Today is the last day of National Cyber Security Awareness Month (NCSAM).

us cert

We thought that the October 29, 2014, alert from ICS-CERT about the vulnerabilities of the US infrastructure highlighted both the complexity and simplicity of the problem.

In Alert ICS-ALERT-14-281-01A ICS-CERT warns:

ICS-CERT has identified a sophisticated malware campaign that has compromised numerous industrial control systems (ICSs) environments using a variant of the BlackEnergy malware. Analysis indicates that this campaign has been ongoing since at least 2011. Multiple companies working with ICS-CERT have identified the malware on Internet-connected human-machine interfaces (HMIs).

How is this sophisticated malware introduced into industrial control systems? It is simple — deceive email recipients. GE, a maker of industrial control systems, in their October 28, 2014, Product Security Advisory tells us:

Among the attack vectors, adversaries may engage in phishing campaigns, leverage known and 0-day vulnerabilities and target vulnerable ICS, SCADA and HMI systems routable through public networks.

Phishing targets the users with deceptive emails.  Our mission at Iconix is to fight deceptive emails.