On August 13, 2019, the Siemens CERT Team issued an advisory (SSA-100232) concerning Siemens SCALANCE switch devices. This vulnerability was responsibly disclosed to Siemens CERT Team and CISA by Nozomi Networks Labs.
Learn more about our findings and gain a better understanding of the cyber risks of legacy devices.
Building cyber resiliency puts a lot of pressure on an organization’s security team. It requires specialized knowledge that takes time to develop, and there just aren’t enough skilled cyber experts to go around.
Which begs the question: are the limited number of security experts holding the front lines in danger of burnout – and what can we do about it?
Today at Black Hat USA we’re presenting an innovative power grid cyber security solution that greatly improves monitoring of intelligent electronic devices (IEDs).
Using the IEC 62351 standard for monitoring industrial networks, we demonstrate how four types of hard-to-detect attacks are readily identified.
On August 1, security researchers at Proofpoint reported the details of spearphishing campaign targeting three different United States utility companies using a malware called “LookBack.” The spearphishing emails contained a malicious Microsoft Word attachment that installed a Remote Access Trojan (RAT) capable of performing activities like deleting files, taking screenshots, rebooting machines, and then deleting itself from an infected network.
Learn more about LookBack malware and how you can detect it.
As a passionate champion for secure-by-design power grid systems, I’ve been part of WG15, the group defining IEC 62351 standards to enable such systems, for years.
If you’d like to learn about the future of cyber security for electric utilities, I urge you to read this article. It also provides a sneak peek into our related (and groundbreaking!) talk about power system security at Black Hat USA 2019.
Today, the U.S. Department of Homeland Security issued ICS CERT Advisory (ICSA-19-120-01) concerning Rockwell Automation CompactLogix controllers.
Nozomi Networks responsibly disclosed the vulnerability to CISA and Rockwell Automation.
Read on to learn about our findings and gain a better understanding of the cyber risks of legacy devices.