To Customer Support To Customer Support

BlackEnergy crimeware coursing through US control systems

  • 29 October 2014
  • 1 reply
  • 2 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

US CERT says three flavours of control kit are under attack

By Darren Pauli, 29 Oct 2014  Industrial control systems in the United States have been compromised by the BlackEnergy malware toolkit for at least three years in a campaign the US Computer Emergency Response Team has dubbed "ongoing" and sophisticated.
Attackers had compromised unnamed industrial control system operators and implanted BlackEnergy on internet-facing human-machine interfaces including those from GE Cimplicity, Advantech/Broadwin WebAccess, and Siemens WinCC.
 
Full Article

1 reply

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
by Michael Mimoso November 3, 2014
 
BlackEnergy, a converted crimeware tool, operates behind a laundry list of plug-ins for Linux and Windows systems that allows it to be used to attack Cisco networking devices, steal digital certificates, brick systems it infects, and skillfully hide from security analysts.
Researchers from Kaspersky Lab’s Global Research & Analysis Team today published a lengthy report—including indicators of compromise—that throws back the covers on a crimeware tool whose legacy was distributed denial of service attacks.
 
BlackEnergy has been implicated in a number of APT-style targeted attacks against a number of critical industries, including government and manufacturing. Last week, the Industrial Control System Cyber Emergency Response Team (ICS-CERT) published an advisory warning of critical vulnerabilities in ICS and SCADA gear actively exploited by the malware, most notably by the Sandworm APT outfit.
 
Full Article

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.