Category: Industry News

Dragos Inc., the global leader in cybersecurity for operational technology (OT) environments, today released its sixth annual Dragos OT Cybersecurity Year in Review report, the most comprehensive report on cyber threats facing industrial organizations. The report named the emergence of three new threat groups, including VOLTZITE linked to Volt Typhoon, and found that ransomware continued to be the most reported cyber threat among industrial organizations with a nearly 50% increase in reported incidents. 2023 also saw the first time a hacktivist group achieved Stage 2 of the ICS Cyber Kill Chain.

“OT cyber threats reached a tipping point in 2023,” said Robert M. Lee, co-founder and CEO of Dragos. “Industrial and critical infrastructure has been moving away from highly customized facilities to ones that—for good economic and productivity reasons—share the same industrial devices, technologies, and facility designs across sites and sectors. Unfortunately, adversaries are now leveraging these homogenous infrastructures to scale attacks. They also target weaknesses in environments that pushed digital transformation without adequate cybersecurity measures. These factors contributed to an environment in 2023 in which organizations were challenged with a range of threats, including increasingly sophisticated state actors, hacktivists praying on pervasive security weaknesses, and a growing barrage of ransomware attacks.”

“There were positive developments for OT cybersecurity too,” continued Lee. “We saw vendors, governments, and the community collaborate to enable a unified, risk-based response to threats, as was the case with the ControlLogix vulnerabilities disclosed by Rockwell Automation. We observed that more devices and protocols are incorporating authentication. And we at Dragos experienced triple the number of organizations conducting tabletop exercises, including a 350% increase at the board and executive level, to test and strengthen their OT security strategies.”

Details of the 2023 Year in Review:

• Dragos identified three new OT Threat Groups—VOLTZITE, GANANITE, and LAURIONITE. With these additions, Dragos analysts now track 21 Threat Groups worldwide that have been observed as being engaged in OT operations in 2023.
  • VOLTZITE targets electric power generation, transmission and distribution and has been observed targeting research, technology, defense industrial bases, satellite services, telecommunications, and educational organizations. The group overlaps with Volt Typhoon, a group that the U.S. government has publicly linked to the People’s Republic of China. The group’s threat activities include living off the land (LOTL) techniques, prolonged surveillance, and data gathering aligned with Volt Typhoon’s assessed objectives of reconnaissance and gaining geopolitical advantage in the Asia-Pacific region. They have traditionally targeted U.S.-based facilities, but also have been seen targeting organizations in Africa and Southeast Asia.
  • GANANITE targets critical infrastructure and government entities in the Commonwealth of Independent States and Central Asian nations. The group leverages publicly available proof of concept (POC) exploits for internet-exposed endpoints and focuses on espionage and data theft.
  • LAURIONITE targets and exploits Oracle E-Business Suite iSupplier web services and assets across aviation, automotive, and manufacturing industries. The group utilizes a combination of open-source offensive security tooling and public proof of concepts to aid in their exploitation of common vulnerabilities.
• Geopolitical conflicts drove threat activity with regional and global kinetic events overlapping with OT cybersecurity threats. The Ukraine-Russia conflict prompted more mature threat groups, such as ELECTRUM, to increase activity, while tensions between China and Taiwan contributed to increased targeted cyber espionage attacks against industrial organizations in the Asia-Pacific region and the United States. ​
• Hacktivists for the first timeachieved Stage 2 of the ICS Cyber Kill Chain, when CyberAv3ngers attacked programmable logic controllers (PLCs) used by water utilities across North America and Europe with an anti-Israel message. While hacktivist groups typically conduct distributed denial of service (DDoS) attacks with minimal impact, this attack demonstrated the ability to disrupt OT systems by using unsophisticated methods with weak security controls. Other active hacktivist groups included CyberArmyofRussia_Reborn, NoName057(16), Anonymous Sudan, and Team Insane Pakistan.
• Ransomware remains the number one attack in the industrial sector increasing 50% from 2022. Lockbit caused 25% of total industrial ransomware attacks, with ALPHV and BlackBasta accounting for 9% each. Manufacturing continues to be the primary target of ransomware and accounted for 71% of all ransomware attacks. The majority of ransomware attacks impacted organizations in North America with 44% of incidents, followed by Europe at 32%. Dragos tracked 50 ransomware variants in 2023, a 28% increase over last year.
• The number of vulnerabilities that require authentication to exploit is rising, pointing to a positive trend for OT defenders. In 2023, 34% of CVEs required some authentication compared to 25% of CVEs in 2020. On the other hand, of the 2010 vulnerabilities impacting industrial environments disclosed last year, 14% contained erroneous information for prioritizing risks in ICS/OT.
• Front Line Perspectives: Based on data gathered from annual customer service engagements conducted by Dragos’s cybersecurity experts in the field across the range of industrial sectors, the top challenges industrial organizations need to address are:
  • Lack of Sufficient Security Controls: 28% of service engagements involved issues with improper network segmentation or improperly configured firewalls.
  • Improper Network Segmentation: Approximately 70% of OT-related incidents originated from within the IT environment.
  • Lack of Separate IT & OT User Management: 17% of organizations had a shared domain architecture between their IT and OT systems, the most common method of lateral movement and privilege escalation.
  • External Connections to the ICS Environment: Dragos observed four threat groups exploiting public-facing devices and external services and issued findings related to externally facing networks such as the internet in 20% of engagement reports.

