http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/229300509/malware-attacks-decline-in-scada-industrial-control-systems-report-says.html By Kelly Jackson Higgins Darkreading March 07, 2011 Malware accounts for close to one-third of all real-world industrial control system security incidents recorded in the Security Incidents Organization's Repository of Industrial Security Incidents (RISI) database, according to a new report published by the SIO. But while malware incidents showed a marked decline since 2003 among the 60 incidents chronicled in the report, the advent of Stuxnet is expected to change all of that. Eric Byres, author of the 2011 "Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems Resulting from Malware Infections" report and CTO with Byres Security, says the reason for the overall decline in malware-borne attacks and infections on power plants and other industrial control systems is that "noisy" malware is out -- and stealthy, targeted malware is in. Many process control firms learned the hard way after SQL Slammer, Sasser, and Blaster hit the industry hard, and finally started instituting anti-malware, intrusion detection, network segmentation, and other security measures, according to the report. While many of the process control system incidents included in the report -- which provides a rare inside look at this traditionally cloistered industry -- were from old-school SQL Slammer and other high-profile attacks, these incidents were mostly inadvertent and definitely not money-making. "The stuff made a heck of a racket and was wide-scale destructive. But there was no money to be made," Byres says. "The money-making [attacks] are focused on advanced persistent threats ... We are starting to see very quiet, subtle attacks like Stuxnet, Ghostnet, and Night Dragon," which are more effective and lucrative, he says. "Now they are stealing stuff and selling it," he adds. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Wed Mar 09 2011 - 03:45:49 PST
This archive was generated by hypermail 2.2.0 : Wed Mar 09 2011 - 03:52:51 PST