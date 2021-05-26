Cancel
FireEye: OT, Control System Attacks Increasing

By Zachary Comeau
mytechdecisions.com
 8 days ago

Cover picture for the articleAccording to a new report from cybersecurity company FireEye, cybersecurity attacks against operation technology (OT) and control systems are increasing, but the attack methods are not all that sophisticated. The company says it has observed simple attacks in which threat actors with varying levels of skill and resources use common...

mytechdecisions.com
Computersarxiv.org

Adversarial Attacks and Mitigation for Anomaly Detectors of Cyber-Physical Systems

The threats faced by cyber-physical systems (CPSs) in critical infrastructure have motivated research into a multitude of attack detection mechanisms, including anomaly detectors based on neural network models. The effectiveness of anomaly detectors can be assessed by subjecting them to test suites of attacks, but less consideration has been given to adversarial attackers that craft noise specifically designed to deceive them. While successfully applied in domains such as images and audio, adversarial attacks are much harder to implement in CPSs due to the presence of other built-in defence mechanisms such as rule checkers(or invariant checkers). In this work, we present an adversarial attack that simultaneously evades the anomaly detectors and rule checkers of a CPS. Inspired by existing gradient-based approaches, our adversarial attack crafts noise over the sensor and actuator values, then uses a genetic algorithm to optimise the latter, ensuring that the neural network and the rule checking system are both deceived.We implemented our approach for two real-world critical infrastructure testbeds, successfully reducing the classification accuracy of their detectors by over 50% on average, while simultaneously avoiding detection by rule checkers. Finally, we explore whether these attacks can be mitigated by training the detectors on adversarial samples.
Public SafetyAnchorage Press

Alaska Court System Moves Rapidly to Recover from Cybersecurity Attack

The Alaska Court system is recovering from the malware cyberattack that started at the end of April. After disabling the affected equipment and disconnecting applications from the internet, the court system’s technology department has been restoring online services in a secure manner. We do not believe any data – personal or confidential data or credit card information - was extracted from the court system’s computer systems. There is no indication this attack is related to the cyberattack experienced recently by the Alaska Department of Health and Social Services.
Public SafetyZDNet

Ransomware: Dramatic increase in attacks is causing harm on a significant scale

A dramatic increase in the number of ransomware attacks and their severity is causing harm on a significant scale, the UK's National Crime Agency (NCA) has warned. The NCA's annual National Strategic Assessment (NSA) of Serious and Organised Crime details how the overall threat from cyber crime has increased over the last year, with more severe and high profile attacks against victims.
Technologymagazinebuzz.com

SolarWinds hackers attack thousands of email systems. Microsoft warns of new attacks by the Nobelium hacker group

Microsoft has issued a warning that the Russian hacker group believed to be behind the so-called SolarWinds attacks is now beginning to attack systems again. According to Microsoft, this week the Nobelium hacker group attempted to gain access to more than 3,000 email systems belonging to various Western governments, organizations, among others, for human rights issues and various thought chains. The majority of the attacks discovered by Microsoft are said to have taken place against US interests, but other Western targets affected have also been discovered. Microsoft writes in a statement:
Public SafetyInsurance Journal

Ransomware Attack Still Disrupting IT Systems of New Zealand Hospitals

Systems are still down a week after a ransomware attack disrupted the IT network of five hospitals in the New Zealand district of Waikato, and concerns remain that private patient information may have been exposed. Patients are being asked to arrive at appointments with paper documents and banks are urged...
Softwaretales-from-a-security-professional.com

Intrusion Detection Systems - Have they become useless? Or is there a way to improve the value of this security control?

