Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Show Links
Oil & Gas

New dawn in cyber warfare could target oil and gas sites

By Mike ‘sting3r’ Jones
15/03/2019, 6:00 am
Mike Jones, former hacktivist with Anonymous.
Mike Jones, former hacktivist with Anonymous.

Former member of hacktivist group Anonymous, Mike ‘sting3r’ Jones discusses a new cyber threat to Big Oil and how the sector might combat it.

2017 brought a new threat to the industrial landscape and a new weapon.

The weapon was Triton malware also known as “Trisis”.

This malware took advantage of the safety instrumented system of a Saudi Arabian petrochemical plant.

The triconex Tricon possessed vulnerabilities within the bounds of a memory buffer allowing attacker to remotely exploit specifically with HatMan malware.

The dawn of this type of malware created a huge shift in risk and brought to light a new psychology among hackers – to create an attack which could both damage systems as well as potentially harm humans.

This is a good sign that cyberwar is not only here but active and a physical menace.

The advancement of this malware and the methodology of attack is a strong ioc (indicator of compromise) for state sponsored Russian hackers and has been linked to government sector in science and engineering in Moscow.

In my years of security research and threat intelligence I can say with confidence this attack and malware has been under research and development of groups like “Sofacy” since 2016.

There has been strong chatter from this group looking for specific controllers and any information available to exploit these locations and cause damage.

Going back to predictions for 2019 cyberwar and iot are on that list.

The “Triton” style code and devastating outcomes are going to continue especially in the industrial sector.

The mass effects of damaging plants, drilling sites and pipelines could cause not only maximum financial loss but also infrastructure uncertainty and panic.

Cyber-terrorism is a threat to keep in mind while defending infrastructure of any kind.

The process to defend against this attack requires a strong knowledge of your own assets, network hygiene, user awareness and a threat intelligence capability.

These groups work the same as traditional terrorist cells. They communicate both among themselves as well as with individuals that have been identified as having intimate knowledge of the devices or systems they are targeting.

Educate your users, defend against social attacks and protect your networks. Stay safe!

Tags