The Relevance of WPA2 Vulnerabilities and KRACK Attacks to Industrial Systems
Critical vulnerabilities that have recently been identified in the WPA2 protocol enable threat actors to carry out Man-in-the-Middle (MitM) attacks and force devices connected to the network to reinstall encryption keys that protect traffic. These vulnerabilities can be used, among other things, to implement attacks on industrial automation systems.
Threat Landscape for Industrial Automation Systems in H1 2017
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.
WannaCry on industrial networks: error correction
During the period from 12 to 15 May 2017, numerous companies across the globe were attacked by a network cryptoworm called WannaCry. The worm’s victims include various manufacturing companies, oil refineries, city infrastructure objects and electrical distribution network facilities.
Vulnerable System Update Statistics. General Electric
This article is devoted to vulnerabilities in General Electric products. The article looks only at known vulnerabilities, a list of which was prepared based using the MITRE CVE database. All the vulnerabilities in question were uncovered in 2012 – 2016.
Nigerian phishing: industrial companies under attack
In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.
Threat Landscape for Industrial Automation Systems in the second half of 2016
The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is starting a series of regular publications about our research devoted to the threat landscape for industrial organizations.
Vulnerability in Industrial Control software and quality of the patch management
Kaspersky Lab ICS-CERT is launching a series of articles devoted to vulnerability analysis across the world. The articles aim to highlight patch management problems in the ICS world. Each article will focus on one popular ICS vendor and known vulnerabilities according to the MITRE Common Vulnerabilities and Exposures (CVE) database.
Critical infrastructure protection – governance around the world
This research is intended to find out which approaches to cybersecurity governance on the national level are currently in place around the world (especially in the sphere of protecting critical infrastructure against cyberattacks), and estimate the current maturity of cybersecurity governance in different countries.