With the rise of attacks against critical infrastructure, SCADA environments, and industrial control systems, security practitioners must leverage digital forensics in increasingly complex ways. By collecting, aggregating, and analyzing forensics data, breaches and attacks are able to be discovered and remediated. However, there exists a significant gap in the complexity, generality, and versatility of forensics tools, techniques, and methodologies for SCADA environments compared to the realm of IT-based forensics.

Key events H2 2018:

• APT attack by the Leafminer group
• New GreyEnergy malware
• The Sharpshooter campaign
• MuddyWater
• Cloud Hopper
• Shamoon v.3
• Ransomware and Phishing attacks

On March 19 2019 Norsk Hydro, one of the world’s largest aluminum producers revealed that ransomware had been used in an attack against them. The Norwegian firm was attacked on March 18 and production processes at a number of facilities in Norway, Qatar, Brazil and other countries were affected.

Unternehmen können anhand des Leitfadens ihre Schwachstellen erkennen und mit Unterstützung des BVT Maßnahmen ergreifen, um ihren Schutz zu verbessern.

The rogue code can disable safety systems designed to prevent catastrophic industrial accidents. It was discovered in the Middle East, but the hackers behind it are now targeting companies in North America and other parts of the world, too.