Latest Manufacturing security and industrial security News

W32 Stuxnet-B rootkit can install itself automatically from a USB memory stick onto a fully-patched PC
posted on 23/08/2010

Sophos has detected a rootkit that can install itself automatically from a USB memory stick onto a fully-patched PC, even if the user has disabled the Windows AutoRun and AutoPlay feature. The W32/Stuxnet-B rootkit exploits a vulnerability in the way Windows handles .LNK shortcut files, that allows them to execute automatically if the USB stick is accessed by Windows Explorer. Once the rootkit is in place it effectively enters "stealth-mode", cloaking its presence on the infected PC. Curiously, the suspicious driver files carry the digital signature of Realtek Semiconductor Corp, a major supplier of computer equipment. "Threats such as the infamous Conficker worm have spread very successfully via USB devices in the past, but were in part reduced by disabling AutoPlay. The risk is that more malware will take advantage of the zero-day exploit used by the Stuxnet rootkit, taking things to a whole new level," explained Graham Cluley, senior technology consultant at Sophos. "The explo... [more]

35 percent of companies believe their Intellectual Property has been handed over to competitors
posted on 11/08/2010

According to Cyber-Ark® Software's fourth annual “Trust, Security and Passwords” global survey, 35 percent of respondents believe their company’s highly-sensitive information has been handed over to competitors. Thirty-seven percent of the IT professionals surveyed cited ex-employees as the most likely source of this abuse of trust. While perhaps not surprising that disgruntled workers top the list, it’s noteworthy that 28 percent suspected “human error” as the next most likely cause, followed by falling victim to an external hack or loss of a mobile device/laptop, each at 10 percent. The most popular information shared with competitors was the customer database (26 percent) and R&D plans (13 percent). There was little year-over-year change in the number of respondents who suspected the loss of intellectual property to a competitor, indicating that more needs to be done to protect companies’ most valued assets. Additionally, to address vulnerabilities related to human error that ... [more]

The use of wireless networks leaves information at greater risk for interception
posted on 10/08/2010

According to the Ponemon Institute’s Global 2009 Annual Study on Cost of a Data Breach, 32 percent of all data breach cases in the study involved lost or stolen laptop computers or other mobile data-bearing devices. While the average organizational cost of a data breach was US $3.4 million, all countries in the study reported noticeably higher data breach costs associated with mobile incidents. The increasing popularity of mobile devices poses a significant threat of leaking confidential enterprise information and intellectual property. In a new white paper titled “Securing Mobile Devices,” ISACA noted that the use of wireless networks, typically less secure than wired networks, leaves information at greater risk for interception. From smartphones to USB sticks, many devices also store data that are unencrypted, which can result in sensitive information being compromised through interception and device theft or loss. Mobile devices can also be the targets of malware attacks as employees ... [more]

Secure remote access will indirectly help to reduce pollution
posted on 10/08/2010

Continued lapses in network security are holding back more activities being conducted online, poor security leads to distrust and this stifles adoption of technological change. If cyber security is better designed it will increase user certainty and it will result in greater use of the internet and better accumulation of skills by users and foster changes in user habits and the way commerce is undertaken. There will be a greater adoption of new methods of communication which will greatly assist the planet in reducing the requirements for people to travel unnecessarily. This can’t happen to soon, if climate experts are to be believed, it is a matter of urgency. Even if they are not to be believed the fact is that at the current increasing rates of energy consumption and prices and projected shortages are going to eventually dictate changes if technological developments in renewable and efficient energy use are not developed fast enough. It will just then be a question of whether we tack... [more]

Molsheim Police and RSI Video Technologies combine their skills to stop thefts in isolated spots
posted on 09/08/2010

According to the French law (According to Article 16 of Law No 83-629 of 12 July 1983 regulating private monitoring activities, caretaking and transfer of funds), in case of alarm signal received by a monitoring center, it is mandatory to have visual evidence of burglary before alerting the police, offenders will be fined with 450 euros. This measure aims to avoid unnecessary interventions (more than 95% of setting off alarms are due to incorrect manipulations), but mainly to increase the effectiveness of the police which is called only if clearly needed. RSI Video Technologies' Videofied® outdoor system aims at stopping the looting of isolated spots that affects all activity sectors. These thefts are becoming expensive and have a negative impact on working conditions. “With Videofied and its images of intrusion, the police intervene directly” said Jeanne-Marie Ferré, Marketing & Communication Manager. While with conventional detection systems, it takes over 40 minutes on average... [more]

Other Security news and resources