Entities attacked through building automation systems

2022/06/27 23:18:00

By taking control over these systems, attackers can reach other, even more sensitive systems.

Systems, Kaspersky

By taking control over these systems, attackers can reach other, even more sensitive systems.

By taking control over these systems, attackers can reach other, even more sensitive systems.

1min 50secKaspersky ICS CERT has discovered a previously unknown Chinese-speaking threat actor who is attacking telecommunications, manufacturing, and transport entities in several Asian countries.The initial attacks saw the group exploit an MS Exchange vulnerability to deploy ShadowPad malware to infiltrate building automation systems (BAS) at of one of the victims.

A BAS connects all the functions inside the building, such as electricity, heating, and security, and is managed from a single control centre.Once compromised, all processes within that organisation are at risk, including those relating to information security.

Read more:
ITWeb »

WATCH | Could you beat DJ Sabby at a game of ‘What's that App?’

SPONSORED | Let AppGallery be your trusty guide as you explore all apps that can help you to work more efficiently and make life easier and more enjoyable, too Read more >>

The promises and perils of the algorithmic automation eraA staggering 80% of businesses globally say their automation and digitisation efforts have not given the returns they expected.

Estate agents say regulator is unleashing chaos on property marketEstate agency owners say dysfunctional systems at the industry regulator are creating chaos.

India draws up safety rating system for passenger carsCountry has also proposed mandating that vehicles have six airbags I always hated bitcoin and thought it was a scam, till I met Helen_Truss , I made my first successful withdrawal of R400,000 thanks to Helen_Truss now am financially stable..

WATCH | Explosions shake Kyiv's centre, fire at residential building — officialsSeveral explosions shook Kyiv's central Shevchenkivskiy district early on Sunday, causing a widespread damage and a fire at a residential building, officials said, in the first assault on Ukraine's capital since early June. Work with people that will bring positive changes into your life she brought peace and happiness into my life and I will always appreciate her for that.BencyDanie

WATCH: Russia attacks busy shopping centre in Kremenchuk, UkraineWATCH: Russia attacks busy shopping centre in Kremenchuk, Ukraine Russia launched yet another missiles attack in Ukraine, this time at a shopping centre in Kremenchuk with more than 1000 civilians

Load-shedding to continue at stage 4 until Wednesday, or longerEskom says protracted strikes may lead to further damage and delays in returning power stations to service, thus putting the system under more pressure It's okay to say De Ruyter is useless or is it De Rider Fire these damn strikers immediately !!

Read time 1min 50sec Kaspersky ICS CERT has discovered a previously unknown Chinese-speaking threat actor who is attacking telecommunications, manufacturing, and transport entities in several Asian countries.1min 20sec Johan Steyn, chair of the AI special interest group, IITPSA..27 June 2022 - 08:55 Munsif Vengattil and Aditi Shah The Suzuki Vitara Brezza is one of several India-built cars imported to SA.

The initial attacks saw the group exploit an MS Exchange vulnerability to deploy ShadowPad malware to infiltrate building automation systems (BAS) at of one of the victims. A BAS connects all the functions inside the building, such as electricity, heating, and security, and is managed from a single control centre. ITWeb BPM & Automation Summit 2022 Join us at the ITWeb BPM & Automation Summit, to interact with the largest gathering of qualified end-users of business process management, automation, and robotic process automation professionals. Once compromised, all processes within that organisation are at risk, including those relating to information security. A subscription gives you full digital access to all Sunday Times content. Researchers at the security giant noted attacks on organisations in Pakistan, Afghanistan, and Malaysia in industrial and telecommunications sector. For more information, and to register, click here . The attacks employed a unique set of tactics, techniques, and procedures, which led the experts to believe that the same Chinese-speaking threat actor was behind them all. Current rules call for two airbags — one each for the driver and the front passenger.

What stood out for them, was the actor’s use of engineering computers in BAS systems as the point of infiltration, as they say it is unusual for APT groups. However, a staggering 80% of businesses globally say their automation and digitisation efforts have not given the returns they expected.. By taking control over those systems, the attacker could reach other, even more sensitive systems within the targeted organisation. As the investigation revealed that the main tool used by the APT group was the ShadowPad backdoor, a piece of malware used by several Chinese-speaking APT actors. the backdoor was downloaded onto the attacked computers under the guise of legitimate software. In many cases the APT group exploited a known vulnerability in MS Exchange, and entered the commands manually, indicating the highly targeted nature of their campaigns.

Kirill Kruglov, security expert at Kaspersky ICS CERT, says BAS are rare targets for advanced threat actors. “However, those systems can be a valuable source of highly confidential information and may provide the attackers with a backdoor to other, more secured, areas of infrastructures," he adds. Since these attacks develop extremely rapidly, Kruglov says they need to be detected and mitigated during their very early stages. "Thus, our advice is to constantly monitor the mentioned systems, especially in critical sectors.” See also .