In response to the recent discovery of GreyEnergy, a highly sophisticated piece of malware targeted industrial control systems, please see below comments from Moreno Carullo, co-founder and CTO of Nozomi Networks.
Moreno Carullo, Co-founder and CTO at Nozomi Networks:
GreyEnergy is an important tool in the arsenal of some of the most dangerous APT groups that have been terrorizing Ukraine for the past several years. Each new malware our industry discovers is proving to be more and more advanced, like how this GreyEnergy malware extends its capabilities by receiving the module remotely. With these malwares, cybercriminals are using two main attack vectors: compromising public-facing web services and spear-phishing – both methods that can be easily thwarted with the right ICS security solution and the necessary training for employees.
With continuous visibility, advanced ICS security and constant education, industrial facilities worldwide can leverage their skills and tools to ensure they aren’t at risk to be hit next at a time where industrial controls and critical infrastructure are priority cybersecurity targets.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.