Hackers Can Exploit Siemens Control System Flaws in Attacks on Power Plants
According to Siemens, the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impacted by 35 security holes, including weaknesses rated critical that can be exploited for denial-of-service (DoS) attacks or arbitrary code execution on the server.
https://www.securityweek.com/hackers-can-exploit-siemens-control-system-flaws-attacks-power-plants
Critical Remote Code-Execution Bugs Threaten Global Power Plants
Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution.
Critical Remote Code-Execution Bugs Threaten Global Power Plants
New Orleans mayor declares state of emergency in wake of city cyberattack
By 11 a.m., technician investigators detected “a cybersecurity incident” and the city’s information technology department began powering down servers and city computers as a precaution, the New Orleans Office of Homeland Security and Emergency Preparedness said in a series of tweets.
https://www.cnn.com/2019/12/13/us/new-orleans-cyberattack-state-of-emergency/index.html
FDA Approves An Interoperable, Automated Insulin Pump
Dubbed the t:slim X2, this is an insulin pump that has been approved by the FDA where it can now work together with glucose monitoring devices like the Dexcom G6 glucose monitor. What this means is that as the monitor checks on the user’s glucose levels and based on that, it can dynamically adjust the required insulin levels to keep users in the safe glucose range.
https://www.ubergizmo.com/2019/12/fda-approves-automated-insulin-pump/
Bill to Protect U.S. Energy Grid From Cyberattacks Passes With NDAA
The annual military bill includes the Securing Energy Infrastructure Act, which establishes a two-year pilot program within Energy Department national laboratories with the goal of identifying vulnerabilities and isolating critical grid systems.
https://www.securityweek.com/bill-protect-us-energy-grid-cyberattacks-passes-ndaa
Schneider Electric Patches Vulnerabilities in Modicon, EcoStruxure Products
The vendor says all three flaws are caused by “improper check for unusual or exceptional conditions.” Two of the vulnerabilities have been rated high severity, and one medium severity due to Schneider determining that the attack complexity is higher compared to the other two.Modicon controller vulnerabilities
https://www.securityweek.com/schneider-electric-patches-vulnerabilities-modicon-ecostruxure-products
Large Hospital System Hit by Ransomware Attack
The system said it was advised by experts not to disclose until Friday that it had been the victim of a ransomware attack. It said that its network’s primary clinical systems had returned to being operational, and that information technology specialists were working to bring all of its applications back online.
https://www.securityweek.com/large-hospital-system-hit-ransomware-attack
Internet of crap (encryption): IoT gear is generating easy-to-crack keys
This was the conclusion reached by the team at security house Keyfactor, which analyzed a collection of 75 million RSA certificates gathered from the open internet and determined that number combinations were being repeated at a far greater rate than they should, meaning encrypted connections could possibly be broken by attackers who correctly guess a key.
https://www.theregister.co.uk/2019/12/16/internet_of_crap_encryption/
Several Critical Vulnerabilities Found in WAGO Controllers
Several critical vulnerabilities found by Cisco Talos researchers in programmable logic controllers (PLCs) made by WAGO can be exploited remotely for arbitrary code execution and denial-of-service (DoS) attacks.
https://www.securityweek.com/several-critical-vulnerabilities-found-wago-controllers
Medigate and Cerner provide medical device security across healthcare orgs
For clients that choose to implement Medigate’s medical device security and asset management, Cerner’s team of cybersecurity experts will be equipped to help accurately inventory IoT and IoMT environments and support creation of effective clinical-based policies that help protect all connected devices and reduce the risk of cyberattacks.
Medigate and Cerner provide medical device security across healthcare orgs
ICS security challenges and how to overcome them
Security cannot be an afterthought in internet-connected industrial control systems. IEEE member Kayne McGladrey offers best practices to stay safe in a connected world.
https://searchsecurity.techtarget.com/feature/ICS-security-challenges-and-how-to-overcome-them
Connected medical devices experts highlight IoT remote monitoring
Medical technology manufacturers were one of the early adopters of IIoT, but that doesn’t mean manufacturers know how to get started with IoT remote monitoring.
https://internetofthingsagenda.techtarget.com/feature/Connected-medical-devices-experts-highlight-IoT-remote-monitoring
Oddly specific ‘cyber attack’ hits Alaskan airline RavnAir and one plane type
RavnAir Group declared on 21 December that it had “experienced a malicious cyber attack on our company’s IT network” the day before, causing it to cancel all of its flights operated with Dash 8s on its RavnAir Alaska airline.
https://www.theregister.co.uk/2020/01/02/ravnair_ransomware_dhc_dash_8/
Las Vegas Suffers Cyberattack on First Day of CES
On the opening day of the huge Consumer Electronics Show (CES), officials in Las Vegas were busy assessing the damage from a cyberattack that hit the city. Officials there reportedly said preliminary analysis indicated that no sensitive data was compromised in the attack, which began around 4:30 a.m. local time Tuesday, Jan. 7.
