Cyber Research

Cyber News

Cyber Info


 october, 2016







 In this issue



*         Report a Grim Reminder of State of Critical Infrastructure Security

*         Nuclear Power Plant Disrupted by Cyber Attack

*         New Odinaff Trojan Targeting Banking Sector Linked to Carbanak Gang

*         Classified U.S. Defense Network Outage Hits Air Force’s Secret Drone Operations

*         Latest Cyber Security NewsLatest Cyber Security News


about the Cyber Security News update

The Cyber News Update is an activity of the Cyber Research Center - Industrial Control Systems and intended to reach out to all Cyber Security Professionals interested in industrial / critical infrastructure threats, protection & resilience. For more information visit the CRC-ICS website at www.crc-ics.net or www.cyber-research-center.net


Report a Grim Reminder of State of Critical Infrastructure Security

October 2, 2016


U.S. critical infrastructure got another reminder this week that it needs to do more to protect itself from cyber attacks with the release of an annual government report.

The NCCIC/ICS-CERT FY 2015 Annual Vulnerability Coordination Report points out that nagging issues continue to plague industrial control systems (ICS) and SCADA systems, notably a dearth of access controls limiting unauthorized access, poor software code quality, and the weakening, or absence of, crypotographic security when it comes to the protection of data and network communications.

The report, released by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), represents trend data culled by private and public industrial control firms for 2015.

Topping the list of industries with the most reported vulnerabilities are energy, critical manufacturing, water and wastewater systems, and food and agriculture. “What this report reveals is we are still grappling with the same systemic problems that have plagued industrial control systems for the past 20 to 30 years,” said Justin Harvey, head of security strategy with network security vendor Gigamon.

“We can’t afford to take the same business-as-usual approach to solving industrial control security issues.” According to ICS-CERT, 52 percent of vulnerabilities reported in 2015 trace back to improper input validation and poor access controls. While the report prioritizes the gap, experts said the trend may simply reflect the types of vulnerabilities targeted by researchers disclosing vulnerabilities to the agency in 2015.

Chris Eng, VP of research at Veracode, said access controls also present a challenge to other sectors. “We see similar rates – if not higher – outside of the industrial control sector. A lot of these problems are tied to the fact these systems used by industrial control systems date back to even before programmers were thinking about incorporating security into software.” More alarming to some experts is ICS-CERT data that shows a troubling trend when it comes to an uptick in reported cryptographic vulnerabilities when comparing 2015 data compared to past reports.

The number of industrial control systems “missing encryption of sensitive data” jumped from 3 percent for years 2010-2014, to 14 percent in 2015. According to the report, from 2010 to 2014, seven percent of industrial control systems had inadequate encryption strength compared to 25 percent in 2015. Alex Rothacker, security research director of the SpiderLabs Team at Trustwave, said lingering issues from Heartbleed, POODLE and other vulnerabilities in crypto libraries could be popping up in ICS.

“This increase probably indicates the use of these libraries in ICS systems,” he said. According to ICS-CERT, cryptographic problems faced by private and public ICS operators trace back to a larger issue identified as “poor code quality vulnerabilities.” According to the report, half of ICS vulnerabilities are due to poor code quality. “Poor code quality in software across the industry has also created many heartaches for enterprises using these products,” said Ann Barron-DiCamillo, CTO of Strategic Cyber Ventures and former director of US-CERT.

“There’s a whole movement to create software assurance and teach better coding practices to focus on this underlying problem that continues to get easily exploited by adversaries.” The report highlighted several other trends including an increase in overall reported vulnerabilities between 2010 and 2015, a shortening the length of time ICS-CERT tickets are resolved, and a drop in the severity of reported vulnerabilities.

Researchers interviewed cautioned that the ICS-CERT report’s small sample-size of vulnerabilities makes it is difficult to draw hard conclusions. In 2015, ICS-CERT received 427 vulnerability reports and produced 197 advisories. Vulnerabilities were reported by industrial control systems stakeholders ranging from federal, state, local governments, as well as private sector owners, operators and vendors.

