Home / Reports

Reports

Threat landscape for industrial automation systems, H1 2019

30 September 2019

This report includes some of the findings we arrived at while analyzing statistics on the threats blocked in H1 2019, which, we believe, could be important for a wide range of our readers. The report includes descriptions of dangerous threats, as well as some suggestions, which we believe to be valid, on vectors possibly used by malware to penetrate ICS computers.
Threat landscape for smart buildings. Q1 2019 in brief

19 September 2019

We decided to study the live threats to building-based automation systems and to see what malware their owners encountered in the first six months of 2019.
Security research: CODESYS Runtime, a PLC control framework. Part 3

18 September 2019

This article continues the discussion of research on popular OEM technologies that are implemented in the products of a large number of vendors. Vulnerabilities in such technologies are highly likely to affect the security of many, if not all, products that use them. In some cases, this means hundreds of products that are used in industrial environments and in critical infrastructure facilities. This is the case with CODESYS Runtime, a framework by CODESYS designed for developing and executing industrial control system software.
Security research: CODESYS Runtime, a PLC control framework. Part 2

18 September 2019

This article continues the discussion of research on popular OEM technologies that are implemented in the products of a large number of vendors. Vulnerabilities in such technologies are highly likely to affect the security of many, if not all, products that use them. In some cases, this means hundreds of products that are used in industrial environments and in critical infrastructure facilities. This is the case with CODESYS Runtime, a framework by CODESYS designed for developing and executing industrial control system software.
Security research: CODESYS Runtime, a PLC control framework. Part 1

18 September 2019

This article continues the discussion of research on popular OEM technologies that are implemented in the products of a large number of vendors. Vulnerabilities in such technologies are highly likely to affect the security of many, if not all, products that use them. In some cases, this means hundreds of products that are used in industrial environments and in critical infrastructure facilities. This is the case with CODESYS Runtime, a framework by CODESYS designed for developing and executing industrial control system software.
The internet of things security maturity model: a nudge for IoT cybersecurity

14 August 2019

The purpose of the IoT Security Maturity Model (IoT SMM) is to help choose protection measures against cyberthreats that correspond to the company’s actual business needs.
How we hacked our colleague’s smart home, or morning drum & bass

01 July 2019

In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center 2 and Fibaro Home Center Lite version 4.540, as well as vulnerabilities in the online API.
Threat landscape for industrial automation systems. H2 2018

27 March 2019

Key Events – H2 2018 APT attacks on industrial targets APT attack by the Leafminer group New GreyEnergy malware The Sharpshooter campaign MuddyWater Cloud Hopper Shamoon v.3 Cybercrime Activity Ransomware attacks Phishing attacks on Russian industrial companies Phishing attacks on enterprises around the world Vulnerabilities identified in 2018 Vulnerabilities in various ICS components Number of...
GreyEnergy’s overlap with Zebrocy

24 January 2019

Kaspersky Lab ICS CERT has identified an overlap between GreyEnergy and a Sofacy subset called “Zebrocy”. The Zebrocy activity was named after malware that Sofacy group began to use since mid-November 2015 for the post-exploitation stage of attacks on its victims. Zebrocy’s targets are widely spread across the Middle East, Europe and Asia and the targets’ profiles are mostly government-related.
Security research: ThingsPro Suite – IIoT gateway and device manager by Moxa

22 January 2019

It is obvious that the security of products that are part of the industrial internet of things (IIoT) ecosystem requires special attention. This time, our research focused on ThingsPro Suite – an IIoT gateway and device manager by Moxa.