Adapting industrial control system (ICS) security to the new normal

by | Jun 29, 2022 | Technology

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Despite the number of high-profile attacks in the second half of 2021 slightly declining from earlier in the year, the impact of these attacks has not. With cyber-physical assets remaining highly connected, security measures for critical industrial, healthcare and enterprise ICS devices have taken the front seat. A recent report found that 34% of vulnerabilities disclosed in the second half of 2021 were among cyber-physical systems in the internet of things (IoT), information technology (IT) and internet of medical things (IoMT) verticals, proving the need for said security measures to encompass the entire extended internet of things (XIoT), not just operational technology (OT). 

Tardigrade malware

Spreading throughout several biomanufacturing facilities, the Tardigrade malware was responsible for at least two attacks in April and October on the healthcare sector that allowed bad actors to obtain sensitive company information and deploy malware.

A polymorphic malware, Tardigrade changes properties based on the different environments it finds itself in, making it hard to predict and protect against. BioBright researchers compared the Tardigrade malware to Smoke Loader and, more specifically, described it as having the functionality of a trojan, meaning that once installed on a victim network it searches for stored passwords, deploys a keylogger, starts exfiltrating data and establishes a backdoor for attackers to choose their own adventure.

In response to the known attacks, healthcare companies that could be at risk were warned to scan their biomanufacturing networks for any potential signs of an attack. In an advisory put out by the Bioeconomy Information Sharing and Analysis Center (BIO-ISAC), the nonprofit that initially published the Tardigrade research, they recommended treating networks as if they were compromised or will be compromised and review cybersecurity measures and adjust as needed.

Log4j

Another major vulnerability discovered in the second half of 2021, the Log4Shell vulnerability is a zero-day that …

Article Attribution | Read More at Article Source

Share This