Practical example of fuzzing OPC UA applications

19 October 2020

We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available. We also discuss an example of fuzzing using libfuzzer.
What it feels like for a turbine

13 October 2020

The goal of the article is to raise awareness on security of Distributed Control Systems (DCS), propose a methodology for assessment, and a remediation strategy. Defenders are always behind attackers, and this publication is trying to balance things out.
MontysThree: Industrial espionage with steganography and a Russian accent on both sides

08 October 2020

In Summer 2020 we uncovered a previously unknown multi-module C++ toolset used in highly targeted industrial espionage attacks dating back to 2018.
Threat landscape for industrial automation systems. H1 2020

24 September 2020

Contents H1 2020 Report at a glance Key events of H1 2020 Attack on steel maker BlueScope APT attacks on industrial companies WildPressure targeted campaign Malicious campaigns against government and industrial organizations of Azerbaijan Targeted attacks on Israeli water supply and wastewater treatment facilities Ransomware attacks on industrial companies Ransomware attack paralyzes production at Picanol...
The State of Industrial Cybersecurity 2020

15 September 2020

In 2020 ARC Advisory Group on behalf of Kaspersky conducted a survey on the state of industrial cybersecurity, as well as the current priorities and challenges of industrial organizations. More than 330 industrial companies and organizations across the globe were surveyed online and 10 industry representatives were interviewed at trade fairs and ARC forums worldwide....
Cyberthreats for ICS in Energy in Europe. Q1 2020

31 August 2020

Object of research Computers in European countries which are used to configure, maintain and control equipment in the energy industry on which Kaspersky products are installed. This includes Windows computers on which various software packages for the energy industry are installed, including but not limited to human-machine interface (HMI), OPC gateway, engineering, control and data...
Steganography in attacks on industrial enterprises (updated)

17 June 2020

Kaspersky ICS CERT experts have identified a series of attacks on organizations located in different countries.
Overview of recommendations on organizing secure remote work for critical infrastructure and other facilities

30 April 2020

Due to the СOVID-19 pandemic, many organizations have had to switch to remote work. The sheer scale of the change has given rise to numerous discussions on the security of working remotely among information security experts, including those who focus on industrial cybersecurity. Do issues related to the security of remote work affect critical infrastructure...
Threat landscape for industrial automation systems. APT attacks on industrial companies in 2019

24 April 2020

In February 2019, researchers from the 360 Threat Intelligence Center reported continuing targeted attacks on Colombian government institutions and large companies in the financial sector, petroleum industry, manufacturing and other sectors.
Threat landscape for industrial automation systems. Ransomware and other malware: key events of H2 2019

24 April 2020

This section presents an overview of threats related to ransomware activity against municipal institutions, industrial enterprises and critical infrastructure facilities.