[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] BlackEnergy crimeware coursing through US control systems
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2014-10-29 9:45:30
Message-ID: alpine.DEB.2.02.1410290945180.23854 () infosecnews ! org
[Download RAW message or body]

http://www.theregister.co.uk/2014/10/29/blackenergy_crimeware_pwning_us_control_systems_cert_warns/

By Darren Pauli
The Register
29 Oct 2014

Industrial control systems in the United States have been compromised by 
the BlackEnergy malware toolkit for at least three years in a campaign the 
US Computer Emergency Response Team has dubbed "ongoing" and 
sophisticated.

Attackers had compromised unnamed industrial control system operators and 
implanted BlackEnergy on internet-facing human-machine interfaces 
including those from GE Cimplicity, Advantech/Broadwin WebAccess, and 
Siemens WinCC.

The latter system was often used by large plant operators including Iran's 
Natanz uranium facility at the time it was hosed by Stuxnet, however the 
latest attacks targeting the platform are suspected but not confirmed.

The CERT had not identified attempts to damage or disrupt system processes 
but had not verified if hackers had pivoted laterally across the victim 
networks.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]