TECHNOLOGY
Gas stations and beyond: Why cybersecurity is a top priority for industrial infrastructure
December 19, 2021 1:55 p.m.
By Chris Connell, Managing Director for Asia Pacific at Kaspersky
Industrial Control Systems (ICS) demand specific approaches to cybersecurity due to their complex structure, connected devices with different capabilities, software and operating systems, and critical functions. And this isn’t just a theory.
Something as common as a gas station has all the attributes of an ICS, such as connected equipment including pumps and tanks, controllers, a management system, a payment system, as well as connection to the corporate network, third-party service systems, and the internet. Just like any industrial facility, it has cybersecurity issues that companies should consider, to avoid disruptions that may affect the business, its employees, and the general public. This happened recently when gas stations in Iran were shut down because of a targeted attack.
This look through an ICS infrastructure is based on our research carried out at the end of 2020. It included the analysis of a modern gas station’s automation software architecture, a typical infrastructure, and the communications inside it. This allowed us to classify potential attack vectors and their impact on the fuel station’s network.
At a gas station
Imagine you’re driving your car and you need to fill it. You stop at a gas station, put the dispenser in the tank, and go to the convenience store to pay for the fuel. Once inside, the fresh coffee smells nice, you take some snacks for the road, complete your purchase and return to your vehicle.
To deliver the fuel to your tank, several systems should work: the back-office system and point of sales are used for payments and management functions. They are connected to the forecourt controller (FCC). This is the area with pumps outside the convenience store where customers park their cars to fill up. It is equipped with many systems such as a pump control, an automatic tank gauge (ATG), payment systems, etc. The FCC is the main device that controls fuel distribution, so when you pay through a cashier, the FCC commands the pump to supply it to your car so you can continue your journey.
Information about operations, the amount of fuel sold and available is transmitted to the management system locally and then to a head office that accumulates information from all stations.
Where are the problems?
Through our research, we managed to classify what could go wrong in this process. There are several potential operational technology (OT) and IT security issues that can affect the work of the station.
The first group of risks involves potential remote access from external networks. Just like many industrial systems today, the gas station employs solutions that are connected to public services through the internet, these include cloud banking systems or specialised fleet management systems. Remote access to the fuel station allows further malicious actions inside the network.
This was a real case described in one of Kaspersky’s studies. At the gas station, fuel management software was used to track the amount stored, set the price, and process payments. The system was connected to the internet and had vulnerabilities that allowed remote admin access with the ability to even change the fuel price.
There are also suppliers and service companies that have access to some parts of the infrastructure. Compromising these third parties may open doors to the target system for attackers. In fact, this type of threat is of great concern for companies of any size profile: a third (32%) of large organizations suffered attacks involving data shared with suppliers. What’s more, the financial impact of such incidents on enterprises is the highest across all types of attacks in 2021.
Another set of risks involves network and device issues that may potentially lead to the disruption of fuel station services or direct financial impact. Attacks can come from remote networks or by connecting to wireless networks or wired network ports available onsite.
Then, if the network is not segmented, the attack can spread from entry points such as secondary equipment in a shop and office workstations to critical components such as fuel management controls. The usage of unencrypted protocols (HTTP, CDP, FTP, Telnet, etc.) in the gas station network may allow adversaries to disclose sensitive information for further attack development.
Another critical but evergreen problem is vulnerabilities or security flaws in the fuel controller, POS terminals, and network equipment, as well as corporate endpoints and applications. In 2015, 5,800 automatic tank gauges (ATGs) were found to be exposed to unauthorized access from the internet because of a lack of password protection on a serial port. ATG is an electronic component placed in the tank that monitors the level of fuel and checks if it is leaking fluid. And through this serial port, the ATG can be programmed. If the signal it transfers is not correct, the operator won’t get an alert about any deviation. Figures from 2015 also suggested that at the time, most systems were in gas stations in the US and represented 3% of those used in the country. By compromising such critical systems as automatic tank gauges, criminals can unlock options for fraud or even physical damage.
It is also important to verify all workstations used on the forecourt such as points of sale, back-office systems, fuel controllers or payment terminals, as well as their configuration and even access to USB ports. For example, a lack of encryption or incompliancy to the PCI DSS standard in a payment system can contribute to the risk of an attack. For a fuel controller, it is also important to check industrial protocols. Lack of source authentication or integrity control may give adversaries, performing a man-in-the-middle attack, the opportunity to intercept data and manipulate station controllers.
