Dragos

Software : Operational Technology : Cybersecurity

Website | Blog

Hanover, Maryland, United States

VC-D; Koch Disruptive Technologies, BlackRock

Dragos was founded by renowned ICS/OT practitioners who have defeated adversaries for the U.S. government, ally nations, and global firms. Today, Dragos is on a mission to protect the world’s most critical infrastructure and safeguard civilization. We know that’s a mission you can get behind.

Assembly Line

Feds Uncover a ‘Swiss Army Knife’ for Hacking Industrial Control Systems

Date:

Author: Andy Greenberg

Topics: cybersecurity, industrial control system

Organizations: Dragos

On Wednesday, the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, and the FBI jointly released an advisory about a new hacker toolset potentially capable of meddling with a wide range of industrial control system equipment. More than any previous industrial control system hacking toolkit, the malware contains an array of components designed to disrupt or take control of the functioning of devices, including programmable logic controllers (PLCs) that are sold by Schneider Electric and OMRON and are designed to serve as the interface between traditional computers and the actuators and sensors in industrial environments. Another component of the malware is designed to target Open Platform Communications Unified Architecture (OPC UA) servers—the computers that communicate with those controllers.

Dragos says the malware has the ability to hijack target devices, disrupt or prevent operators from accessing them, permanently brick them, or even use them as a foothold to give hackers access to other parts of an industrial control system network. He notes that while the toolkit, which Dragos calls “Pipedream,” appears to specifically target Schneider Electric and OMRON PLCs, it does so by exploiting underlying software in those PLCs known as Codesys, which is used far more broadly across hundreds of other types of PLCs. This means that the malware could easily be adapted to work in almost any industrial environment. “This toolset is so big that it’s basically a free-for-all,” Caltagirone says. “There’s enough in here for everyone to worry about.”

Read more at WIRED

Implications of Log4j Vulnerability for Operational Technology (OT) Networks

Date:

Topics: cybersecurity

Organizations: Dragos

This cross-cutting vulnerability, which is vendor-agnostic and affects both proprietary and open-source software, will leave a wide swathe of industries exposed to remote exploitation, including electric power, water, food and beverage, manufacturing, transportation, and more. Log4j is found in popular open-source repositories used in numerous industrial applications, such as Object Linking and Embedding for Process Control (OPC) Foundation’s Unified Architecture (UA) Java Legacy. Additionally, adversaries can leverage this vulnerability in proprietary Supervisory Control and Data Acquisition (SCADA) and Energy Management Systems (EMS) which make use of Java in their codebase.

Read more at Dragos Blog