US-CERT Alert (TA17-293A)

October 23, 2017 | By: Rob McMahon

Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

A joint Technical Alert (TA) has been issued by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) regarding information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors.

DHS assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high value asset owners within the energy sector. 

The threat actors in this ongoing campaign employed a variety of tactics, techniques, and procedures (TTPs) including, but not limited to, industrial control system (ICS) infrastructure targeting. 

Upon gaining access to intended victims, the threat actors conducted reconnaissance operations within the network. Specifically, the threat actors focused on identifying and browsing file servers within the intended victim’s network. The threat actors viewed files pertaining to ICS or Supervisory Control and Data Acquisition (SCADA) systems. Based on DHS analysis of existing compromises, these files were originally named containing ICS vendor names and ICS reference documents pertaining to the organization (e.g., “SCADA WIRING DIAGRAM.pdf” or “SCADA PANEL LAYOUTS.xlsx”).

White Paper - Protecting Our Critical Utilities With Integrated Control Systems

Protecting Your Industrial Internet Of Things - Secure Systems, Networks and Devices Safeguarding Critical Infrastructure Operations

Fact Sheet - Water Sector Security

The Motorola Solutions ACE3600 RTU for mission-critical control systems handles large volumes of data for more complex process automation and monitoring.  Because it is at the edge of your Industrial IoT and controls and manages any number of operational technologies remotely, it is inherently designed with robust security from the start.

Protect all points of entry, limit poitns of vulnerability and prevent attempts to compromise any part of your system and data with these proven security methodologies.

  • Security policy enforcement
  • Firewall
  • Access control
  • Role-based access control
  • Intrusion detection system
  • Application control software (whitelisting)
  • Encryption - FIPS-140-2 certified, 256 bit AES (Advanced Encryption Standard) algorithm
  • Auditing
  • Unused port deactivation
  • Time-window commands
  • Secured programming
You are awesome Marc [Brauer, President, ITS], so glad we found you! I will be more than happy to endorse you and what y'all do!
- Jim Pockrus, Emergency Operations Coordinator, Huntsville-Madison County Emergency Management Agency

Recent Solutions

Satisfying the EPA with SCADA over Radio

Motorola ACE3600 SCADA over Radio providing EPA reporting data for 300+ lift stations using Wonderware InTouch and Wonderware Historian

IV&D Radio Upgrade

Migrating a radio system from analog to IV&D in phases.

IP sites on an RF system

How to integrate IP sites to an existing Analog Radio System.

All Solutions
  • its is an authorized motorola reseller
  • its is a certified wonderware partner

ITS is proud to be an authorized reseller of the best SCADA systems in the industry.

Stay up to date on our SCADA trainings, product offerings and industry trends.