[MART] - Daily Diary #492 - CISA, NSA, FBI, and DOE Publishes Joint Advisory Against ICS Threats
CTAS-MAT
ctas-mat at appgate.com
Thu Apr 14 21:03:50 UTC 2022
Hello,
I hope everyone is doing well!
Below is the entry for today.
04/14/2022 - Diary entry #492
In our Daily Diary #490, we covered Industroyer and other malware being launched against Ukrainian energy facilities. When executed, Industroyer takes control of industrial control systems (ICS) and provides a backdoor so attackers can disrupt the facility operations.
This week a joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) was published, warning against advanced persistent threat (APT) actors that have the capability to gain full system access against multiple ICS.
In the advisory, it's included a list of devices that are considered a risk of being compromised and hijacked. The group also advised against the malicious threat Pipederem (a.k.a Incontroller), first discovered earlier this year. Pipedream, just like Industroyer, is a modular malware framework that allows attackers to take control over the ICS, and, in a successful attack, disrupt operations.
The advisory also adds a list of recommendations for organizations to be protected against such threats, like segmenting networks, enforcing multi-factor authentication, keeping a robust backup system, and adopting a continuous monitoring over the network. ZeroTrust becomes the natural response to that, allowing companies to have a better chance of detecting an ongoing attack and reducing the damages of a potential cybersecurity incident.
Kind Regards,
[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>
[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/> [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity> [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>
Felipe Duarte Domingues
Security Researcher
Appgate
E: felipe.duarte at appgate.com<mailto:felipe.duarte at appgate.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220414/96c1e685/attachment.htm>
More information about the MART
mailing list