Industrial Security Bulletin (Sep '19)

Industrial Security Bulletin (Sep '19)

07 Oct 2019

First-ever DoS Cyber-attack on U.S. power grid

The non-targeted attack caused brief communications outages of less than five minutes to a dozen wind and solar farms, belonging to Utah-based renewable energy developer sPower, the biggest private solar power operator in the U.S. The attack was carried on March 5th, 2019 yet revealed only in September. Fortunately, these outages had no impact on power generation. The failure was the result of multiple firewall reboots spanning over a 10-hour period. Wind and solar generation sites pose some unique challenges compared with natural gas, coal or nuclear plants because they rarely have personnel on-site. Due to the lack of personnel on-site, incident response efforts might cause a longer period of detection and remediation.
Continue reading on Gridintel


U.S. utilities targeted with LookBack malware

A new series of phishing attacks were spotted targeting entities in the United States utilities sector in an attempt to deliver the LookBack remote access Trojan (RAT). The first attack, carried in early august while the current one was observed between August 21 and August 29. LookBack, which hasn’t been attributed to a specific adversary yet, is a new remote access trojan that uses a proxy mechanism for command and control communication. The phishing emails contained Word documents with malicious macros that were designed to download and execute LookBack.The emails impersonated a licensing body related to the utilities sector, masquerading as Global Energy Certification (GEC). So far, the security researchers have identified at least 17 entities in the US utilities sector that have been targeted by these threat actors from April 5 through August 29, 2019.
Continue reading on Proofpoint

 

Airbus hit by series of cyberattacks on suppliers, including British engine-maker Rolls-Royce

Hackers targeted Airbus suppliers – British engine-maker Rolls-Royce, French technology consultancy and supplier Expleo, and two other French contractors, in an attempt to gain access to the Airbus’s entire network. The hackers targeted the VPN which connected the following companies to Airbus. The main goal was to steal commercial secrets, including documents related to the engines of the military transport plane A400M. Several sources linked the hackers to the Chinese hacking group APT10 or JSSD but Beijing rejected the claims. Third-party data breaches rise every year and it is becoming vital to secure and to manage the supply chain relationship.
Continue reading on Techerati

04 May 2020 Industrial Cyber-Security During COVID-19: From a Hackers’ Paradise to Resilient Remote Operations more...
26 Mar 2020 Coronavirus: Time for Remote Connection Solutions for ICS more...
18 Mar 2020 COVID-19 is a Wake-up Call for Manufacturing SMBs more...
loader
×

OTORIO website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and how to manage them, see our cookie policy.

Continue