Argitalpen data: 2022/04/13
Hainbat erakunde ofizialek (DOE, CISA, NSA eta FBI) segurtasun ohar bateratua argitaratu dute APT mehatxu bati buruz ohartarazteko, INCONTROLLER/PIPEDREAM izendatua, kontrol industrial eta automatizazio sistemak (SCI/SCADA) erasotzeko CHERNOVITE jarduera taldeak garatu duena.
APT honen sortzaileek tresna pertsonalizatuak garatu dituzte SCI/SCADA gailu hauek xede modura hartzeko. Tresna horiek baliatuz, kaltetutako gailuak bilatu, arriskutan jarri eta kontrola ditzakete teknologia operatiboko (OT) sarera hasierako sarbidea ezarri ondoren. Gainera, garatzaileek Windowsen oinarritutako ingeniaritzako workstation-ak arriskutan jar ditzakete, informazio teknologien (IT) edo OT-en inguruneetan egon daitezkeenak, ahultasun ezagunak dituen ASRock oinarrizko plaka baten kontrolatzailea arriskuan jartzen duen exploit bat baliatuz. SCI/SCADA gailuei sistemarako duten sarbide osoa arriskuan jarriz eta hura mantenduz, APTren eragileek pribilegioak igo litzakete, zeharka mugi litezke OT ingurune batean eta funtzio edo gailu kritikoak eten.
Erreferentziak:
Erreferentzia | Gailua | URL | Fecha | Externo | Idioma destino | Idioma contenido |
---|---|---|---|---|---|---|
INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems | mandiant.com | https://www.mandiant.com/resources/incontroller-state-sponsored-ics-tool | 13/04/2022 | si | en | en |
CHERNOVITE's PIPEDREAM Malware Targeting Industrial Control Systems (ICS) | dragos.com | https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems/ | 13/04/2022 | si | en | en |
PIPEDREAM: CHERNOVITE'S EMERGING MALWARE TARGETING INDUSTRIAL CONTROL SYSTEMS | dragos.com | https://hub.dragos.com/hubfs/116-Whitepapers/Dragos_ChernoviteWP_v2b.pdf | 13/04/2022 | si | en | en |
Feds Uncover a ?Swiss Army Knife' for Hacking Industrial Control Systems | wired.com | https://www.wired.com/story/pipedream-ics-malware/ | 13/04/2022 | si | en | en |
APT Cyber Tools Targeting ICS/SCADA Devices | cisa.gov | https://www.cisa.gov/uscert/ncas/alerts/aa22-103a | 14/04/2022 | si | en | en |
Incontroller ICS malware has ?rare, dangerous' capabilities, says Mandiant | computerweekly.com | https://www.computerweekly.com/news/252515949/Incontroller-ICS-malware-has-rare-dangerous-capabilities-says-Mandiant | 14/04/2022 | si | en | en |
U.S. government, security vendors warn of new ICS malware | techtarget.com | https://www.techtarget.com/searchsecurity/news/252515987/US-government-security-vendors-warn-of-new-ICS-malware | 14/04/2022 | si | en | en |
Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities | securityweek.com | https://www.securityweek.com/russia-linked-pipedreamincontroller-ics-malware-designed-target-energy-facilities | 14/04/2022 | si | en | en |
U.S. says advanced hackers have shown ability to hijack critical infrastructure | reuters.com | https://www.reuters.com/technology/us-says-advanced-hackers-have-demonstrated-ability-hijack-multiple-industrial-2022-04-13/ | 14/04/2022 | si | en | en |
INCONTROLLER/PIPEDREAM: amenaza APT dirigida a dispositivos SCI/SCADA | incibe-cert.es | https://www.incibe-cert.es/alerta-temprana/avisos-sci/incontrollerpipedream-amenaza-apt-dirigida-dispositivos-sciscada | 18/04/2022 |