You are here

Home » Cybersecurity

Cybersecurity

Lessons Learned from the Top Eight World Crises Exploited by Cyber Criminals

The COVID-19 pandemic isn’t the only worldwide crisis to have been exploited by cyber criminals. Seven earlier crises that were similarly leveraged include another disease – the 2009 swine flu – as well as natural disasters like the earthquakes in Haiti in 2010 and Japan in 2011 and malicious events, including the mass shooting targeting New Zealand mosques in 2019. Following a brief review of each of these, and what cyber criminals did to take advantage of the situations, the article presents lessons learned. The first of which is that cyber crime simply has no scruples.

NSA Releases Guidance on Limiting Location Data Exposure

The National Security Agency (NSA) has released an information sheet with guidance on how to configure mobile devices to limit how much location data they can expose. The product emphasizes that location data can be extremely valuable, potentially revealing details like the number of users in a location, user and supply movements, daily routines, and otherwise unknown associations between users and locations. It acknowledges that some of the measures for mitigating location tracking risks are impractical, given that users rely on features that would be disabled by the measures.

Trailer Power Line Communications (ICSA-20-219-01)

CISA has published an advisory on an exposure of sensitive information through sent data vulnerability in Trailer Power Line Communications, all of which are affected. Research indicates it is possible to read PLC signals using active antennas reliably at 6 feet and up to 8 feet away, subject to environmental conditions.  No current mitigations have been developed alongside this research. The goal of CISA’s advisory is to bring awareness of the issue. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.

Geutebrück G-Cam and G-Code (ICSA-20-219-03) – Product Used in the Energy Sector

CISA has published an advisory on an OS command injection vulnerability in Geutebrück G-Cam and G-Code. For G-Code, EEC-2xxx is affected. For G-Cam, EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx are affected. Successful exploitation of this vulnerability could allow remote code execution as root. Geutebrück recommends users update to firmware Version 1.12.0.27. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Advantech WebAccess HMI Designer (ICSMA-20-219-02) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on heap-based buffer overflow, out-of-bounds read, out-of-bounds write, type confusion, stack-based buffer overflow, and double free vulnerabilities in Advantech WebAccess HMI Designer. Versions 2.1.9.31 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. Advantech has released Version 2.1.9.81 of WebAccess HMI Designer to address the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities.

Cyber Resiliency Resources for Public Safety Partners

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published Cyber Resiliency Resources for Public Safety, a fact sheet highlighting cyber resiliency resources provided by the federal government, industry, and trade associations. It is intended to assist agencies in determining their current network cybersecurity and resiliency capabilities and identify ways to improve their ability to defend against cyber incidents.

Could your Asset Management Program be Hindering your OT Vulnerability Management Program?

WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities, #7 – Embrace Vulnerability Management discusses how vulnerability management is at the core of every cyber risk management strategy. It also highlights that only when you know what you have are you able to effectively discover, prioritize, and remediate vulnerabilities to any (IT or OT) system. Therefore, a comprehensive asset inventory is a foundational prerequisite for successful vulnerability management.

Australia is Down Under with Cyber Security Strategy 2020

In carrying the cybersecurity is everyone’s responsibility banner, Australia just outlined its Strategy to invest $1.67 billion over ten years to help secure Australia’s governments, businesses, and community. The Strategy includes protecting and actively defending the country’s critical infrastructure which the report states has been impacted by approximately 35% of cyber incidents during the past year, including water. Similar to efforts by U.S.

CISA ICS Alert: Robot Motion Servers

CISA has published an alert advising it is aware of a public report of a vulnerability affecting robot motion servers. The motion servers are programs written in OEM exclusive programming languages and run on the robot controller. Motion servers enable receiving target values and optionally sending actual values. According to the public report, which was coordinated with CISA prior to its release, researchers identified this vulnerability in the motion servers that allows an adjacent attacker to execute arbitrary code.

Delta Industrial Automation CNCSoft ScreenEditor (ICSA-20-217-01)

CISA has published an advisory on stack-based buffer overflow, out-of-bounds read, and access of uninitialized pointer vulnerabilities in Delta Industrial Automation CNCSoft ScreenEditor. Versions 1.01.23 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. Delta Electronics recommends updating to the latest version of CNCSoft ScreenEditor Version 1.01.26 and restricting the interaction of the application to trusted files.

Pages

Subscribe to Cybersecurity