NATO announced its largest military exercises in years will begin next week – the last week in January. 90,000 personnel are set to participate in drills over several months. The drills are targeted at showing alliance forces can defend all of its territory right up to the border of Russia, according to NATO officials.

NATO has been reinforcing security on its eastern limits with Russia and Ukraine. This exercise is the largest of its kind since the Cold War. These war games are meant to deter Russia from Targeting member countries.

Sentar announced that it has been awarded a Small Business Innovation Research (SBIR) contract by the Defense Logistics Agency (DLA). This contract will enable Sentar to integrate cyber attack protection technology into Digital Twin architectures to enhance operational resiliency and protect against emerging cyber threats in operational technology (OT) systems.

Under the SBIR Phase I Proof of Concept, Sentar will leverage its expertise in cybersecurity and innovative technologies to analyze, map, and predict cyber attacks against the Digital Twin of a small manufacturing system. By utilizing synthetic data on potential cyberattack vectors, Sentar aims to identify and counter cyberattacks at the intrusion detection layer before they can infiltrate the OT system. This groundbreaking approach will enable DLA to proactively defend against known and unknown vulnerabilities, ensuring the protection of critical network infrastructure, systems, and data.

“We are honored to be selected by the Defense Logistics Agency for this important SBIR contract,” said Gary Mayes, Senior Director of Research and Development at Sentar. “Integrating our cyber attack analysis and prediction technology into Digital Twin architectures will provide a new level of awareness and protection for operational technology systems, safeguarding them from malicious cyber actors and potential damage.”

Sentar says it is committed to delivering innovative solutions that address the evolving cybersecurity challenges faced by government agencies and organizations. With a strong track record of providing cutting-edge cybersecurity products and services, Sentar is well-positioned to support DLA’s mission of protecting operational technology systems from harmful cyber infiltrations.

The work will be performed in Huntsville, Alabama starting immediately.

A “huge risk of terrorist attacks” during the Christmas holiday period has been mentioned by a senior EU official. The increased risk is due to the war between Israel and the Palestinian militant group Hamas, the European Union’s home affairs commissioner, Ylva Johansson warned in early December.

The warning came after a fatal weekend attack near the Eiffel Tower in Paris. In spite of questions about the mental health of the suspect, it was stated that the perpetrator swore allegiance to the extremist Islamic State group before stabbing a tourist to death. Two others were injured with a hammer with a hammer.

“With the war between Israel and Hamas, and the polarization it causes in our society, with the upcoming holiday season, there is a huge risk of terrorist attacks in the European Union,” EU Home Affairs Commissioner Ylva Johansson told reporters.

“We saw (it happening) recently in Paris, unfortunately we have seen it earlier as well,” she said, at a gathering of EU interior ministers in Brussels. She provided no details about any police or security information that might have led to that warning.

