Insights

The Atlanta City digital systems were hijacked by a ransomware attack in 2018. Officials said this attack is much less serious than the one that affected the city. However, Cyber Security Expert Patrick Kelley said it is still a big deal. "To me there's a dramatic impact to this,"Kelley said. Kelley is talking to some of the judges impacted by the hack, and they told him they can't access any of their information. He also believes the judicial council likely doesn't know the full scope of the attack. Read more

Critical Path Security has spent quite a deal of time using Raspberry Pi devices for adversarially-based physical penetration tests, with the hope of compromising the client business network. It is one of the most successful tactics that are employed, as the devices are quite small and versatile. Using a battery pack and a small WiFi antenna, Critical Path Security has proven hundreds of vulnerabilities in some of the most well-defended networks in the world. This has led to increasing the security posture of our customers. When we read the most recent breach report, there was little surprise to find that NASA Jet Propulsion Laboratory (JPL) was unable adhere to the NIST standards, including the 1st requirement which is "Inventory and Control of Hardware Assets". It is a vast, interconnected network of 26,174 computer systems with 3,511 being servers. With the extensive distribution of legacy systems, the ability to breach a…

Xenotime, the hacker group that was first observed in 2017 when it sabotaged the safety equipment of an oil refinery in Saudi Arabia. At the time, it was able to access the ICS portion of the network through traditional lateral movement. It matters as Triton was designed to be not only destructive but to do so in a way that could harm or kill people. One Information Security group indicated that there are only three groups currently known to focus on this outcome, but Critical Path Security staff have observed more. Though we've worked with Electric Membership Organizations and observed several breaches, we can't definitively tie the incidents to Xenotime.  However, we're confident that their tactics would prove effective. Dragos has stated that "Trisis has been observed doing some of the slow, deliberate groundwork to launch an attack.". We believe that Industrial Control Systems are experiencing increased attacks due to…

As we've seen an increase on attacks against WiFi networks, we wanted to take a moment to share some advice for Small Businesses that are currently utilizing WiFi on their campuses. Unlike physical networks, wifi systems can extend beyond the walls of your office. Once the password for access gets out in the world, it is very difficult to control who can access your office network. Therefore, you need to consider implementing some changes and routines that protect you from unwanted guests. You have two major security issues to deal with. The first is that you need to control who can actually get on your network. The second problem is that of the signal footprint. If people outside your office can pick up a signal from your router or wireless access point, they can also capture data, collect unencrypted credentials, and exploit vulnerability systems. Following the suggestions below will greatly…