Manuel 'HonkHase' AtugMay 25, 2024

#KRITIS Sektor #Energie

"A new study from UC Santa Cruz looks into these unique attacks dubbed #Industroyer One (2016) and Two (2022) and analyzes how they operated and interacted with the physical power system equipment"
https://i-hls.com/archives/123920

Ukraine Malware Blackouts and The Physical Threats of Cyber Warfare - iHLS

This post is also available in: עברית (Hebrew)Back in 2016, Ukraine experienced the first-ever known malware-caused blackout that affected a fifth of Kyiv’s citizens. Six years later, during the early stages of the Russia-Ukraine war, a second attack attempted to combine kinetic and cyber attacks to topple Ukraine’s power grid. These first of their kind […]

iHLS
Joe SłowikDec 12, 2022

There's an entire school of thought for #ICS #OT security where the ultimate issue at stake is sensor integrity and compromise.

You can tell this school of thought is intellectually bankrupt because they focus on the incredibly hard problem (in terms of access of deeply-embedded devices and number as these will be numerous and overlapping in scope), instead of looking at actual abuse of sensor technology: by compromising the endpoint or midpoint to spoof, replay, or otherwise manipulate the telemetry stream, while leaving the sensor itself alone.

This is what #Stuxnet did. This is kinda what #Triton tried to do. Arguably it alings with the #Siprotec relay DoS in #Industroyer. Yet because of commercial interests (or maybe lack of analysis and creativity) we observe a focus on the hardest possible avenue for corrupting #OT ecosystem integrity - compromising sensors - while ignoring the very real AND REALIZED threat of telemetry abuse and spoofing.

ITSEC NewsNov 12, 2020
From Triton to Stuxnet: Preparing for OT Incident Response - Lesley Carhart, with Dragos, gives Threatpost a behind-the-scenes look at how industrial companies... https://threatpost.com/triton-stuxnet-ot-incident-response/161147/ #industrialcontrolsystem #criticalinfrastructure #manufacturingsecurity #operationaltechnology #newsmakerinterviews #industrialmalware #incidentresponse #crashoverride #lesleycarhart #websecurity #coronavirus #industroyer #industrial #factories #podcasts #podcast
From Triton to Stuxnet: Preparing for OT Incident Response

Lesley Carhart, with Dragos, gives Threatpost a behind-the-scenes look at how industrial companies are faring during the COVID-19 pandemic – and how they can prepare for future threats with effective incident response plans.

Threatpost - English - Global - threatpost.com
Show threadStéphane BortzmeyerJan 21, 2019
2016, #Industroyer ciblant les centrales éléctriques ukrainiennes, le logiciel malaveillant commence à avoir des effets physiques, pas seulement digitaux (oui, je trolle).
#Coriin
Perfect PrivacyJun 13, 2017
Dangerous #malware discovered that can take down electric power grids http://thehackernews.com/2017/06/electric-power-grid-malware.html #Industroyer #CrashOverRide
Laurent BauvensJun 13, 2017
Découverte en #Ukraine d'un malware spécialement conçu pour le sabotage des réseaux électriques industriels.
#Sécurité #informatique #SSI #Industroyer
http://www.usine-digitale.fr/article/un-malware-d-un-nouveau-genre-met-en-danger-tout-le-reseau-electrique-europeen.N551953
VerfassungklageJun 12, 2017

#Industroyer:

Fortgeschrittene #Malware soll #Energieversorgung der #Ukraine gekappt haben ...

Sicherheitsforscher haben nach eigenen Angaben eine Art zweites Stuxnet entdeckt: Einen Trojaner, der auf die Steuerung von Umspannwerken zugeschnitten ist. Er soll für Angriffe auf den ukrainischen Stromversorger Ukrenergo verantwortlich sein.

https://m.heise.de/newsticker/meldung/Industroyer-Fortgeschrittene-Malware-soll-Energieversorgung-der-Ukraine-gekappt-haben-3740606.html