Category: ICS Weekly Executive Summaries

Increased activity of Dridex

Introduction June 30, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) put out an advisory alert for a malware known as Dridex.  Dridex is a banking malware which first appeared at the end of 2015, and the start of 2016 where it had its highest infection rates [3]. Recently, the financial service sectors have experienced […]

Over 400 United States Hospitals Effected by Ransomware

Introduction September 28, 2020 United Health Services (UHS) was the victim of a ransomware attack [1].  This attack was initiated at midnight when less technical staff would be available to respond to the incident.  UHS employees from California, Florida, Texas, Arizona, and Washington D.C loss access to computers, phone systems, databases, and the internet [2].  […]

OilRig Targets Middle Eastern Telecommunications Organizations

Executive Summary On July 22, 2020 an article was published on the research of recent targeted attacks on Middle Eastern telecommunications organizations.  The research published was done by Unit 42 a cyber security research group within Palo Alto.  When analyzing the attacks on the Middle Eastern telecommunications organizations researchers discovered a variant of a tool […]

Targeted Attacks on Industrial Control Systems

Introduction On June 8, 2020 Honda of Japan was a victim of the snake ransomware attack also known as EKANS[2].  EKANS is a Windows ransomware that adversaries use to target industrial Control Systems (ICS) systems.  It got this name because the malware will append the work EKANS to the end of every file that it […]

Maritime Hacking

The national maritime transportation services provide millions of Americans with employment at ports and port related industries every year and contributes Trillions of dollars to the United States economy. A cyber-attack on just one shipping vessel could result in millions of dollars of damage, loss of life, and a disruption in the supply chain of […]

Industrial Gateways Vulnerable to Attack

This month researchers with the cybersecurity firm Applied Risk, discovered vulnerabilities within the Kunbus PR100088 Modbus gateway that allows attackers to gain control of the device. Modbus gateways are used in an industrial environment to connect existing networks and devices running the Modbus serial protocol to an ethernet network and allows for communication between all […]

SICAM 230 Process Control System (PCS) Vulnerabilities

The company Siemens is one of the top suppliers for electrical engineering and electronic related products. The company provides various products that are utilized in Industrial Controls Systems (ICS) that are used in smart grid applications and the Energy Sector, which is one of the 16 Critical Infrastructures designated by the Presidential Policy Directive 21 […]

Industrial Control Systems Security Influences Electric Car Companies

     Automotive companies that produce electric vehicles such as Tesla, BMW, and Nissan are being inspired by strategies that have been created for critical infrastructure systems to secure their vehicles. With vulnerabilities for accessing and controlling electric vehicles are becoming more prevalent, companies are taking a page out of Critical Infrastructure Sectors playbook for securing […]

Radio Frequency (RF) Protocols Exploited by Remote Hackers

     Construction sites, shipyards, ports, and manufacturing sites utilizes RF to control the industrial equipment on their site for day to day operations. The cybersecurity firm Trend Micro has discovered vulnerabilities within the Radio Frequency and Transmission protocols that govern these devices that would allow attackers to control industrial machines such as cranes and other […]

Electric Vehicle Charging Station Vulnerabilities

This week several vulnerabilities were reported in EVlink charging stations manufactured by Schneider Electric, that service electric vehicles. EVlink provides electric vehicle charging products for both home and commercial use, placing these vulnerabilities in the subset category of equipment manufacturing of the Manufacturing Sector of the Critical Infrastructure Sectors designated by the Presidential Policy Directive […]