More info https://threatpost.com/report-a-grim-reminder-of-state-of-critical-infrastructure-security/121004/

Nuclear Power Plant Disrupted by Cyber Attack

October 13, 2016


The head of an international nuclear energy consortium said this week that a cyber attack caused a “disruption” at a nuclear power plant at some point during the last several years.

Yukiya Amano, the head of the International Atomic Energy Agency (IAEA) didn’t go into detail about the attack, but warned about the potential of future attacks, stressing on Monday that the idea of cyber attacks that impact nuclear infrastructure isn’t an “imaginary risk.’

 “This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything, or if it’s the tip of the iceberg,” Amano told reporters in Germany. Amano refused to disclose much about the attack, electing not to say where or when it happened, but said it managed to disrupt day-to-day operations at the plant. While it wasn’t forced offline, the facility had to take what he called “precautionary measures” to mitigate the attack. It’s unclear whether Amano will ever disclose which power plant was affected, or when the attack happened.

He told Reuters it occurred “two to three years ago,” and declined to get further into the incident, which was previously unknown. Dewan Chowdhury, the founder and CEO of MalCrawler, a service that protects ICS and SCADA systems from malware, said that since there’s so little information around the attack, it’s too early to pinpoint exactly what happened.

“It could be ransomware, malware, a targeted attack; it’s anyone’s guess what it could be,” Chowdhury said. Chowdhury said he hoped the IAEA’s confirmation of an attack, even if it was years ago, would help generate awareness around cybersecurity and nuclear issues in the future. That said, he wasn’t surprised with Amano’s statement. “It’s not a surprise that it’s happening,” Chowdhury said of the disruption. “Personally, I think people aren’t disclosing it.

It’s probably happening more than people think.”

Chowdhury pointed out high numbers in the Industrial Control Systems Cyber Emergency Response Team’s (ICS-CERT) annual Year in Review reports, which regularly breaks down the most targeted critical infrastructure sectors. In 2015, the government organization responded to 295 incidents; the second highest number of incidents by sector, 46, pertained to energy Chowdhury also said the lack of independent agencies aboard, comparable to the United States’ Nuclear Regulatory Commission, could be contributing to a diminished number of attack disclosures.

“If the attack had happened in the U.S., the plant would’ve had to report it to a regulatory board,” Chowdhury said, “Overseas, this could be happening all the time but are they forced to tell the world? Tell the governing body of some agency?” “There’s the issue, there’s no transparency when it comes to a lot of this stuff, especially when it comes to nuclear cooperatives overseas,” Chowdhury said.

Michael Toecker, the head of Context Industrial Security, a consulting firm that specializes in the cyber security of industrial control systems, said it’s unlikely that the IAEA was talking about a new event. He said that more than likely it was an event previously made public that was “run of the mill and handled by plant personnel.”

 Whatever the case, Toecker warned that the IAEA’s statement should be taken with a grain of salt. “Nuclear is a nice boogeyman to pair with the cyber boogeyman, and it’s very easy to build up a run of the mill virus into an ‘attack’, especially when you give a nice teaser and no substance,” Toecker said,

“The public should be wary of individuals who engage in this practice.” It took a few months but ICS-CERT officially confirmed in February there was a connection between BlackEnergy malware and an outage in Ukraine last December. Attackers obtained legitimate credentials for three regional electric power distribution companies in Ukraine via BlackEnergy-laden phishing emails as a vector.

They went on to knock roughly 225,000 customers on the power grid offline. Chatham House, a London-based independent policy institute, warned last fall, prior to the Ukraine incident, that the risk around nuclear infrastructure cyber attacks was growing. In a 52-page report, the think tank cautioned that the proliferation of supply chain vulnerabilities, paired with a lack of training in the industry, could lead to an attack sooner than later. Amano claims the IAEA, a nuclear energy watchdog formed by the United Nations in the 1950s, is providing employees with cybersecurity training with radiation detection devices, and a specialized database that includes nuclear information from 131 countries to better educate its workers.

The agency held a summit around cybersecurity, the International Conference on Cyber Security in a Nuclear World, in Vienna, in June 2015, to foster dialogue and discuss challenges related to in the industry. Amano told reporters on Monday that he plans to make it a primary topic at another summit, the International Conference on Nuclear Security: Commitments and Actions, slated for December.

