MGS+ ICS Security Report August 2017

MG Strategy+ ICS Security Report August 2017: Editor Picks: News Intelligence Alerts Reports

Financial malware more than twice as prevalent as ransomware
Three Trojans dominated the financial threat landscape in 2016 and attackers increased their focus on corporate finance departments
Source: https://www.symantec.com/connect/blogs/financial-malware-more-twice-prevalent-ransomware

The Jetson’s Cyber Concerns – Future Smart Cities Cybersecurity Checklist
As cities continue to grow smarter, they will also become easier to hack. With millions (if not billions) of dollars going into research for urban domains and the Internet of Things (IoT), there will be more opportunities to utilize technology to define, access and improve smart city services and infrastructure. In these smart cities, information security plays a huge role in protecting the highest levels of confidentiality, availability and integrity for city resources and utilities.
Source: http://blog.trendmicro.com/jetsons-cyber-concerns-future-smart-cities-cybersecurity-checklist/

The Future of Ransomware
Ransomware isn’t new, but it’s increasingly popular and profitable.
Source: https://www.schneier.com/blog/archives/2017/05/the_future_of_r.html

Rethinking Vulnerabilities: Network Infrastructure as a Software System
Increasing complexity is putting networks at risk. It’s time to shift our security approach and take some lessons from software development.
Source: https://www.darkreading.com/vulnerabilities—threats/rethinking-vulnerabilities-network-infrastructure-as-a-software-system/a/d-id/1328989

Over 8,600 Security Flaws Found in Pacemaker Systems
Security researchers from WhiteScope have uncovered over 8,600 vulnerabilities in pacemaker systems and the third-party libraries used to power various of their components.
Source: https://www.bleepingcomputer.com/news/security/over-8-600-security-flaws-found-in-pacemaker-systems/#.WTBsjfJS8zo.twitter

How the FBI relies on dark web intel firms as frontline investigators
Source: https://www.cyberscoop.com/dark-web-intelligence-fbi-investigations/

Using Physics to Protect Industrial Devices Against Hacking
Source: https://waterfall-security.com/blog/using-physics-protect-industrial-devices-hacking

Ransomware: Best Practices for Prevention and Response
Source: https://insights.sei.cmu.edu/sei_blog/2017/05/ransomware-best-practices-for-prevention-and-response.html

Machine Learning in Cybersecurity
Source: https://insights.sei.cmu.edu/sei_blog/2017/06/machine-learning-in-cybersecurity.html

Critical Asset Identification (Part 1 of 20: CERT Best Practices to Mitigate Insider Threats Series)
The first practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 1: Know and Protect Your Critical Assets. In this post, I discuss the importance and nature of this practice, which is a cornerstone of shaping and scoping a robust insider threat program.
Source: https://insights.sei.cmu.edu/insider-threat/2017/04/critical-asset-identification-part-1-of-20-cert-best-practices-to-mitigate-insider-threats-series.html

Jacobs to Acquire CH2M to Create Premier $15 Billion Global Solutions Provider
Source: http://invest.jacobs.com/investors/Press-Release-Details/2017/Jacobs-to-Acquire-CH2M-to-Create-Premier-15-Billion-Global-Solutions-Provider/default.aspx

Google to Achieve “Supremacy” in Quantum Computing by the End of 2017
In theory, quantum computers could be vastly superior to regular or “classical” computers in performing certain kinds of tasks, but it’s been hard to build one. Already a leader in this field, Google is now testing its most powerful quantum chip yet, a 20-qubit processor, which the company looks to more than double in power to 49 qubits by the end of 2017.
Source: http://bigthink.com/paul-ratner/google-to-achieve-supremacy-in-quantum-computing-by-the-end-of-2017

THE HIGH COST OF DARK ENDPOINTS; Do you know where all of your endpoints are and what they are running?
Source: https://blogs.absolute.com/high-cost-dark-endpoints/

THE CYBER-COMMITTED CEO; Three industry-leading practices help CISOs catalyze engagement with their CEO and board to make cybersecurity business-relevant.
Source: https://www.accenture.com/us-en/insight-cyber-committed-ceo

