Friday, July 31, 2015

Revealing Widespread Gas Station Cyber Attacks at Black Hat

Hacker waiting for something with binary code in background

At Trend Micro it’s always been our job to work out where the next threat is coming from, so we can offer the best protection possible to our customers. Sometimes people listen to us at shows and say: “Seriously? That’s never happened to us.” But that’s the point. It hasn’t … yet. Who would have thought gas pump monitoring systems in the US were a target for hackers?

The truth is they are, and at Black Hat next week we’ll tell you exactly how and why.

Times have changed

We’re no longer faced with bedroom-bound enthusiasts releasing potent but relatively innocuous viruses into the wild. Today’s threat landscape is about highly motivated, well resourced, agile and covert cybercriminals – many of whom know exactly how to stay hidden long enough to exfiltrate your most sensitive corporate data. It’s also about nation state actors on the prowl for anything which is economically or geopolitically advantageous. And it’s about hacktivists – many of whom hail from within our borders – who want to make a moral point by attacking organizations and exposing sensitive data to the public.

What this means practically speaking is that virtually every organization is a potential target. Whether you’re a government agency harboring state secrets, a business with credit card data sitting in your servers, or an organization that has somehow offended the hacktivist community.

Gas pumps exposed

Trend Micro’s senior threat researcher, Kyle Wilhoit, along with Stephen Hilt, first discovered an attack on the Guardian AST Monitoring System for internet-facing gas pumps earlier this year. On that occasion the attackers merely changed the name of a pump from “DIESEL” to “WE_ARE_LEGION” – the tag line for hacktivist collective Anonymous.

Now, that attack was pretty innocuous. But given that these systems typically monitor inventory, pump levels, and other key aspects of gas pumping systems, the potential is there for severe disruption of services. Empty tank values could be altered to display as full, leading to gas stations with no fuel. Kyle found more than 1,500 internet-facing pumps lacking adequate security to keep the bad guys out.

Read more here about Kyle’s presentation at Black Hat next week.

See you at Black Hat

The problem the good guys have is being able to share threat intelligence quickly enough and with the right people to make a difference. Trend Micro is fortunate in having great relationships with law enforcement agencies around the globe. But conferences like Black Hat are also a vital platform. They let us share intelligence and research that help us expand our parameters and come together as a community in a way that proves we’re greater than the sum of our parts.

That’s why Trend Micro is delighted to be presenting our research on attacks against gas tank monitoring systems at the show. Our very own Kyle Wilhoit and Stephen Hilt will be presenting their ground-breaking research on 5 August in the Jasmine Ballroom at 4.20pm: The Little Pump Gauge That Could: Attacks Against Gas Pump Monitoring Systems. And we’ll also be releasing a new free tool, Gaspot, to enable researchers and operators to set up their own virtual monitoring systems to track attempted attacks.

That’s not all. Senior malware scientist Sean Park will be discussing evasion techniques used against financial institutions in his not-to-be-missed talk at 11.30pm in Mandalay Bay GH: Winning the Online Banking War.

But we’re also looking forward to a fascinating few days of presentations on everything from mPOS flaws to targeted takedowns; and cloning 4G SIMs to IoT attacks.

The bad guys are pretty good at sharing intelligence, so let’s make sure we are too. See you in Vegas on August 5.



from Trend Micro Simply Security http://ift.tt/1LURJWq
via IFTTT

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.