Read more at  https://threatpost.com/nuclear-power-plant-disrupted-by-cyber-attack/121216/

New Odinaff Trojan Targeting Banking Sector Linked to Carbanak Gang

October 11, 2016.

Symantec has discovered evidence that a new trojan that's predominantly targeting the banking sector has ties with Carbanak, a cybercrime gang responsible for stealing more than $1 billion from 100 banks across 30 countries in 2013 and 2014.

Identified for the first time in January 2016, this new trojan, named Odinaff, has been discovered on compromised networks of various companies activating mainly in the banking sector, but also the securities, trading, and payroll verticals.

While Symantec says it found the trojan on computers in companies activating in various industries, almost all computers ran financial software applications, showing the group's penchant for financially-motivated attacks.

"Odinaff spread via malicious docs"

Symantec says the crooks use spear-phishing emails, targeting selected individuals with carefully crafted emails that contain malicious Word documents.

These booby-trapped documents help the crooks install the Odinaff malware, which according to researchers, is a relatively simple tool.

Researchers say the trojan's main purpose is to get a foothold on infected computers, gain boot persistence, and then download other malicious software, to facilitate more complex attacks.

Some of the tools Symantec says it observed Odinaff download include the Mimikatz password-dumping application, the PsExec process execution toolkit, the Netscan network scanner, the Ammyy Admin remote desktop utility, and Runas, a tool for running processes as another user.

"Odinaff infrastructure connected with previous Carbanak attacks"

In some cases, Symantec says Odinaff downloaded the Batel backdoor trojan, a tool deployed in past Carbanak attacks, used mainly by the group.

Besides Batel, Symantec says Odinaff used three C&C server IP addresses connected to previous Carbanak attacks. Furthermore, one IP address was tied to the recent Oracle MICROS security breach, an attack attributed to the Carbanak gang by security researcher Brian Krebs.

"Odinaff used in SWIFT attacks"

Besides regular financial software deployed at banks and financial firms, Odinaff appears to have targeted the highly sensitive SWIFT inter-banking transaction system, an IT system which banks have to safeguard with high-grade security defensive measures.

"Symantec has found evidence that the Odinaff group has mounted attacks on SWIFT users, using malware to hide customers’ own records of SWIFT messages relating to fraudulent transactions," researchers said. "The tools used are designed to monitor customers’ local message logs for keywords relating to certain transactions. They will then move these logs out of customers’ local SWIFT software environment."

While Odinaff includes this custom C-coded module for hiding illegal SWIFT banking transactions, Symantec doesn't believe Odinaff is responsible for the recent wave of SWIFT attacks.

Those attacks, attributed to the Lazarus Group, were carried using a malware family named Banswift, which doesn't appear to share any code with Odinaff, despite both targeting the SWIFT network.

For once, users can breathe easy, since this malware targets only the bank and its employees, and not its customers.

Odinaff targeting statistics

More Info http://news.softpedia.com/news/new-odinaff-trojan-targeting-banking-sector-linked-to-carbanak-gang-509192.shtml


Classified U.S. Defense Network Outage Hits Air Force’s Secret Drone Operations

October 12, 2016.

The Air Force is investigating the connection between the failure of its classified network, dubbed SIPRNet, at Creech Air Force Base and a series of high-profile airstrikes that went terribly wrong in September this year.

Creech Air Force Base is a secret facility outside Las Vegas, where military and Air Force pilots sitting in dark and air-conditioned rooms, 7100 miles from Syria and Afghanistan, remotely control their "targeted killing" drone campaign in a video-game-style warfare.

rom this ground zero, Air Force pilots fire missiles just by triggering a joystick on a targeted areas half a world away, as well as operate drones for surveillance and intelligence gathering.

Drone operation facility at Creech Air Force Base -- a key base for worldwide drone and targeted killing operations -- has been assigned as ‘Special Access Programs’, to access SIPRnet.

What is SIPRnet?

SIPRNet, or Secret Internet Protocol Router Network, is a global United States military Internet system used for transmitting classified information, intelligence, targets, and messages at the secret level.

In other words, SIPRNet is completely parallel Internet, uses the same communications procedures and has been kept separate from the ordinary civilian Internet.

