ICS security professionals should report ICS vulnerabilities to the vendor before attackers discover them and offer the vendor with remediation suggestions, mitigation measures, and security solutions to avoid network attack risks before the vulnerabilities are malicious exploited. Compared with Windows systems, a quite different method is used to assess ICS...
Category: DDoS Mitigation
Annual IoT Security Report 2019-18
Introduction IoT devices are faced with a great security challenge and their security appears particularly important. On one hand, though IoT devices have had a long existence, legacy IoT devices and their application protocols contain a variety of vulnerabilities due to the ill-conceived security design. On the other hand, as...
Considerations for Making ICS Networks Comply with CMMC
1. Background In early 2020, the US Department of Defense (DOD) released the Cybersecurity Maturity Model Classification (CMMC). On average, the USA loses USD 600 billion a year to adversaries in the cyberspace. Currently, the DOD has about 300,000 contractors, covering a variety of fields from hypersonic weapons to leather...
Attributed Graph-based Anomaly Detection and Its Application in Cybersecurity
1. Background On cyberspace battlefields, adversaries often lurk in the darkness, but will jump at the throat of victims whenever spotting a chance. Today, extensive collection of huge amounts of data from various dimensions is nothing new. This can be very useful for security defenses, but at the same time...
Non-negligible ICS Security Risks — Device Simulator Security
Background To facilitate debugging and analysis by developers, a lot of master computer configuration software often comes with a simulator that simulates a real programmable logic controller (PLC) or human-machine interface (HMI) device. Such simulators exchange data with master computer configuration software through TCP/IP and therefore some will listen on...
Annual IoT Security Report 2019-17
Malicious Behaviors Targeting UPnP Vulnerabilities We captured four kinds of UPnP exploits 1, as shown in Table 4-7. Apparently, all the exploits targeted remote command execution vulnerabilities. Besides, we found that when a vulnerability is found on a specific port, attackers usually directly hit this port by skipping the UPnP...
