Somebody’s watching! When cameras are more than just ‘smart’
The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.
IoT hack: how to break a smart home… again
There can never be too many IoT gadgets – that’s what people usually think when buying yet another connected device with advanced functionality. From our perspective, we also think there can’t be too many IoT investigations.
Gas is too expensive? Let’s make it cheap!
A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat.
A silver bullet for the attacker. A study into the security of hardware license tokens
Why we decided to analyze SafeNet Sentinel Vulnerabilities and attack vectors Peculiar functionality Non-transparent security Update software to the current version (7.6) ASAP In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems,...
MLAD: Machine Learning for Anomaly Detection
Modern industrial control systems (ICS) are cyber-physical systems that include IT infrastructure and operational technologies or OT infrastructure. Attacks on OT pose the greatest danger and are very difficult to detect. The MLAD (Machine Learning for Anomaly Detection) technology is designed to protect OT.
Industrial Enterprise and IoT Security Threats: Forecast for 2018
The Threat Landscape in 2017 The year 2017 was one of the most intensive in terms of incidents affecting the information security of industrial systems. Security experts discovered hundreds of new vulnerabilities, researched new threat vectors targeting ICS and industrial processes, collected and analyzed statistics on accidental infections of industrial systems and detected targeted attacks...
The Relevance of WPA2 Vulnerabilities and KRACK Attacks to Industrial Systems
Critical vulnerabilities that have recently been identified in the WPA2 protocol enable threat actors to carry out Man-in-the-Middle (MitM) attacks and force devices connected to the network to reinstall encryption keys that protect traffic. These vulnerabilities can be used, among other things, to implement attacks on industrial automation systems.
Threat Landscape for Industrial Automation Systems in H1 2017
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.
WannaCry on industrial networks: error correction
During the period from 12 to 15 May 2017, numerous companies across the globe were attacked by a network cryptoworm called WannaCry. The worm’s victims include various manufacturing companies, oil refineries, city infrastructure objects and electrical distribution network facilities.
Vulnerable System Update Statistics. General Electric
This article is devoted to vulnerabilities in General Electric products. The article looks only at known vulnerabilities, a list of which was prepared based using the MITRE CVE database. All the vulnerabilities in question were uncovered in 2012 – 2016.