Approximately 3 Million people with secret clearances have access to SIPRNet, which includes Pentagon and military officials, Intelligence agencies, FBI, as well as diplomats in US embassies all around the World.

Classified Network Crashed at Creech Base

The network at Creech Air Force Base was crashed in early September that impacted "critical services," and has not been completely rebuilt, according to US government contracting records.

 "On 9 September 2016, the SIPRNet system currently in operation at Creech AFB failed, and critical services were impacted," reads a contracting notice posted by the US government in early October.

 "The services were somewhat restored with the use of multiple less powerful devices. This temporary solution stabilized the services, but will not be able to maintain the demand for very long. If this solution fails, there is currently no other backup system."

The officials would not say whether the failure was due to internal technical faults, a cyber attack, or a state-sponsored hacker. They would also not say if JWICS — a separate internet system that handles top-secret information — at Creech was also affected.

US Drones Killed around 100 Innocents within Two Weeks

On September 17, 62 Syrian soldiers were accidentally killed by US airstrikes in the middle of a ceasefire. On September 28, 15 innocent civilians were reportedly killed in Afghanistan by a US drone, as well as 22 Somali soldiers were reportedly killed in Somalia by US drone strikes.

All the cases are under review and investigation, and there has been no official explanation for targeting innocent people, though the United States expressed its regrets quickly after the incident, according to reports.

On October 7, the Air Force quietly announced that Creech base would be subject to a surprise cyber security inspection and warned personnel to be wary of phishing attacks and to be extra careful in securing their login credentials.

Has U.S. Classified Network Been Hacked?

These classified networks are definitely not connected to the Internet, but this does not mean that malware or well-resourced hackers can never found their ways into these critical networks.

If confirmed, this would not be the first time, when a classified computer network of US military has been compromised.

In the year 2008, The Pentagon acknowledged a significant cyber attack, Operation Buckshot Yankee, where a foreign intelligence agent used a USB drive to infect military computers used by the Central Command in overseeing combat zones in Iraq and Afghanistan with a specially crafted malware.

You might be aware of Chelsea Manning (then known as Bradley Manning), an army soldier who made headlines in 2013 when she was sentenced to 35 years in prison for leaking over 700,000 classified files to WikiLeaks.

Manning allegedly downloaded those secret documents from SIPRNet using a Lady Gaga CD.

Since these classified networks have a significant role in US national security, terrorist groups and state-sponsored hackers belonging to sophisticated nation-states like China, Russia, Iran, and North Korea have always shown large interest in targeting them.


Read more: http://thehackernews.com/2016/10/drone-siprnet-defence-network.html


Latest Cyber Security News

Individuals at Risk

Cyber Privacy

Facebook enables encryption for mobile Messenger app’s 900M users Facebook this week said the roughly 900 million account holders who use its mobile Messenger app each month can now make their conversations illegible to eavesdroppers after it finished rolling out a feature that uses end-to-end encryption to protect private messages from prying eyes. The Washington Times, October 6, 2016

Passwords are cybersecurity weakest link says former Homeland Security chief Michael Chertoff: Last month’s news of the devastating breach at Yahoo stunned even the most seasoned security experts, given its impact on more than 500 million individuals. CNBC, October 6, 2016

Cyber Warning

Cybercriminals hacked Spotify’s Ad Server. Listeners got malware served up with with their ads: Small number of users may have been impacted by malvertising, digital music service admits. Dark Reading, October 7, 2016

Cyber Update

Android battles to fix the holes where the rain gets in: Google’s security mavens have been hard at work this month, patching an impressive 78 Android flaws in the firm’s latest update. NakedSecurity, October 7, 2016

Cyber Defense

‘Security fatigue’ leading computer users to more or less just give up: Do you use the same password for multiple sites? Do your eyes glaze over after sites like LinkedIn or Yahoo get massively hacked and, like clockwork, the security wonks come wagging their fingers at you for reusing your passwords? NakedSecurity, October 7, 2016

Information Security Management in the Organization

Information Security Governance

Focus on ‘compliance’ not ‘security management’ creates security gaps for cyber criminals to exploit: Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. HealthCareInfoSecurity, October 7, 2016

