In this issue we discuss new information about NotPetya; cover North Korean hackers behind WannaCry; ICS zero-day vulnerabilities recently discovered by CyberX’s threat intelligence team; and grid security news from the DoE and DHS. We’re also excited to announce that CyberX and one of our clients, the CISO of a global CPG manufacturer, will be presenting at the Palo Alto Networks IGNITE Europe conference, in a session titled “Effectively Detecting & Preventing Threats to Your ICS/SCADA Network.”
In this issue we discuss why the top US intelligence office feels the persistent danger of Russian cyberattacks is akin to the “blinking red light” warnings ahead of the Sept. 11, 2001 attacks; an attempted attack on a Ukrainian chlorine factory; and the EU’s NIS Directive to tighten security for critical infrastructure organizations, with fines for non-compliance up to $20M.
In this issue we discuss: VPNFilter malware that captures MODBUS traffic and destroys routers; how the Iranian government has contracted 50 separate hacking groups to strike Western targets; why North Korean hackers are treated like Olympic athletes by the DPRK; and the DHS’s new cyber strategy.
In this issue, we have a number of new stories about Dragonfly (aka Energetic Bear), the Russian threat group that’s targeted energy firms since at least 2013. You’ll also read about why Iran is now perceived as having an “A-Team” of cyberattackers, and several articles about why routers are now juicy targets for attackers.
In our 3rd edition of The CyberX Files, we’ll cover a busy month for the ICS security community. The US DHS and FBI confirmed that Russian threat actors have successfully compromised US critical infrastructure networks and new information emerged that TRITON may be connected to a series of cyberattacks on Saudi Arabian petrochemical plants. We have been busy as well, announcing the largest Series B funding round to date for an ICS cybersecurity company.
In this newsletter, you’ll find the latest thought-provoking and informative articles from the world of industrial cybersecurity, including articles from Dark Reading, SC Magazine, Ars Technica, The Last Watchdog and Security Week.