Security Guide for Energy Companies

Industry News — Tue, 07 May 2019 18:55:56 +0000

(Eduard Kovacs – SecurityWeek) – The U.S. National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence (NCCoE), this week announced that it’s working on a project whose goal is to help the energy sector secure industrial Internet of Things (IIoT) systems. A draft of the project was published on Monday and the NCCoE is hoping to get some feedback until June 5 that would help it “refine the challenge and scope.” IIoT is represented by sensors, instruments […]

The post NIST Working on IIoT Security Guide for Energy Companies appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.