|
LogicLocker
LogicLocker, is a cross-vendor ransomware worm that targets Programmable Logic Controllers (PLCs) used in Industrial Control Systems (ICS).Formby, D., Durbha, S., & Beyah, R. (n.d.). Out of Control : Ransomware for Industrial Control Systems. Retrieved from http://www.cap.gatech.edu/plcransomware.pdf First described in a research paper released by the Georgia Institute of Technology, the malware is capable of hijacking multiple PLCs from various popular vendors. The researchers, using a water treatment plant model, were able to demonstrate the ability to display false readings, shut valves and modify Chlorine release to poisonous levels using a Schneider Modicon M241, Schneider Modicon M221 and an Allen Bradley MicroLogix 1400 PLC. The ransomware is designed to bypass weak authentication mechanisms found in various PLCs and lock out legitimate users while planting a logicbomb into the PLC. As of 14 February 2017, it is noted that there are over 1,400 of the same PLCs used in ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pin Control Attack
Pin control attack is a class of attack against a system on a chip (SoC) in an embedded system where an attacker targets the I/O configuration of the embedded systems and disables software or operating system I/O functions without detection. The attack is possible due to a lack of hardware protection for ''pin configuration'' and ''pin multiplexing'' configurations. The most significant target for a pin control attack is a programmable logic controller (PLC). The application of pin control attack on PLCs is significant because I/O is the main mechanism through which PLCs interact with and control the outside world. PLC I/O like other embedded devices are controlled by a pin based approach. Pin control attack is an attack in which the attacker can tamper with the integrity and availability of PLC I/O by exploiting certain pin control operations and the lack of hardware interrupts associated with them. The first example of such an attack was first unveiled at Black Hat Europe 2016 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
BMA Automation Allen Bradley PLC 3
BMA may stand for: Arts and entertainment * Baltimore Museum of Art * Billboard Music Awards * Black Market Activities, a record label * Black Movie Award, annual ceremony * ''BMA Magazine'', a music magazine published in Canberra, Australia * Borderless Military Alliance, a fictional organization in the '' Rideback'' manga and anime Businesses * Battery Manufacturing Association, a British automobile manufacturer * BHP Mitsubishi Alliance, Australian mining company * Black Market Activities, a record label * British Manufacturers' Association, a former employers' association * British Midland Airways * Broaden Media Academy, a film and video training facility in Taipei, Taiwan * Stockholm Bromma Airport (IATA code BMA) Trades Unions * British Medical Association Government and military * Bahamas Maritime Authority * Bangladesh Military Academy * Bangkok Metropolitan Administration * Bermuda Militia Artillery, former unit * Bermuda Monetary Authority * British Military Admin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ransomware
Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Programmable Logic Controller
A programmable logic controller (PLC) or programmable controller is an industrial computer that has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, machines, robotic devices, or any activity that requires high reliability, ease of programming, and process fault diagnosis. Dick Morley is considered as the father of PLC as he had invented the first PLC, the Modicon 084, for General Motors in 1968. PLCs can range from small modular devices with tens of inputs and outputs (I/O), in a housing integral with the processor, to large rack-mounted modular devices with thousands of I/O, and which are often networked to other PLC and SCADA systems. They can be designed for many arrangements of digital and analog I/O, extended temperature ranges, immunity to electrical noise, and resistance to vibration and impact. Programs to control machine operation are typically stored in battery-backed-up or non-volatile memory. PLCs were first devel ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Industrial Control System
An industrial control system (ICS) is an electronic control system and associated instrumentation used for industrial process control. Control systems can range in size from a few modular panel-mounted controllers to large interconnected and interactive distributed control systems (DCSs) with many thousands of field connections. Control systems receive data from remote sensors measuring process variables (PVs), compare the collected data with desired setpoints (SPs), and derive command functions that are used to control a process through the final control elements (FCEs), such as control valves. Larger systems are usually implemented by supervisory control and data acquisition (SCADA) systems, or DCSs, and programmable logic controllers (PLCs), though SCADA and PLC systems are scalable down to small systems with few control loops. Such systems are extensively used in industries such as chemical processing, pulp and paper manufacture, power generation, oil and gas processing, a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Logic Bomb
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company. Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre-defined time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools' Day. Trojans and other computer viruses that activate on certain dates are often called "time bombs". To be considered a logic bomb, the payload should be unwanted and unknown to the user of the software. As an example, trial programs with code that disables certain functionality after a set time a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Register
''The Register'' is a British technology news website co-founded in 1994 by Mike Magee, John Lettice and Ross Alderson. The online newspaper's masthead sublogo is "''Biting the hand that feeds IT''." Their primary focus is information technology news and opinions. Situation Publishing Ltd is listed as the site's publisher. Drew Cullen is an owner and Linus Birtles is the managing director. Andrew Orlowski was the executive editor before leaving the website in May 2019. History ''The Register'' was founded in London as an email newsletter called ''Chip Connection''. In 1998 ''The Register'' became a daily online news source. Magee left in 2001 to start competing publications ''The Inquirer'', and later the ''IT Examiner'' and ''TechEye''.Walsh, Bob (2007). ''Clear Blogging: How People Blogging Are Changing the World and How You Can Join Them.'' Apress, In 2002, ''The Register'' expanded to have a presence in London and San Francisco, creating ''The Register USA'' at ther ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Endpoint Security
Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, Internet-of-things devices, and other wireless devices to corporate networks creates attack paths for security threats. Endpoint security attempts to ensure that such devices follow a definite level of compliance to standards. The endpoint security space has evolved during the 2010s away from limited antivirus software and into a more advanced, comprehensive defense. This includes next-generation antivirus, threat detection, investigation, and response, device management, data leak protection (DLP), and other considerations to face evolving threats. Corporate network security Endpoint security management is a software approach that helps to identify and manage the users' computer and data access over a corporate network. This allows the network administrator to re ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Access Control List
In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object). An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation. For instance, if a file object has an ACL that contains , this would give Alice permission to read and write the file and give Bob permission only to read it. Implementations Many kinds of operating systems implement ACLs or have a historical implementation; the first implementation of ACLs was in the filesystem of Multics in 1965. Filesystem ACLs A filesystem ACL is a data structure (usually a table) containing entries that specify individual user or group rights to specific system objects such as programs, processes, or files. These entries are known as access-control entries (ACEs) in the Microsoft Windows NT, OpenVMS, and Unix-like operating systems s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Phishing
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, phishing is by far the most common attack performed by cybercriminals, the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime. The first recorded use of the term "phishing" was in the cracking toolkit AOHell created by Koceilah Rekouche in 1995; however, it is possible that the term was used before this in a print edition of the hacker magazin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Stuxnet
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition ( SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency. Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