Another point to manage is wireless gateways and reader units. A security assessment should be performed to identify insecure industrial protocols, the possibility of jamming and spoofing attacks.
How to improve
There are major security measures that should help increase the overall level of operational technology infrastructure. It is applicable to fuel stations but is no less relevant to any industrial network.
Network security: Purpose-based network segmentation enhances overall security and minimizes the surface of a possible attack. The segment of the network that has access to untrusted parts of it, such as corporate IT, should also be separated and protected with appropriate enterprise-grade protection software.
Passive OT network monitoring is essential for asset and communication inventory and detection of intrusions before they affect the technological process. Monitoring data also helps IT security teams to analyze events and consider hardening measures.
Access control: This should include restricting physical and logical access to the automation and control system. Security measures for remote access control for service companies will help to avoid third-party incidents.
Endpoint protection: It is important to implement specialized industrial-grade security software for OT hosts and servers. Ensure that the software is approved by the automation vendor and compatible with its solutions. This should help to avoid a situation where the protection product affects operation functions.
Security management: A system for centralized security event collection and protection software policy management should be implemented. It is also important that the solution allows vulnerability and patch management. If the system can be integrated with Security Information and Event Management (SIEM), that is a ‘nice to have’ option for organizations that plan to upgrade their protection level. Real-time continuous monitoring and endpoint data collection with rules-based response and analysis capabilities will help to further improve protection from advanced attacks.
A more fundamental approach that involves long-term measures is also important to improve the overall cybersecurity posture. This means adhering to industry standards for information security controls such as IEC 62443, NIST, NERC CIP, and so on. The organization should also conduct penetration testing or security analysis regularly, to identify vulnerabilities and information security problems before they are exploited by someone. And then, of course, follow all recommended measures to fix them properly.
Going deeper, there are specific requirements for companies with different levels of protection. But the measures listed above are essential to fill most cybersecurity gaps. Be it a fuel station, refinery, or giant car manufacturer, the basic principles of OT and IT protection should allow the company to build a reliable cybersecurity system and develop it according to their needs. This will provide a great foundation for satisfied business owners and happy clients.
TECHNOLOGY
SEA 2023: Cybercriminals clog business networks with financial phishing
6:36 p.m. March 18, 2024
In 2023, Kaspersky anti-phishing technologies detected nearly 500,000 attempts to follow a phishing link on businesses’ devices in Southeast Asia (SEA). Interestingly, this number only refers to phishing links related to finance matters – e-commerce, banking, and payment systems.
Phishing persuades users to take action which gives a scammer access to your device, accounts, or personal information. By pretending to be a person or organization the users trust, they can more easily infect the victim with malware or steal their information.
These social engineering schemes “bait” with trust to get valuable information. This could be anything from a social media login, to your entire identity via your social security number. These schemes may urge the user to open an attachment, follow a link, fill out a form, or reply with personal information.
“Financial phishing” is a type of phishing which refers to fraudulent resources related to banking, payment systems and digital shops. Payment system phishing includes pages impersonating well-known payment brands.
From January to December last year, Kaspersky solutions detected and blocked a total of 455,708 financial phishing attempts targeting companies of various sizes in the region. The statistics reflect clicks on phishing links placed in various communication channels, including emails, fraudulent web sites, messengers, social media, etc.
“Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work. The rise of generative AI helps cybercriminals to make phishing messages or scam resources more convincing. As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That’s why the role of robust security solutions increases,” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
The Philippines logged the highest number of financial phishing at 163,279 attempts in 2023, followed by Malaysia with 124,105. Indonesia chalked up 97,465 incidents while Vietnam experienced 36,130 phishing attacks related to financial matters. Thailand and Singapore registered the least number of this threat at 25,227 and 9,502 respectively.
“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack Our recent study showed employee security violations can be as damaging as external hacking for companies in Asia Pacific which means the human factor continues to play a role in making businesses vulnerable. Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks,” adds Yeo.
To help companies protect their systems against the damages of a successful phishing attack, Kaspersky experts recommend:
- To advance decision-makers’ understanding of the importance of cybersecurity and how best to distribute budgets to stay ahead of threats, engage them with Kaspersky Interactive Protection Simulation for enhanced C-level professional education.
