Falsification of GPS AIS data in the port of Shanghai

Last July, the captain of the American commercial vessel Manukai reported multiple incoherences in the navigation data originating from its Automatic Identification System (AIS) in the port of Shanghai. This system enables automated message exchanges between vessels by VHF radio. It gives the identity, status, position and route of vessels located in the navigation zone. […]

Two examples of GOOSE message signatures

At the ICS-CSR conference, researchers from the technology institute of Karlsruhe (Elbez et al.), published the results of their research on the authentication of GOOSE messages.  The aim of the study was to assess the compatibility of certain message authentication mechanisms with the protocol’s time constraints.  By default, the GOOSE protocol, which is specified in standard IEC 61850, is used without […]

Multiple vulnerabilities impact Omniksol photovoltaic inverters

Secura, a specialist in the field of critical system security, has released a detailed analysis of vulnerabilities impacting the Omnik PV inverter.This inverter is widely used in the Netherlands, Germany and Belgium. As the vulnerable WiFi module is used by many vendors, these vulnerabilities may probably impact a large number of devices. In addition, the article shows […]

Vulnerabilities in the s7comm plus protocol

Context At the BlackHat conference held in Las Vegas at the beginning of August, Israeli researchers presented a series of vulnerabilities they had identified in the “s7 comm plus” protocol used to program Siemens s7-1200 and s7-1500 PLCs. In particular, these vulnerabilities enable attackers to perform Man In The Middle attacks, even though the protocol implements authenticity […]

Armis’ Research Team Discovered 11 Vulnerabilities in The Real-Time Operating System VxWorks.

Armis’ research team, Armis Labs, discovered 11 vulnerabilities in the real-time operating system VxWorks. It is used by more than 2 billion devices, including industrial but also medical equipment or in critical infrastructures. Among the PLC manufacturers using VxWorks, we find Schneider, Emerson, General Electrics or Allen-Bradley.  These vulnerabilities are called URGENT/11 They reside in […]

Turla group behind new malicious campaigns

The Turla group, also known as Waterbug or Snake, has used new tools for malicious campaigns targeting various government agencies worldwide. This group had already struck various energy-related organizations earlier. The companies ESET and Symantec both published studies a few days apart about Turla’s new techniques. These studies are in agreement on several matters, with […]

The 6 Biggest Cybersecurity Risks Facing the Utilities Industry by ABIresearch

The Era of Security by Obscurity is Over For decades, the utility industry operated in an analog world. Energy and water grids were managed offline, in air-gapped and highly siloed systems. Even as other industries began to digitize, utilities held back. This lack of interconnected infrastructure actually proved to be a benefit to the industry, […]

Cisco Announces its Intent to Acquire Sentryo

On June 6th, Cisco announced its intention to acquire Sentryo. With organizations digitizing and connecting their industrial operations, the combination of Cisco network architecture and Sentryo capabilities of giving visibility into industrial control systems will help companies deploy Industrial IoT at scale, achieve new levels of flexibility, and better protect their assets and operations. Cybersecurity […]

Muddy Water, the hacking group, threatens government targets

Muddy Water is a group that targets government organizations and telecommunications providers which are mostly located in the Middle East. This threat surfaced in late 2017. The analysis of the infection vector and the first phase of infection was largely documented in late 2017 and early 2018. On May 29, Kapersky Lab published the analysis […]

New intrusion detection methods for power stations

Power grids are very large, so it is difficult to secure each point of the network and establish a trusted relationship between each device. In order to be able to track events as they are happening, monitoring solutions are used. However, an attacker can compromise the system and send false information, which has already happened […]