More News

Industry Report Claims Threats to ICS Will Present a Greater Challenge in 2022

According to a Kaspersky report, cybercriminals in 2021 compromised thousands of industrial organizations worldwide and 2022 may present even more of a challenge. For some of these organizations, the consequences of a security compromise in 2021 may not actually catch up with them until 2022, the report claims. The report points out that to counter detection, cybercriminals are adopting the strategy of frequently upgrading malware in their chosen family. They use malware at its peak effectiveness to break through the defenses of security solutions and then switch to a new build as soon as the current one becomes readily detectable. The evolution of modern malware-as-a-service platforms makes it much easier for malware operators globally to use this strategy [1]. Industry must take notice of attackers adopting initiatives to reduce the number of targets per individual attack, decrease the life cycle of malware, minimize the use of malicious infrastructure, and realize that modern advanced persistent threats are more persistent than advanced in nature. We recommend reviewing the trends and attack vectors contained in the report.

Tardigrade Malware Targets Biomanufacturing Firms

The Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) released an advisory concerning an advanced persistent threat (APT) specifically targeting bioeconomy companies and the biomanufacturing sector [1]. BioBright researchers identified the malware, nicknamed Tardigrade, after a ransomware attack locked computers across a biomanufacturing facility in the spring [2]. Tardigrade is highly customizable, adapts to the environment it infects, and can act autonomously if cut off from the attacker’s command-and-control server. The malware is delivered primarily via phishing emails and infected USB drives [3]. Suspected motivations for attacks include intellectual property theft, persistence, and ransomware preparation. We recommend scanning networks for indicators of compromise identified by BIO-ISAC. In addition, companies should review their biomanufacturing network to verify proper segmentation between corporate, guest, and operational networks. Companies should also test and perform offline backups for critical biological infrastructure, including ladder logic for biomanufacturing instrumentation, SCADA and historian configurations, and the batch record system.

Subscribe to receive our weekly
Industrial Cybersecurity Current Intelligence Digest!

Subscribe

Note: The email address you provide will be stored and used for the sole purpose of sending the Industrial Cybersecurity Current Intelligence Digest. It will not otherwise be shared, sold, or intentionally disclosed. You may unsubscribe at any time by following the unsubscribe link included in each email.