Thursday, March 28, 2024

Now Industrial Control Systems (ICS) Become Prime Target for Cyber Attackers

Industrial management systems (ICS/SCADA) are now the prime target for cyber attackers seeking to compromise the production base and public utilities.

The gift of previous embedded Microsoft® operational systems gives attackers a well-protected supported provision to launch their attack and establish “backdoors” to compromise the enterprise systems.

Over the past 5 years, cyber security has become a prime corporate issue among the manufacturing industries for chief executive officers, their team and therefore the board of administrators.

Manufacturing sector firms, despite seeing a reduction in attacks and security incidents in 2016 still experienced a number of the foremost serious and compromising attacks.

Also Read Important Consideration of Industrial Network Security and Protect SCADA & ICS System with mGuard

ICS/SCADA Attack report

TrapX submitted an exciting report on the attack over ICS and SCADA security with real world examples. Many cyber attackers tend to use generic cyber attack tools and normal malware.

They may Use a well developed socially built attack however within the finish, have faith in normal attack vectors. They use target manufacturing units directly, however, don’t demonstrate or utilize any special data of the commercial method management systems.

Industrial management Systems vendors are followed by several documented vulnerabilities that are currently freely out there on the Internet from numerous sources.

The vulnerabilities cover backdoors, lack of authentication and coding, and weak password storage schemes that might permit attackers to achieve access to the systems and so compromise them.

“Air gaps” are eminent than not, however, don’t guarantee the security of the ICS network. Information from their security operations center shows that these methods fail. This is often a typical theme visible inside the installations reviewed by our security operations team and TrapX Labs personnel. Social engineering targeted towards your personal or those of your vendors and suppliers will jump the “air gap.” Says TrapX

Old normal operational systems like Windows 7, Windows XP, and Windows 2000 are widely distributed among the worldwide ICS production base.

These operating systems are out of date and there are no fixes for several renowned attack vectors. They’re targets of selection for attackers.

Also Read Large scale Cyber attack Targeting Weak Spot in the Vital Electrical Infrastructure

Website

Latest articles

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles