Entries with tag industrial control systems.

Some Dragonfly Malware Victims Identified

A new analysis of circumstances surrounding the Dragonfly malware attacks has identified two of the three industrial-control-system software firms that the hackers targeted. Dale Peterson, founder and CEO of security firm Digital Bond, said the companies were MB Connect Line, a German maker of industrial routers and remote access appliances; and eWon, a Belgian virtual-private-network software developer whose products access industrial control devices. Peterson stated that he knows the identity of the third company but cannot divulge it. The Dragonfly campaign used a piece of malware known as Havex against energy-grid operators, major electricity-generation firms, petroleum-pipeline operators, and industrial-equipment providers, primarily in France, Germany, Italy, Poland, Spain, Turkey, and the US. In some cases, the hackers first breached the systems of industrial-control-system vendors that sell to energy-sector companies and infected the software they sold. The energy companies became infected with the Havex remote-access Trojans when they downloaded the compromised software. Havex steals information about infected computers and networks, as well as data from e-mail address books and virtual private networks, and sends them to the hackers’ servers. Peterson said he released the names of the affected industrial-control-system software firms because other security companies weren’t doing so in a timely manner. He said, “[I]t would be helpful if these energy control system and energy sites were made public so asset owners could be alerted that they may have been compromised."(SlashDot)(Digital Bond)

US Utility Is a Victim of Hackers

Hackers attacked the computer network of a US public utility, compromising its industrial-control-system network, according to a new report from the US Department of Homeland Security (DHS). The utility—which the DHS’s Industrial Control Systems Cyber Emergency Response Team didn’t identify—fended off the brute-force attack and its operations were not affected, according to the report, which also stated that the utility was likely attacked previously. The disclosure of such an attack is rare. (Reuters)(CNN)

Showing 2 results.