Cyber Security Today – Industrial control systems bugged; websites under attack; Atlanta recovers from ransomware

Over 320 bugs in industrial control system components were discovered by security researchers in the second half of 2017, says a survey by Kaspersky. These systems run everything from electricity and water plants to manufacturing factories. More than half of the vulnerabilities were ranked as having a high or critical level of risk.

Hackers could exploit these vulnerabilities to take control of industrial equipment. Most bugs, the report says, can be exploited remotely without authentication. And exploiting them does not require the attacker to have any specialized knowledge or superior skills.

What should companies be doing? Isolate industrial systems that connect to the Internet, make sure software on systems is patched and make sure password access to these systems is tightly controlled.

The average website is attacked 44 times a day, according to a global survey of customers by website security vendor SiteLock. And if successful, attackers steal customer data, plant malware or deface the site. Big and small companies are just as likely to be victims, the survey found.

Vulnerabilities come from coding mistakes or corrupted plug-ins.

What can you do? Passwords are your first line of defense against any cyber threats. In this case we’re talking passwords that give staff access to the website. Passwords should be a minimum of 12 characters, avoid dictionary phrases, contain at least one capital letter, one lowercase letter, and one number. Whenever possible, use randomly generated passwords and store them in a secure password manager.

Have a backup strategy. Keeping accurate and clean backups of your website is key to mitigating the damaging effects of a potential malware attack. It is recommended to backup your site daily. Use a malware scanner and a Web gateway or firewall. And make sure all website-related software is patched and updated.

Finally, with the city of Atlanta still recovering from last week’s crippling ransomware attack, it’s time to remind listeners about what they need to do to protect themselves. Ransomware gets loaded on a system when a user either goes to an insecure website – like one hosting porn – or downloading an infected document from their email. So watch where you go on the Internet and be careful who is sending you attached documents or pictures in your mail.

Just in case, regularly back up your data so you can restore your data without paying a ransom. Attackers have asked Atlanta for the equivalent of $51,000 in Bitcoin to unlock infected systems.

Cyber Security Today is produced by IT World Canada. Subscribe on Apple Podcasts, Google Play, or wherever else you listen to podcasts. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast