A cybersecurity researcher presents a scenario for the employment of “siegeware,” whereby an adversary holds a building for ransom by hacking into the software that controls its functionality, including room temperature, door locks, and alarms. According to the researcher, this is not an imaginary scenario, as he claims to have met someone who was the victim of a siegeware attack. When the person’s company refused to pay the attackers, its use of the targeted building was disrupted. And in his further investigations, the researcher discovered other similar incidents involving siegeware. To help organizations address this threat, the researcher recommends they use Shodan – the internet search tool that can be used to find industrial control systems device. Other recommended protective measures include implementing firewalls, VPNs, and multi-factor authentication. Read the article at We Live Security.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!