SCADA Archives - Industrial Control Systems (ICS) Cybersecurity Conference

Side-Channel Attacks Put Critical Infrastructure at Risk

Industry News — Mon, 05 Nov 2018 13:52:26 +0000

ICS Devices Vulnerable to Side-Channel Attacks: Researcher Shows (Eduard Kovacs – SecurityWeek) Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek’s ICS Cyber Security Conference in Atlanta, GA. Demos Andreou, a lead engineer at power management company Eaton, has conducted an analysis of protection devices typically used in the energy sector, specifically in power distribution stations. Side-channel attacks can be used to extract data from a system based on information […]

The post Side-Channel Attacks Put Critical Infrastructure at Risk appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Rockwell Patches Vulnerability Impacting Safety Controllers From Several Vendors

Industry News — Mon, 25 Jun 2018 12:27:35 +0000

(Eduard Kovacs – SecurityWeek) – In April, at SecurityWeek’s ICS Cyber Security Conference in Singapore, industrial cybersecurity firm Applied Risk disclosed the details of a serious denial-of-service (DoS) vulnerability affecting safety controllers from several major vendors. Rockwell Automation is one of those vendors and the company has now released patches for its products. In an advisory published last week, Rockwell Automation informed customers that the flaw impacts Allen-Bradley CompactLogix 5370 and Compact GuardLogix 5370 programmable automation controllers, which are used to control […]

The post Rockwell Patches Vulnerability Impacting Safety Controllers From Several Vendors appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Critical Vulnerabilities Found in Siemens Building Automation, Telecontrol Products

Industry News — Wed, 28 Mar 2018 15:14:00 +0000

(Eduard Kovacs / SecurityWeek) – Industrial giant Siemens this week warned that critical vulnerabilities have been found in some of its telecontrol and building automation products, and revealed that some SIMATIC systems are affected by a high severity flaw. One advisory published by the company describes several critical and high severity flaws affecting Siveillance and Desigo building automation products. The security holes exist due to the use of a vulnerable version of a Gemalto license management system (LMS). The bugs […]

The post Critical Vulnerabilities Found in Siemens Building Automation, Telecontrol Products appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Bechtel Opens Industrial Cyber Security Lab

Industry News — Wed, 08 Mar 2017 01:20:56 +0000

Global engineering and construction giant Bechtel has opened a new cyber security lab aimed at protecting industrial equipment and software that control facilities such as power plants, chemical plants, and other large-scale critical infrastructure operations. With the goal of protecting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems from cyber threats, Bechtel says the lab will leverage its experience designing and implementing National Institute of Standards and Technology Risk Management Framework (NIST-RMF) solutions for its […]

The post Bechtel Opens Industrial Cyber Security Lab appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Rockwell Automation Partners With Claroty on Industrial Network Security

Industry News — Wed, 08 Feb 2017 21:22:10 +0000

Rockwell Automation is teaming up with industrial cybersecurity startup Claroty to combine their security products and services into future, combined security offerings. Rockwell, an industrial automation giant with more than 22,000 employees, said that after a competitive review process it selected Claroty for its anomaly-detection software purpose built for industrial network security. Armed with $32 million in funding through Series A and a Series B rounds, Claroty exited stealth mode in September 2016 to announce a security platform designed to […]

The post Rockwell Automation Partners With Claroty on Industrial Network Security appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Exploring Risks of IT Network Breaches to Industrial Control Systems (ICS)

Industry News — Tue, 17 Jan 2017 20:42:59 +0000

(SecurityWeek / Eduard Kovacs) – There have been several incidents recently where a critical infrastructure organization’s IT systems were breached or became infected with malware. SecurityWeek has reached out to several ICS security experts to find out if these types of attacks are an indicator of a weak security posture, which could lead to control systems also getting hacked. Security incidents involving critical infrastructure organizations There are only a few publicly known examples of cyberattacks targeting an organization’s industrial control systems […]

The post Exploring Risks of IT Network Breaches to Industrial Control Systems (ICS) appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Kaspersky Launches Industrial Control Systems CERT

Industry News — Wed, 02 Nov 2016 13:28:30 +0000

Kaspersky Lab has launched a new global computer emergency response team (CERT) focusing on industrial control systems (ICS). Through the Kaspersky Lab ICS-CERT, the security firm wants to share its knowledge and experience in securing industrial systems and coordinate the exchange of information between stakeholders. Officially launched last month, the new initiative aims to provide information on the latest threats, vulnerabilities, security incidents, mitigation strategies, incident response, compliance and investigations. Since it’s a non-commercial project, the Kaspersky Lab ICS-CERT will offer […]

The post Kaspersky Launches Industrial Control Systems CERT appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.

Siemens Fixes Vulnerabilities in SIMATIC, License Manager Products

Industry News — Mon, 17 Oct 2016 12:57:47 +0000

(SecurityWeek) – Siemens has released software updates to address several vulnerabilities in its SIMATIC and Automation License Manager (ALM) products. According to advisories published last week by both ICS-CERT and Siemens, the ALM, which allows customers to centrally manage licenses for their Siemens products, is affected by three vulnerabilities. The security holes, including one rated high severity and one rated critical, were reported to the vendor by researchers from Kaspersky Lab’s critical infrastructure team. The critical vulnerability, tracked as CVE-2016-8565, […]

The post Siemens Fixes Vulnerabilities in SIMATIC, License Manager Products appeared first on Industrial Control Systems (ICS) Cybersecurity Conference.