GreyEnergy: Updated arsenal of one of the most dangerous threat actors

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors

Black Hat: Protecting Industrial Control System

Aiming to protect critical infrastructure against attacks. Industrial Control System (ICS) security was ramped up at Black Hat USA – with packed sessions ranging from specific attacks to vulnerable hardware – all with the aim of protecting critical infrastructure, whose security shortcomings so frequently hit the headlines these days. While industrial control protocols themselves are horribly insecure, there is … More Black Hat: Protecting Industrial Control System

Trends 2018: Critical infrastructure attacks on the rise

Healthcare sectors, critical manufacturing, food production and transportation also said to be targets for cybercriminals. Cyberthreats to critical infrastructure jumped into the headlines in 2017, starting with a Reuters report in January that a recent power outage in Ukraine “was a cyber-attack”. In last year’s Trends report we said that we expected infrastructure attacks to “continue to … More Trends 2018: Critical infrastructure attacks on the rise

Industrial control security practitioners worry about threats … for a reason

Written by Peter Stancik, ESET We Live Security Last month, ESET researchers confirmed the discovery of a new type of sophisticated malware now known as Industroyer, highlighting the threat posed to industrial control systems. Indeed, this is considered to be the first-ever designed to affect ICS industrial control systems directly, and is thought to be behind the December … More Industrial control security practitioners worry about threats … for a reason

Industroyer: ICS were developed decades ago with no security in mind

On December 17th, 2016, the Ukrainian capital Kiev was hit by a blackout for about 75 minutes. Local investigators later confirmed that the energy outage was caused by a cyberattack. Shortly thereafter, ESET researchers analyzed a sophisticated new malware, which is the main suspect in this case. They have named it Industroyer – the biggest threat to Industrial Control … More Industroyer: ICS were developed decades ago with no security in mind