On October 14th, a report was publicly released regarding the Sandworm team. After beginning an investigation into the affiliated malware samples and domains, we quickly came to realization that this group is very likely targeting SCADA-centric victims who are using GE Intelligent Platform’s CIMPLICITY HMI solution suite. We have observed this team utilizing .cim and .bcl…
Read MoreThe “Internet of Everything” (also known as the Internet of Things) became one of the biggest technology buzzwords of 2013, as can easily be seen in Google Trends. This term refers to the increased digitisation of everyday objects – any new technology device is being designed with connectivity in mind, whether that device is a smart…
Read MoreThe past year has been an interesting one in the world of cyber security. Mobile malware has become a large-scale threat, government surveillance has users asking “does privacy still exist?”, cybercrime continues to steal money from individuals and businesses, and new targets for hackers like AIS and SCADA have been identified. 2013 was many things,…
Read MoreThe concern on ICS/SCADA security gained prominence due to high-profile attacks targeting these devices, most notably Flame and Stuxnet. However, we noted recent findings, which prove that the interest in ICS/SCADA devices as attack platforms is far from waning. We’ve all read about how insecure ICS/SCADA devices are and how certain threat actors are targeting…
Read MoreRecently, I spoke at the Forum of Incident Response and Security Teams (FIRST) in Bangkok, Thailand on threat intelligence and incident response. The mantra throughout FIRST was “sharing to win”, the concept of which echoes throughout security got me to thinking about information sharing in the ICS/SCADA security arena. This idea of sharing thoughts and…
Read More