The hackers appear to have a possible interest in industries connected with COVID-19 treatments

Read More

The malicious packages were reportedly created using automated processes

Read More

Here’s a story about a hacker who reprogrammed a device called “Flipper Zero” to mimic Opticom transmitters—to turn traffic lights in his path green.

As mentioned earlier, the Flipper Zero has a built-in sub-GHz radio that lets the device receive data (or transmit it, with the right firmware in approved regions) on the same wireless frequencies as keyfobs and other devices. Most traffic preemption devices intended for emergency traffic redirection don’t actually transmit signals over RF. Instead, they use optical technology to beam infrared light from vehicles to static receivers mounted on traffic light poles.

Perhaps the most well-known branding for these types of devices is called Opticom. Essentially, the tech works by detecting a specific pattern of infrared light emitted by the Mobile Infrared Transmitter (MIRT) installed in a police car, fire truck, or ambulance when the MIRT is switched on. When the receiver detects the light, the traffic system then initiates a signal change as the emergency vehicle approaches an intersection, safely redirecting the traffic flow so that the emergency vehicle can pass through the intersection as if it were regular traffic and potentially avoid a collision.

This seems easy to do, but it’s also very illegal. It’s called “impersonating an emergency vehicle,” and it comes with hefty penalties if you’re caught.

Read More

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. A spike in the use of the multi-purpose Emotet malware early in the year was the main culprit of this increase, accounting for 47% of backdoors deployed throughout the year, according to IBM Security X-Force Threat Intelligence Index.

“Increased backdoor deployment may also be due to the amount of money this kind of access can generate on the dark web. Compromised corporate network access from an initial access broker typically sells for several thousands of US dollars,” stated the report.

To read this article in full, please click here

Read More

A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met.

Read more in my article on the Tripwire State of Security blog.

Read More

Manufacturers are some of the most ambitious firms on the planet when it comes to harnessing the power of edge technology to modernize their businesses. As they make plans in 2023 to     enhance business outcomes through the use of technologies such as 5G and IoT, manufacturers should also increasingly be called to innovate in the spheres of governance and cyber risk management.

OT-IT convergence drives manufacturing modernization

The convergence of operational technology (OT) on the factory floor with information technology (IT) is nearly synonymous with manufacturing modernization. OT-IT convergence enables new digital processes, remote connections, and smarter operations. It’s a business outcome-oriented transformation that executive stakeholders have future success pinned upon.

Recent studies from AT&T show that manufacturers are investing in initiatives  such as smart warehousing, transportation optimization and video-based quality inspection at such a rate that the industry is advancing ahead of energy, finance, and healthcare verticals when it comes to edge adoption today.

But to reap the business benefits from these investments, manufacturers need to recognize and attend to the cyber risk realities that are part and parcel with this inevitable convergence.

Cybercriminals are increasingly targeting industrial control system (ICS) technologies that are the bedrock of the OT ecosystems. Attackers have learned to take advantage of ICS hyperconnectivity and convergence with the IT realm to great effect. Last year’s warning from the federal Cybersecurity and Infrastructure Security Agency (CISA) attests to this, as do high-profile attacks last year against tire manufacturers, wind turbine producers, steel companies, car manufacturers, and more.

Reducing risk through Zero Trust

One of the most promising ways that manufacturers can begin to reduce the risk of these kinds of attacks is through the controls afforded by a Zero Trust architecture. From a technical perspective, Zero Trust unifies endpoint security technology, user, or system authentication, and network security enforcement to prevent unrestrained access to OT or IT networks—and reduce the risk of unchecked lateral movement by attackers. With Zero Trust, access is granted conditionally based on the risk level of users (or machines, or applications). It’s a simple, elegant concept that requires careful execution to carry out.

Thus, when looking at building a zero-trust strategy, ZTNA 2.0 solutions have a role to play in helping apply more effective controls at the application level that are responsive to account takeover attempts. ZTNA 2.0 combines fine-grained, least- privileged access with continuous trust verification and deep, ongoing security inspection to protect all users, devices, apps, and data everywhere – all from a simple unified product.

Most importantly, too, is that Zero Trust requires business stakeholder input and collaboration to get right. Just as business stakeholders in manufacturing drive the push to the edge and the push for all nature of digital transformation and OT-IT convergence, they’ve got to be intimately involved with Zero Trust initiatives to spur success.

“Technology can come and go, but what manufacturers are really after are business outcomes,” says Theresa Lanowitz,  head of cybersecurity evangelism for AT&T. “That’s where we need to focus when it comes to Zero Trust—at its core it needs to be driven by the business, which really sets the North Star for Zero Trust governance.”

Zero Trust should be owned by business stakeholders

At the end of the day, Zero Trust projects should be owned by the business, agrees Dharminder Debisarun, worldwide industry security architect for manufacturing, Internet of Things and transport at Palo Alto Networks, who says that when his group is approached by manufacturers interested in building out Zero Trust infrastructure, the team always turns conversations back to the business basics.

“People bring us in and say ‘We want to do Zero Trust, how can you help?'” Debisarun says, explaining that they’re usually starting with very technical deployment questions about elements like Secure Access Service Edge (SASE) and remote access management. “We usually take a step back then and ask, ‘Why do you want to do Zero Trust? What’s the business goal for it?'”

Similarly, Debisarun says they try to involve business stakeholders into collaborative risk discussions before getting into the meat of architectural design. That step back will hopefully get a manufacturer focused on doing risk assessments and other business alignment activities that will shape the way risk is managed—based on business goals, rather than narrow technical specifications. It will also get the entire team thinking about how the value of OT and IT assets are determined and establish the roadmap for where and how Zero Trust security technologies are deployed over time.

Business stakeholders have the most prescient and intimate knowledge of the emerging business conditions, regulatory demands, partnership agreements, and supply chain considerations that are going to impact risk calculations. This is why business ownership is the cornerstone and foundation for Zero Trust governance.

When manufacturers direct the security team with an eye toward  business outcomes, these technical executors are less likely to take a tools-only approach to technology acquisition to engage in reactionary spending based on the latest breach headlines. Incremental improvements will be built up around security controls that manage risk to the most critical operational processes first, and also around the processes and systems most put at risk by new innovations and business models.

Read More