Havex Trojan Emerging Threat for ICS/SCADA
July 02, 2014 | POSTED BY JERALD DAWKINS IN MALWARE, INCIDENT RESPONSE, THREAT INTELLIGENCE
For those in the oil and gas industry or others with any type of SCADA devices (e.g. electric, water, sewer), we have received numerous notifications on the Havex Trojan. To date we have not supported any incidents involving this threat, but TRUE does understand the challenges Industrial Control Systems present to these organizations. The days of "air gap" are of the past.
TRUE's advice on how to mitigate the threat posed by the Havex Trojan (and best practice for ICS networks):
- Minimize network exposure (your attack surface) for all control system devices and/or systems.
- Locate control system networks and devices behind firewalls, and isolate them from traditional business and corporate networks (e.g. email and web surfing).
- When remote access is required, use secure methods. These methods should be regularly audited and strictly controlled.
International Business Times Article: Russian Hackers Target Hundreds of Western Energy Companies