Tomorrow, Sept. 12, 2023, FEMA Administrator Deanne Criswell and TSA Administrator David Pekoske will hold a press event at Reagan National Airport (DCA) to announce their partnership and combined efforts during National Preparedness Month, including a new Public Service Announcement. At DCA, both leaders will issue a call to action to all travelers ahead of what will be another busy holiday travel season.

National Preparedness Month takes place every September, and during this month-long campaign, FEMA and its partners emphasize the importance of being ready when a disaster strikes, or when other emergencies occur. Every traveler who passes through TSA’s airport security checkpoints has been impacted by a weather or other emergency event. FEMA and TSA will announce steps they are taking to prepare and how travelers can prepare as well.

Retired Lt. Gen. Todd Semonite, former Chief of Engineers and Commanding General of the U.S. Army Corps of Engineers (USACE), is the recipient of the Society of American Military Engineers (SAME) 2023 Golden Eagle Award for National Security.

SAME presented the prestigious award on May 4 to Semonite, president of Federal Programs at WSP USA, a leading engineering, environment and professional services consultancy, during the organization’s annual Joint Engineer Training Conference in San Antonio. The award cites his leadership role in ensuring Americans had reliable access to healthcare facilities during the COVID pandemic in 2020.

In addition, Semonite was announced as one of 26 members newly invested into SAME’s Fellows Academy, which formally acknowledges distinguished individuals for their dedication to SAME and the architecture/engineering/construction profession.

“I am very honored to receive this Golden Eagle award, but it’s not just about me. It’s also about all of the men and women whom I’ve had the pleasure to work with in my career,” Semonite said. “I was in the Army for 41 years and the mission was always about ‘How are we going to take care of America?’ So, whether you’re building barracks or an airfield, supporting soldiers overseas, or directing emergency response operations following a major disaster mission accomplishment is what we do best. The military ethic enabled us to pull people together to find solutions and get things done.”

As USACE Commanding General, Semonite advised the Secretary of the Army on general, combat and geospatial engineering; construction, real property, public infrastructure; and natural resources science and management. He also oversaw 36,000 civilian employees, 800 military personnel, and managed a $68 billion project portfolio.

Semonite was leading USACE in February 2020 when the U.S. was on the brink of the COVID pandemic. USACE stepped up to build temporary “alternative care” facilities (field hospitals) in locations around the country, where needed.

Working along with the Federal Emergency Management Agency, the goal was to support local capacity for inpatient and outpatient healthcare services, at a time when many regions were overwhelmed with demand from COVID. After talking with hundreds of governors and mayors, USACE completed 1,100 assessments nationwide and, of those, they designed and built about 70 needed facilities in record time. The first was New York City’s Javits Center. Other converted facilities included sports arenas, hotels, dormitories and vacant hospitals. The result was the creation of over 30,000 additional bed spaces nationwide.

“We, as engineers, filled a void when our nation needed someone to step up,” Semonite said. “While it was never in my mandate, as the head of the USACE, to think about how to solve COVID, there was a problem and somebody had to figure out how to address it. So, we worked together with healthcare professionals, the engineering staff, as well as the industry side, to put these massive facilities together in record time.”

As Chief of Engineers in 2017, Semonite managed USACE’s emergency response operations for three major storms:  Hurricane Harvey in Texas; Hurricane Irma, which struck the U.S. Virgin Islands and Florida; and Hurricane Maria in Puerto Rico, where he directed rebuilding efforts for three grids, as part of over $1 billion in infrastructure repairs that included installing more than 66,000 power poles. In 2012, as Division Commander of the USACE South Atlantic Division, he coordinated the response to Hurricane Sandy in the Southeast after the devastating storm struck the U.S. East Coast and caused nearly $70 billion in damage.

“I’ve been unbelievably blessed to have a lot of people in my life who have made me successful,” Semonite said. “This is my opportunity to thank the thousands of mentors, peers, soldiers and civilians who have supported me throughout my career and pay that back, by thanking them for that success. I also want to thank my wife Connie, my kids, and my 10 grandchildren for their support.”