Intrusion Detection Systems (IDS for short) does analyze captured network traffic. But as more and more network traffic is becoming encrypted, the IDS solution encounters more and more difficulties demonstrating its genuine value. Which changes in the network architecture need to be made to overcome this issue?. Even when the...
Economyesecurityplanet.com

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. A report this month from the Government...
Computersarxiv.org

Relational Analysis of Sensor Attacks on Cyber-Physical Systems

Cyber-physical systems, such as self-driving cars or autonomous aircraft, must defend against attacks that target sensor hardware. Analyzing system design can help engineers understand how a compromised sensor could impact the system's behavior; however, designing security analyses for cyber-physical systems is difficult due to their combination of discrete dynamics, continuous dynamics, and nondeterminism.
Burlington, VTWCAX

Increased interest in cybersecurity in light of recent attacks

BURLINGTON, Vt. (WCAX) - In light of recent cyberattacks, like the one on the Colonial Pipeline and the ransomware attack at the University of Vermont Medical Center last year, there has been a renewed interest in cybersecurity. According to a recent CBS News report, there are nearly 500,000 available cybersecurity...
Technologynationalcybersecuritynews.today

SolarWinds hackers launch phishing attack — Defense Systems | #emailsecurity

The threat actors behind the SolarWinds attacks have launched a wide-scale email phishing campaign, according to Microsoft. In some cases, the attackers disguised their phishing emails to look as though they came from the U.S. Agency for International Development. The group, which Microsoft calls Nobelium, historically targets government organizations, think...
Technologyinfosecurity-magazine.com

Three-Quarters of Security Leaders Report Increase in Cyber-Attacks in Past Year

More than three-quarters (76%) of security leaders have reported an increase in cyber-attacks over the past 12 months, according to VMware’s Global Security Insights Report 2021. The report also found that the volume of attempts rose by a significant 52% across all affected organizations, emphasizing how accelerated digitization during the...
Technologyideaspies.com

Probably World’s Most Relentlessly Attacked System

IXDen’s novel software secures Industrial IoT sensors and data. Sensors monitoring physical parameters such as pressure, voltage, temperature, etc., are an increasingly important part of the evolving smart infrastructure. The sensors themselves, however, are a cybersecurity weak link, easy to infiltrate. IXDen uses artificial intelligence to create a multi-factor “biometric-style” profile for each sensor enabling rapid detection of intrusions, and predictions and recognition of sensor failure. This Israeli company with big ideas, strong networks of investors, and solid RnD is seeking capital with the world-renowned OurCrowd. A perfect idea to jump on board in this globalised cyber time. Link: https://www.ourcrowd.com/myportfolio/opportunities/ixden.
Visalia, CAthesungazette.com

Cyber attack shuts down VUSD’s online systems

VISALIA – Thousands of Visalia Unified teachers, students and staff were locked out of the district’s online software last week during a ransomware attack. Ransomware is a type of malware, short for malicious software, used for digital blackmail where a person or group hacks into a server and locks out the user threatening to publish the data unless they pay a ransom. Ransomware typically gains access to a server when one of the users clicks a link or downloads a file which in turn downloads a virus locking the user out of their own data.
Worldwhmi.com

Ten days after ransomware attack, Irish health system struggling

(DUBLIN) -- Staff coming into work at several Dublin hospitals on Friday, May 14, found an unsettling sight: Throughout the building, every computer screen was dark. It was the result of the massive ransomware attack that crippled Ireland's health service's IT systems and that has left most of the country's hospitals without computers for over a week.
Technologybiometricupdate.com

CMITech and Virdi biometrics integrated for Spanish contactless access control market

Managed security services provider Telefonica Tech has added CMITech’s iris and face biometrics and body temperature screening technology to its innovation centers in Madrid and Barcelona, and deployed Virdi X-Face facial recognition to the latter showroom to exhibit security and contactless access control solutions. Spanish access control solutions distributor STI...
Softwaresecurityboulevard.com

The Power of IP Intelligence

At Arkose Labs, we constantly look for new ways to improve our detection engine so as to make better decisions on who to challenge and when to serve more complex puzzles depending on the risk associated with the session. To do that, we rely on many signals that look at the traffic from different angles, one of them is IP intelligence. We recently upgraded our IP Intelligence and I thought it would be a good opportunity to share what IP intelligence is, how we use it, and what it can tell us about an attack.