VULNERABILITY IN INDUSTRIAL CONTROL SOFTWARE AND QUALITY OF THE PATCH MANAGEMENT
Source: https://ics-cert.kaspersky.com/reports/2016/12/09/vulnerability-in-industrial-control-software-and-quality-of-the-patch-management/

What’s now and next in analytics, AI, and automation
Innovations in digitization, analytics, artificial intelligence, and automation are creating performance and productivity opportunities for business and the economy, even as they reshape employment and the future of work.
Source: http://www.mckinsey.com/global-themes/digital-disruption/whats-now-and-next-in-analytics-ai-and-automation

Cyber raises threat against America’s energy backbone
Source: https://www.eenews.net/stories/1060054924

UN Report Shows the Whole World Needs a Cybersecurity Upgrade
Major cyber-readiness gaps remain among nations, but nearly all countries need major improvements.
Source: https://www.inc.com/joseph-steinberg/un-report-shows-the-whole-world-needs-a-cybersecur.html

Half of all countries aware but lacking national plan on cybersecurity, UN agency reports
Only about half of all countries have a cybersecurity strategy or are in the process of developing one, the United Nations telecommunications agency today reported, urging more countries to consider national policies to protect against cybercrime. Releasing its second Global Cybersecurity Index (GCI), the International Telecommunication Union (ITU) said about 38 per cent of countries have a published cybersecurity strategy and an additional 12 per cent of governments are in the process of developing one.
Source: http://www.un.org/apps/news/story.asp?NewsID=57119#.WbL7_siGOUl

UN finds cybersecurity is a struggle worldwide
There are massive gaps in security among the 134 countries surveyed, including the world’s most powerful nations.
Source: https://www.cnet.com/news/united-nations-cybersecurity-global-index-united-states-singapore/

How Cisco is establishing itself as a cybersecurity leader
Cisco demonstrated its commitment to cybersecurity at its annual customer event. Good position, but lots of work ahead.
Source: https://www.csoonline.com/article/3205926/security/ciscolive-and-cybersecurity.html

Average time to plug SCADA holes is 150 days, says report
Source: http://www.itworldcanada.com/article/average-time-to-plug-scada-holes-is-150-days-says-report/393418

90% of Companies Get Attacked with Three-Year-Old Vulnerabilities
A Fortinet report released this week highlights the importance of keeping secure systems up to date, or at least a few cycles off the main release, albeit this is not recommended, but better than leaving systems unpatched for years.
Source: https://www.bleepingcomputer.com/news/security/90-percent-of-companies-get-attacked-with-three-year-old-vulnerabilities/

Cybersecurity remains a growing problem
Learn the lessons or pay the price
Source: https://www2.deloitte.com/ca/en/pages/risk/articles/Deloitte-risk-series-insight-Cybersecurity.html

Tsunami of DDoS-for-Hire Platforms Coming From the East
Over the past six months, a large number of DDoS-for-hire platforms — also known as DDoS booters or DDoS stressors — have appeared in China, all sporting the same interface, and seeming to be based on the same source code.
Source: https://www.bleepingcomputer.com/news/security/tsunami-of-ddos-for-hire-platforms-coming-from-the-east/

THE BIGGEST CYBERSECURITY DISASTERS OF 2017 SO FAR
Source: https://www.wired.com/story/2017-biggest-hacks-so-far/

Major IIoT Challenges in 2017
Source: https://www.bayshorenetworks.com/blog/major-challenges-for-iiot-in-2017

Steps for Creating National CSIRTs
Source: http://resources.sei.cmu.edu/library/asset-view.cfm?assetID=53062

How Industrial IoT Startups Will Disrupt the Incumbents
Source: https://www.bayshorenetworks.com/blog/how-industrial-iot-startups-will-disrupt-the-incumbents

Cybersecurity spend: ROI Is the wrong metric
Executives and board members should instead focus on network defender first principles.
Source: https://www.csoonline.com/article/3200270/network-security/cybersecurity-spend-roi-is-the-wrong-metric.html