A licensed professional engineer in New York, Virginia and Vermont, he has a bachelor’s degree in civil engineering from the U.S. Military Academy at West Point, New York. He also holds a master’s in civil engineering from the University of Vermont, as well as a master’s in military arts from Fort Leavenworth.

His military awards include the three Distinguished Service Medals, the Defense Superior Service Award, five Legion of Merit awards, the Bronze star, the Ranger tab and the Parachutist badge. 

WSP Global announced that it has completed its previously announced acquisition of Lausanne-based BG Bonnard & Gardel, one of Switzerland’s leading engineering consulting firms, following the unanimous approval of BG’s shareholders.

With some 700 professionals based primarily in Switzerland and France, as well as a minor presence in Portugal and Italy, BG offers consulting, engineering, and project management services in the infrastructure, building, water, environment, and energy sectors. In line with WSP’s Global Strategic Action Plan, the acquisition of BG reinforces WSP’s foothold in Europe while increasing its Swiss workforce fourfold to over 600 professionals and almost doubling its staff in France.

“We are thrilled to begin 2023 by welcoming BG’s highly skilled professionals to the WSP family. Together, we have a great opportunity to further strengthen our European business, thanks to our increased presence in Switzerland and France and our enhanced offering to clients in our core markets, as well as in key fast-growing sectors, including Environment, Renewable Energy, and Water,” said Alexandre L’Heureux, WSP’s President and CEO. “I am also very pleased to welcome Pierre Epars, BG’s current CEO, as WSP’s new CEO for the Western European region.”

“It is an exciting time for BG’s professionals to join WSP’s growing European business,” said Mark Naysmith, WSP’s CEO for the UK, Europe, the Middle East, and Africa. “Our goal will be to create strong, long-lasting relationships with our clients by providing the best mix of value and services as their number-one choice.”

“We are delighted to officially join WSP and to continue our work as part of a larger organization dedicated to serving people and the environment,” said Pierre Epars, BG’s CEO. “As I take up my new role, I am honored to have this opportunity to help grow WSP’s business in Western Europe. I am convinced we will accomplish great things by joining forces.”

The U.S. Department of Transportation (USDOT) is now accepting proposals for funding from its Small Business Innovation Research (SBIR) program. The SBIR Program awards contracts to small businesses across the country to spur research and commercialization of innovative transportation technologies in select research areas. The current SBIR Solicitation provides funding ranging from $150,000 to $200,000 for ten Phase I research topics.

“Small businesses are essential to our economy, and this program plays an important role in advancing America’s economic competitiveness by supporting domestic small businesses while stimulating technological innovation that can improve our transportation systems and lead to further economic growth,” said Deputy Assistant Secretary for Research and Technology Dr. Robert C. Hampshire.  

The SBIR program supports investments in transportation that improve the safety, sustainability, and resilience of the Nation’s transportation assets, and provides opportunities for small businesses to explore innovative technologies.

The research topics selected for this year’s SBIR Solicitation address a variety of needs regarding advanced materials and structures; behavioral safety; and the safe transport of materials. Awards will be funded for projects in the following research areas:

Federal Highway Administration

• Addressing Stormwater Runoff with a Self-Contained Portable Treatment System 
• Traffic Monitoring and In Situ Information Processing

Federal Railroad Administration

• Concrete Crosstie Inspection Technology 
• Novel Design for Passenger Railcar Glazing Securement 

National Highway Traffic Safety Administration

• Child Presence Detection CO2 Release Test Device 
• Immersive Virtual Reality Training on Impaired Driving for Law Enforcement

Pipeline and Hazardous Materials Safety Administration

• Bioremediation for Hazardous Material Spills
• Integrated RFID Trackers and Sensors for Hazardous Material Communication in Transportation
• Portable State-of-Charge Sensor for Lithium Batteries
• Wearable PPE-integrated Sensors for First Responders

A full list of past years’ awardees is available here.  A pre-offer webinar for small business concerns (SBCs) interested in applying to the DOT SBIR FY 2023 solicitation will be held on Thursday, February 9, 2023, at 1:00 PM ET. Registration information for the webinar and more program information can be found on the DOT SBIR website.