https://www.darkreading.com/attacks-breaches/las-vegas-suffers-cyberattack-on-first-day-of-ces-/d/d-id/1336753
Car Hacking Hits the Streets
The top-three carmakers sell only connected vehicles in the United States – and other manufacturers are catching up – creating a massive opportunity for attacks, which black-hat hackers are not overlooking.
https://www.darkreading.com/edge/theedge/car-hacking-hits-the-streets/b/d-id/1336730
Threat Posed by Iran to Industrial Systems After Killing of Top General
Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems (ICS), organizations have still been advised to prepare for the possibility of being targeted.
https://www.securityweek.com/threat-posed-iran-industrial-systems-after-killing-top-general
MITRE Releases ATT&CK Knowledge Base for Industrial Control Systems
MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems (ICS).
https://www.securityweek.com/mitre-releases-attck-knowledge-base-industrial-control-systems
ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical infrastructures including energy transmission and distribution plants, oil refineries, wastewater treatment facilities, transportation systems, and more.
ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries
Smart cities are on the rise, what are the dangers?
A combination of job prospects, local amenities and other attractions is drawing more people to city living than ever before. Indeed, the UN estimates that by 2050 two-thirds of the global population will be living in cities, up from just over half currently. However, at the same time central government investment for urban areas continues to shrink, with UK cities being on “life support” due to lack of funding from Westminster for instance.
Connected Cars Moving Targets for Hackers
Israeli cybersecurity firm GuardKnox demonstrated the threat in a Formula 1 driving simulation at the Consumer Electronics show this week in Las Vegas.
https://www.securityweek.com/connected-cars-moving-targets-hackers
More Threat Groups Target Electric Utilities in North America
As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases
https://www.securityweek.com/more-threat-groups-target-electric-utilities-north-america
Here’s What We Know About the Password Spraying Attacks Conducted by Iranian Hackers
Yesterday, Dragos Inc., a cybersecurity outfit that focuses on the protection of industrial control systems (ICS), published a report which details the activities of eleven Iran-linked hacking groups, and, more specifically, their attacks against the US’ electrical grid.
https://www.cyclonis.com/what-we-know-about-password-spraying-attacks-iranian-hackers/
Oil-and-Gas APT Pivots to U.S. Power Plants
That’s according to a report from Dragos, released Thursday, which noted that the discovery is part of a broader trend in which cybercriminals focused on critical infrastructure are branching out from a single-vertical operation to multiple industrial sectors. While that reality doesn’t necessarily threaten a physically disruptive attack, it also certainly doesn’t rule it out, the firm said.
Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
Consumer Reports has issued a letter to 25 connected camera manufacturers, urging them to adopt stronger security and privacy measures for cameras, doorbells, and security systems.
https://www.darkreading.com/endpoint/consumer-reports-calls-for-iot-manufacturers-to-raise-security-standards/d/d-id/1336798
‘Fancy Bear’ Targets Ukrainian Oil Firm Burisma in Phishing Attack
Burisma Holdings, a Ukrainian oil & gas company, has been hit with a phishing campaign that began in early November 2019 and is ongoing, according to Area 1 Security, which spotted the campaign it says came out of the Main Intelligence Directorate of the General Staff of the Russian Army (GRU).
https://www.darkreading.com/attacks-breaches/phishing-attack-in-progress-against-ukrainian-oil-firm-burisma/d/d-id/1336802
Industrial Control System Features at Risk
A new analysis of industrial control systems (ICS) running in the networks of oil and gas, power generation, refining and chemicals, pulp and paper, and mining industries sheds light on how some legitimate and deeply rooted product features and functions can actually threaten their security.
https://www.darkreading.com/risk/industrial-control-system-features-at-risk/d/d-id/1336796
Design Weaknesses Expose Industrial Systems to Damaging Attacks
An analysis of industrial control systems (ICS) has shown that many products contain features and functions that have been designed with no security in mind, allowing malicious hackers to abuse them and potentially cause serious damage.
https://www.securityweek.com/hackers-can-cause-damage-industrial-systems-abusing-design-weaknesses
Iran-Linked RAT Used in Recent Attacks on European Energy Sector
Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan (RAT) previously associated with Iran-linked threat actors, Recorded Future reports.
https://www.securityweek.com/iran-linked-rat-used-recent-attacks-european-energy-sector
FDA warns hospitals about security flaws in some GE medical equipment
Some GE medical equipment have vulnerabilities that make them easy to tamper with, according to the FDA. The agency has warned hospitals and healthcare providers that a third-party cybersecurity firm has identified flaws in certain GE Healthcare Clinical Information Central Stations and Telemetry Server models
https://www.engadget.com/2020/01/23/fda-security-flaw-ge-medical-equipment/
MDhex vulnerabilities impact GE patient vital signs monitoring devices
The vulnerabilities impact seven GE Healthcare devices meant for patient vital signs monitoring. These are devices installed near patient beds, meant to collect data from sick patients, and send it back to a telemetry server, monitored by clinical staff.
https://www.zdnet.com/article/mdhex-vulnerabilities-impact-ge-patient-vital-signs-monitoring-devices/