Cybersecurity becoming major IT spending driver as cybercrime impacts grow: As companies shift to digital technologies, they are investing more money in tools to protect their corporate networks and inviting CISOs to help plan and implement enterprise architecture. CIO, October 6, 2016

Cultivating a culture of information security critical to meeting Europe’s new data privacy regs GDPR: In an IT landscape increasingly vulnerable to cyber threats, organisations need to think about information security as an element that enables business and facilitates increased competitive advantage. Information Age, October 3, 2016

Cyber Awareness

Email that hacked AZ voter registration? Official: “Any normal person would have clicked on it:” The email that gave Russian hackers access to an Arizona registration base looked like it came from an employee, and any normal person would have clicked on it, Arizona Secretary of State Michele Reagan said Wednesday. CNBC, October 5, 2016

Cyber Warning

Point-of-Sale systems under attack in pre-holiday malware update: A smash and grab malware gang has updated its FastPoS point of sales hack app to plunder credit cards more efficiently ahead of the festive season. The Register, October 7, 2016

DDoS Risk Increases as Source Code for IoT Botnet ‘Mirai’ Released: The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices. KrebsOnSecurity, October 1, 2016

Cyber Law

TalkTalk Slammed with Record Fine of £400,000 ($511,000) for multiple information security breaches: Britain’s privacy watchdog agency has slammed TalkTalk with a record fine of £400,000 ($511,000) for information security failings that allowed a hacker to steal customer data “with ease.” BankInfoSecurity, October 5, 2016

Donald Trump’s Hotel Chain to Pay Penalty Over Data Breaches: Donald J. Trump’s hotel chain agreed to pay a $50,000 penalty and revamp its data security policies after a couple of breaches exposed 70,000 credit card numbers and other personal information of its customers. The New York Times, September 25, 2016

Cyber Security in Society

Cyber Privacy

Yahoo Said to Have Aided U.S. Email Surveillance by Adapting Spam Filter: A system intended to scan emails for child pornography and spam helped Yahoo satisfy a secret court order requiring it to search for messages containing a computer “signature” tied to the communications of a state-sponsored terrorist organization, several people familiar with the matter said on Wednesday. The New York Times, October 5, 2016

Yahoo’s CISO resigned in 2015 over secret e-mail search tool ordered by feds: According to a new report by Reuters citing anonymous former employees, in 2015, Yahoo covertly built a secret “custom software program to search all of its customers’ incoming emails for specific information.” ars technica, October 4, 2016

Know Your Enemy

‘Money Mule’ Gangs Turn to Bitcoin ATMs: Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly, however, the mules are being instructed to remit the stolen money via Bitcoin ATMs. KrebsOnSecurity, September 29, 2016

National Cyber Security

Hacking: A thorny issue between Russia and the West: Russian hackers have been accused by the United States of carrying out a series of attacks against political organisations in order “to interfere with the US election”. BBC, October 8, 2016

Steptoe Cyberlaw Podcast – Interview w Ellen Nakashima, star Washington Post cyber reporter: In episode 132, our threepeat guest is Ellen Nakashima, star cyber reporter for the Washington Post. Markham Erickson and I talk to her about Vladimir Putin’s endless appetite for identifying ‒ and crossing ‒ American red lines, the costs and benefits of separating NSA from Cyber Command, and the chances of a pardon for Edward Snowden. Ellen also referees a sharp debate between me and Markham over the wisdom of changing Rule 41 to permit judges to approve search warrants for computers outside their district. Steptoe Cyberblog, October 7, 2016

How weak cybersecurity could disrupt the U.S. election: Election Day is still four weeks away but the integrity of the final outcome is under attack now by a pernicious combination of real weaknesses in U.S. cybersecurity and candidate-fueled charges about ballot tampering. Politico, October 7, 2016

U.S. government officially accuses Russia of hacking campaign to interfere with elections: The Obama administration on Friday officially accused Russia of attempting to interfere in the 2016 elections, including by hacking the computers of the Democratic National Committee and other political organizations. The Washington Post, October 7, 2016

NSA contractor charged with stealing top secret data: BOSTON — A federal contractor suspected in the leak of powerful National Security Agency hacking tools has been arrested and charged with stealing classified information from the U.S. government, according to court records and U.S. officials familiar with the case. The Washington Post, October 5, 2016

