Practical example of fuzzing OPC UA applications
We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.
What it feels like for a turbine
The goal of the article is to raise awareness on security of Distributed Control Systems (DCS), propose a methodology for assessment, and a remediation strategy. Defenders are always behind attackers, and this publication is trying to balance things out.
MontysThree: Industrial espionage with steganography and a Russian accent on both sides
In Summer 2020 we uncovered a previously unknown multi-module C++ toolset used in highly targeted industrial espionage attacks dating back to 2018.
Threat landscape for industrial automation systems. H1 2020
Contents H1 2020 Report at a glance Key events of H1 2020 Attack on steel maker BlueScope APT attacks on industrial companies WildPressure targeted campaign Malicious campaigns against government and industrial organizations of Azerbaijan Targeted attacks on Israeli water supply and wastewater treatment facilities Ransomware attacks on industrial companies Ransomware attack paralyzes production at Picanol...
The State of Industrial Cybersecurity 2020
In 2020 ARC Advisory Group on behalf of Kaspersky conducted a survey on the state of industrial cybersecurity, as well as the current priorities and challenges of industrial organizations. More than 330 industrial companies and organizations across the globe were surveyed online and 10 industry representatives were interviewed at trade fairs and ARC forums worldwide....
Cyberthreats for ICS in Energy in Europe. Q1 2020
Object of research Computers in European countries which are used to configure, maintain and control equipment in the energy industry on which Kaspersky products are installed. This includes Windows computers on which various software packages for the energy industry are installed, including but not limited to human-machine interface (HMI), OPC gateway, engineering, control and data...
Steganography in attacks on industrial enterprises (updated)
Kaspersky ICS CERT experts have identified a series of attacks on organizations located in different countries.
Overview of recommendations on organizing secure remote work for critical infrastructure and other facilities
Due to the СOVID-19 pandemic, many organizations have had to switch to remote work. The sheer scale of the change has given rise to numerous discussions on the security of working remotely among information security experts, including those who focus on industrial cybersecurity. Do issues related to the security of remote work affect critical infrastructure...
Threat landscape for industrial automation systems. APT attacks on industrial companies in 2019
In February 2019, researchers from the 360 Threat Intelligence Center reported continuing targeted attacks on Colombian government institutions and large companies in the financial sector, petroleum industry, manufacturing and other sectors.
Threat landscape for industrial automation systems. Ransomware and other malware: key events of H2 2019
This section presents an overview of threats related to ransomware activity against municipal institutions, industrial enterprises and critical infrastructure facilities.