- Consider experts’ help. For example, Kaspersky Assessments family of professional services identifies security gaps in your system’s configuration, and the Security Architecture Design helps create an IT security infrastructure that’s a perfect fit for a particular company. Every step of implementation is grounded in real security needs, giving decision-makers convincing arguments to allocate budgets.
- Install and use enterprise security solutions with anti-phishing software: The Advanced Anomaly Control feature within Kaspersky Endpoint Security for Business Advanced, Kaspersky Total Security for Business and Kaspersky Endpoint Detection and Response Optimum help prevent potentially dangerous activities that are ‘out of the norm’, both undertaken by the user and initiated by the attacker who has already seized control of the system.
TECHNOLOGY
Revolutionizing social networking: Rili, groundbreaking AI-powered platform
6:11 p.m. March 9, 2024
Rili.ai officially launches its AI-powered app to redefine how individuals connect, interact, create, and communicate in the digital age. Thanks to voice cloning and lip-syncing, anyone can create their own digital twin (Rili) and interact with anyone, anytime, and anywhere.
Users can cultivate their digital twin, training it with content in over 100 languages to break down communication barriers and foster worldwide friendships. Whether you’re looking to expand your knowledge, gain insights and information from other individuals, or delve deeper into meaningful conversations with other users, Rili.ai is the app to do so effortlessly.
To train Rili, users can share knowledge and information through chat (written messages or voice audios) or by speaking into a microphone. Moreover, it is possible to integrate the digital print of anyone into Rili profiles with their existing accounts on platforms such as Twitch, X, and YouTube. Leveraging this integration, Rili.ai gathers personalized information from users’ public profiles on these platforms, ensuring a tailored experience based on their interests and preferences.
Features for Enhanced Social Engagement
The app offers various features designed to enhance users’ digital interactions. The explore feature allows users to effortlessly search for their favorite Rili users and discover others who share similar interests and preferences, fostering meaningful connections in a virtual community. With profile customization, users can tailor their Rili to reflect their unique personality and interests. The chat functionality allows users to initiate conversations with other “Rilis” and review their past chats, promoting seamless interaction and boosting engagement. Other features include creating favorite Rili lists, scoring conversations, adding likes to conversations or phrases, and sharing messages with anyone through different channels.
Through Rili, users have the unique ability to deeply connect with others, gaining valuable insights and understanding into their perspectives, experiences, and expertise. Rili.ai facilitates meaningful connections that transcend geographical boundaries and time constraints. With its advanced capabilities, Rili.ai offers an app for preserving digital heritage, allowing users to capture and preserve their memories, stories, and experiences for future generations.
“Rili is the new generation of social media platforms. Powered by AI and using the most relevant state-of-the-art technologies, its development will be a turning point for the history of communication. The creation of digital twins will give the opportunity to the society to expand their knowledge, connections and share of voice beyond boundaries”, highlighted Antonio Camacho, Rili Co-founder. “Rili’s mission is to fight against isolation, allowing people to connect with others you would not be able to reach”.
Join Rili’s white list
The Rili alpha version is already live for anyone interested in joining the community. You can sign up for the white list and will be notified once you have access to create your own Rili. The app is available for iOS and Android.
Revolutionizing Social Networking: Introducing Rili, the Groundbreaking AI-Powered Platform for Sharing and Expanding Your Legacy
Rili.ai officially launches its AI-powered app to redefine how individuals connect, interact, create, and communicate in the digital age. Thanks to voice cloning and lip-syncing, anyone can create their own digital twin (Rili) and interact with anyone, anytime, and anywhere.
Users can cultivate their digital twin, training it with content in over 100 languages to break down communication barriers and foster worldwide friendships. Whether you’re looking to expand your knowledge, gain insights and information from other individuals, or delve deeper into meaningful conversations with other users, Rili.ai is the app to do so effortlessly.
To train Rili, users can share knowledge and information through chat (written messages or voice audios) or by speaking into a microphone. Moreover, it is possible to integrate the digital print of anyone into Rili profiles with their existing accounts on platforms such as Twitch, X, and YouTube. Leveraging this integration, Rili.ai gathers personalized information from users’ public profiles on these platforms, ensuring a tailored experience based on their interests and preferences.