Cyber Politics

Researchers find fake data in DNCC – Clinton data dumps; also in Olympic anti-doping dumps: A pattern of mischaracterization, misrepresentation, and outright alteration of breached data has emerged in two of the latest headline-grabbing batches of hacked files. Investigators discovered that recently published data from anti-doping testing at the 2016 Olympics in Rio de Janeiro had been altered by parties connected to a Russia-based hacking group behind the breach, according to a report issued by the World Anti-Doping Agency (WADA) yesterday. ars technica, October 6, 2016

Internet of Things

We Need to Save the Internet from the Internet of Things: Brian Krebs is a popular reporter on the cybersecurity beat. He regularly exposes cybercriminals and their tactics, and consequently is regularly a target of their ire. Last month, he wrote about an online attack-for-hire service that resulted in the arrest of the two proprietors. In the aftermath, his site was taken down by a massive DDoS attack. Schneier on Security, October 6, 2016

Johnson & Johnson warns diabetic patients: Insulin pump vulnerable to hacking. Could cause overdose.: Johnson & Johnson is telling patients that it has learned of a security vulnerability in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the risk as low. Reuters, October 5, 2016

Poor security practices by IoT manufacturers open door to cyber attacks : As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware. KrebsOnSecurity, October 3, 2016

How hard is it to hack the average DVR? Sadly, not hard at all: A major battle is underway for control over hundreds of millions of network-connected digital video recorders, cameras, and other so-called Internet of Things devices. As Ars has chronicled over the past two weeks, hackers are corralling them into networks that are menacing the security news site KrebsOnSecurity and other Web destinations with some of the biggest distributed denial-of-service attacks ever recorded. ars technica, October 3, 2016

Cyber Enforcement

The FBI exploring legal & technical options to gain access to dead terrorist’s locked iPhone: WHEN THE FBI asked a court to force Apple to help crack the encrypted iPhone 5c of San Bernardino shooter Rizwan Farook in February, Bureau director James Comey assured the public that his agency’s intrusive demand was about one terrorist’s phone, not repeated access to iPhone owners’ secrets. But now eight months have passed, and the FBI has in its hands another locked iPhone that once belonged to another dead terrorist. Which means they may have laid the groundwork for another legal showdown with Apple. Wired, October 6, 2016

Cyber Sunshine

Feds Charge Two In Lizard Squad Investigation: The U.S. Justice Department has charged two 19-year-old men alleged to be core members of the hacking groups Lizard Squad and PoodleCorp. The pair are charged with credit card theft and operating so-called “booter”orstresser” services that allowed paying customers to launch powerful attacks designed to knock Web sites offline. KrebsOnSecurity, October 6, 2016

Cyber Event

Secure Coding Class for the Web: The major cause of application insecurity is the lack of secure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects. The class features a combination of lecture, security testing demonstration and code review. Event Date: October 17-21

THIRD ANNUAL LOS ANGELES CYBER SECURITY SUMMIT 2016-SILICON BEACH: Cyber attacks on corporations, governmental agencies and individuals are becoming increasingly widespread and regular, as well as more complex. In honor of National Cyber Security Awareness Month, LMU is once again hosting The Third Annual Cybersecurity Summit that brings together government officials, private business executives and cybersecurity experts to discuss the current and emerging threats that exist in today’s sophisticated cyber environment, and the technological advancements being made to countermeasure and manage these risks. Event Date: October 22, 2016





Cyber ReseArch

Cyber News

Cyber info


The content of this CRC-ICS Cyber News Update is provided for information purposes only. No claim is made as to the accuracy or authenticity of the content of this news update or incorporated into it by reference. No responsibility is taken for any information or services which may appear on any linked websites. The information provided is for individual expert use only.



Founded in 2015, the Cyber Research Center - Industrial Control Systems is a not for profit research & information sharing research center working on the future state of Physical & Cyber Protection and Resilience. CRC-ICS goals are to inform industries / critical infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be prepared to deal with these cyber threats.



Cyber Research Center - Industrial Control Systems. 2016

www.crc-ics.net or www.cyber-research-center.net