Industrial Security Bulletin (Dec '19)

Industrial Security Bulletin (Dec '19)

06 Jan 2020

U.S. Coast Guard says Ryuk ransomware took down a maritime facility

The recent attack took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. According to U.S. Coast Guard, a phishing email was most likely the point of entry into the facility's network. The impacts on the facility included disruption of the entire corporate IT network, disruption of camera and physical access control systems, and loss of critical process control monitoring systems. Ryuk was first seen in August 2018 and has been responsible for multiple attacks globally so far.
Continue reading on Safety4sea

 

BMW and Hyundai targeted by cyberattack for trade secrets

OceanLotus, a Vietnam-linked threat group also known as APT32 is believed to stand behind the recent cyber-attacks on automobile giants BMW and Hyundai, intended to find trade secrets. To get access to the BMW network, the hackers created a fake website that gave the impression of belonging to the BMW branch in Thailand. BMW's security team spotted the hackers after discovering an instance of “Cobalt Strike”, a well-known penetration testing tool on one of BMW’s computers. No sensitive information was accessed by hackers during the incident and no important servers were compromised. The same campaign also allegedly targeted South Korean carmaker Hyundai, but no additional information was provided.
Continue reading on Bleeping Computer

 

Echobot malware targeting industrial control systems

Echobot made a first appeared in mid-2019 is a new variant of Mirai malware family that is known for targeting IoT devices such as home routers and IP cameras. Echobot has been expanding constantly and now consists of 71 exploits that manipulate both new and old ICS vulnerabilities. The last version of Echobot adds an exploit for CVE-2019-14927, which targets Mitsubishi Electric‘s Remote Terminal Unit (RTU), a controller with remote access to communicate with SCADA systems in the oil and gas industry, power industry, and others.
Continue reading on F5

 

Siemens contract employee sentenced to jail time for intentionally damaging computers

David Tinley who was convicted for inserting logic bombs into computer programs that he had designed for Siemens, received his sentence. Tinley was sentenced in federal court to a six-month term of imprisonment followed by a two-year term of supervised release, and a fine of $7,500 on his conviction. The logic bombs he used were made to ensure that the programs would malfunction after the expiration of a certain date. Siemens was unaware of the cause of the malfunction and hired Tinley to fix these malfunctions.
Continue reading on Business Insider

04 May 2020 Industrial Cyber-Security During COVID-19: From a Hackers’ Paradise to Resilient Remote Operations more...
26 Mar 2020 Coronavirus: Time for Remote Connection Solutions for ICS more...
18 Mar 2020 COVID-19 is a Wake-up Call for Manufacturing SMBs more...
loader
×

OTORIO website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and how to manage them, see our cookie policy.

Continue