Features for Enhanced Social Engagement
The app offers various features designed to enhance users’ digital interactions. The explore feature allows users to effortlessly search for their favorite Rili users and discover others who share similar interests and preferences, fostering meaningful connections in a virtual community. With profile customization, users can tailor their Rili to reflect their unique personality and interests. The chat functionality allows users to initiate conversations with other “Rilis” and review their past chats, promoting seamless interaction and boosting engagement. Other features include creating favorite Rili lists, scoring conversations, adding likes to conversations or phrases, and sharing messages with anyone through different channels.
Through Rili, users have the unique ability to deeply connect with others, gaining valuable insights and understanding into their perspectives, experiences, and expertise. Rili.ai facilitates meaningful connections that transcend geographical boundaries and time constraints. With its advanced capabilities, Rili.ai offers an app for preserving digital heritage, allowing users to capture and preserve their memories, stories, and experiences for future generations.
“Rili is the new generation of social media platforms. Powered by AI and using the most relevant state-of-the-art technologies, its development will be a turning point for the history of communication. The creation of digital twins will give the opportunity to the society to expand their knowledge, connections and share of voice beyond boundaries”, highlighted Antonio Camacho, Rili Co-founder. “Rili’s mission is to fight against isolation, allowing people to connect with others you would not be able to reach”.
Join Rili’s white list
The Rili alpha version is already live for anyone interested in joining the community. You can sign up for the white list and will be notified once you have access to create your own Rili. The app is available for iOS and Android.
TECHNOLOGY
The lightest smartphone with massive 6000mAh battery HONOR X7b coming to PH on March 9
4:34 p.m. March 7, 2024
HONOR Philippines never stops! After the successful launches of HONOR X9b 5G, HONOR Magic V2, and HONOR X8b, the leading global smart devices provider is expected to launch the HONOR X7b in the Philippines on March 9!
“We, at HONOR, believe that technology is very inclusive, there is technology that caters to even the most unique requirement there is. We had HONOR X9b 5G that is ultra tough that can withstand harsh drops. HONOR X8b was recently introduced with a massive storage and great camera quality for those who value design and photography. Now, we are welcoming a new addition to our X Series, the HONOR X7b,” said HONOR Philippines Vice President Stephen Cheng.
Welcoming the HONOR X7b
HONOR X7b is the latest addition to HONOR’s X Series line-up, offering consumers a reliable, well-rounded device available to consumers at an affordable price. Delivering upgrades in hardware performance, battery performance, and photography capabilities, the new device promises an exceptional, uninterrupted user experience.
Equipped with a 6,000mAh ultra-large battery, the HONOR X7b delivers the best battery life among all HONOR X Series smartphones to date. It can support various activities for up to 3 days on a single charge, making it a reliable companion for users on the go. Thanks to HONOR’s innovative battery technologies, the HONOR X7b is the thinnest and lightest smartphone with a 6000mAh battery. The device’s battery maintains over 80% of its health even after three years of usage, ensuring exceptional longevity and reducing the need for constant recharging.
The HONOR X7b boasts a 108MP Main Camera with a 1/1.67-inch sensor. To enable the camera to capture bright and vivid shots even in challenging low-light conditions, the HONOR X7b supports 9-in-1 pixel binning, achieving a pixel size measuring 1.92µm that ensures night colors are faithfully reproduced in images.
For more information and announcements, you may visit HONOR’s website www.hihonor.com or social media platforms: Facebook (Facebook.com/HonorPhilippines), Instagram (Instagram.com/honorph/) and TikTok Shop: (Tiktok.com/@honorphilippines). To check out HONOR’s complete list of retail stores, go to https://www.hihonor.com/ph/retailers/.
In the meantime, check out HONOR’s wide array of mobile phones, tablets, and laptops at any HONOR Experience and Partner Stores nationwide or online via Shopee (https://bit.ly/HONORPHShopee), Lazada (https://bit.ly/HONORPHLaz) and TikTok Shop (https://bit.ly/HONORTikTokShop)
Limited-Edition Tanduay Heritage Rum Celebrates Brand’s Tradition of Excellence
Toyota Motor Vietnam selects Synology as Data Management Partner
Kaspersky shares cybersecurity tips for a peaceful getaway during the Holy Week
Ateneo gives PBA guest team fits in 102-93 loss
First in Manila! All immersive experiences lead to SM with its 3D Whale Shark billboard, Space Tunnel, Golden Gateway, dazzling light shows
Up to Date – Pop and viral news, memes, photos, videos, music
