#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

ICS Malware | Breaking Cybersecurity News | The Hacker News

Category — ICS Malware
Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

Apr 13, 2022
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday  disclosed  that it thwarted a cyberattack by Sandworm , a hacking group affiliated with Russia's military intelligence, to sabotage the operations of an unnamed energy provider in the country. "The attackers attempted to take down several infrastructure components of their target, namely: Electrical substations, Windows-operated computing systems, Linux-operated server equipment, [and] active network equipment," the State Service of Special Communications and Information Protection of Ukraine (SSSCIP)  said  in a statement. Slovak cybersecurity firm ESET, which collaborated with CERT-UA to analyze the attack, said the attempted intrusion involved the use of ICS-capable malware and regular disk wipers, with the adversary unleashing an updated variant of the  Industroyer  malware, which was first deployed in a 2016 assault on Ukraine's power grid. "The Sandworm attackers made an attempt to d
FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Oct 24, 2018
Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON , also known as Trisis, is a piece of ICS malware designed to target the Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric which are often used in oil and gas facilities. Triconex Safety Instrumented System is an autonomous control system that independently monitors the performance of critical systems and takes immediate actions automatically if a dangerous state is detected. Since malware of such capabilities can't be created by a computer hacker without possessing necessary knowledge of Industrial Control Systems (ICS), researchers believe with "high confidence" that Moscow-based lab Central Scientific Research Institute of Chemistry and
How to Get Going with CTEM When You Don't Know Where to Start

How to Get Going with CTEM When You Don't Know Where to Start

Oct 04, 2024Vulnerability Management / Security Posture
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities - before they can be exploited by attackers.  On paper, CTEM sounds great . But where the rubber meets the road – especially for CTEM neophytes - implementing CTEM can seem overwhelming. The process of putting CTEM principles into practice can look prohibitively complex at first. However, with the right tools and a clear understanding of each stage, CTEM can be an effective method for strengthening your organization's security posture.  That's why I've put together a step-by-step guide on which tools to use for which stage. Want to learn more? Read on… Stage 1: Scoping  When you're defin
TRITON Malware Targeting Critical Infrastructure Could Cause Physical Damage

TRITON Malware Targeting Critical Infrastructure Could Cause Physical Damage

Dec 15, 2017
Security researchers have uncovered another nasty piece of malware designed specifically to target industrial control systems (ICS) with a potential to cause health and life-threatening accidents. Dubbed Triton, also known as Trisis, the ICS malware has been designed to target Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric—an autonomous control system that independently monitors the performance of critical systems and takes immediate actions automatically, if a dangerous state is detected. Researchers from the Mandiant division of security firm FireEye published a report on Thursday, suggesting state-sponsored attackers used the Triton malware to cause physical damage to an organization. Neither the targeted organization name has been disclosed by the researchers nor they have linked the attack to any known nation-state hacking group. According to separate research conducted by ICS cybersecurity firm Dragos, which calls this malware "
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Expert Insights / Articles Videos
Cybersecurity Resources