According to Crowdstrike’s recently released 2019 Global Security Attitude Survey, the total number of organizations around the world that pay the ransom after falling victim to a ransomware attack more than doubled this year, from 14 to 39 percent of those affected. Cybersecurity experts and law enforcement agencies, including the FBI, recommend that victims don’t pay the ransoms as doing so funds the criminals and encourages future activity.
With the 2010s coming to a close, Wired magazine takes its readers on “an anxiety-inducing stroll” through a review of some of the worst hacks that occurred in the last decade. It notes that these hacks demonstrated that cyber incidents have become less of a novelty and more of a fact of life for billions of people around the world. One of the incidents revisited by Wired is that involving the Stuxnet malware that caused physical damage to equipment at a nuclear enrichment facility, a kind of attack that experts have warned could be conducted in other industrial settings.
A review of some of the most significant data breaches from the past year reveals that many resulted not because of a hacker having to apply exceptional technical prowess to infiltrate a system but as a consequence of an administrator having left the information sitting on the Internet by mistake. The problem is pervasive, according to Chris Vickery, a researcher at security company UpGuard who tracks database exposures. "It is the ugly elephant in the room that every security professional knows about, but doesn't want to talk about," he said.
Quantifying OT cyber risk requires empirical facts. In a compendium to WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities, industrial cybersecurity firm Verve Industrial proposes the best way to gain empirical knowledge of OT environments is through comprehensive asset inventories based on real time, multi-contextual parameters. Verve’s article aims to help separate fact from fiction and varying opinions on what components are the most important when trying to secure OT environments.
While one cybersecurity strategy does not fit all organization types, there are common questions that all organizations should ask themselves when embarking on a new year. Critical infrastructure cybersecurity firm Applied Risk poses four basic questions and offers approaches to drive OT cybersecurity initiatives for 2020 and beyond. From risk assessments and policies and procedures, to cybersecurity culture and teaming exercises, many of their suggestions coincide with WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities.
CISA has published an advisory on a cross-site scripting vulnerability in Reliable Controls MACH-ProWebCom/Sys. For both MACH-ProWebSys and MACH-ProWebCom, all versions prior to 2.15 (firmware version prior to 8.26.4) are affected. Successful exploitation of this vulnerability could allow an attacker to execute commands on behalf of the affected user. Reliable Controls has released MACH-ProWebCom/Sys firmware revision 8.26.4 and software revision 2.15 to resolve the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Equinox Control Expert. All current and older versions could be affected. Successful exploitation of this vulnerability may allow remote code execution. Equinox has not responded to requests to provide mitigating details regarding this vulnerability. CISA will update its advisory with any information provided by the vendor. In the meantime, CISA recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on a stack-based buffer overflow vulnerability in WECON PLC Editor. Version 1.3.5_20190129 is affected. Successful exploitation could allow an attacker to execute code under the privileges of the application. WECON has a strategy to address the issues and is currently developing a solution. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
CISA has published an advisory on an uncontrolled resource consumption vulnerability in Moxa EDS Ethernet Switches. For EDS-G508E, EDS-G512E, and EDS-G516E, versions 6.0 and prior are affected. Successful exploitation of this vulnerability could cause the target device to go out of service. Moxa has developed a patch to address the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
December 19, 2019
CISA has updated this advisory with additional details on the nature of the vulnerability. Read the advisory at CISA.
November 18, 2019
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
