SCADA Mobile Apps are unsafe. In case of a cyber attack, many lives will be in danger
Our cybersecurity team had analyzed SCADA mobile applications from more than 30 companies, discovering security flaws in most of them, some of them can be very dangerous because hackers can use them in targeting industrial processes.
We had documented security flaws since 2015 when a study was conducted over 20 mobile apps used for control ICS hardware and software.
Back then at least one vulnerability had been found in every app, totaling the number to more than 50 vulnerabilities.
At this beginning of the year, we decided to study more SCADA apps again to see how thing changed in the IIoT – Industrial Internet of Things regarding security.
Our experts had randomly selected more than 30 SCADA apps available on the Google Play Store for study. The study targeted security flaws in both local and remote apps that are used by the users to control or monitor various ICS systems.
Local apps are the ones which engineers use in the industrial zone connecting their devices to the equipment like PLCs, RTUs and industrial gateways via Wi-Fi, Serial Connection or Bluetooth.
Remote apps are the ones that allow engineers to supervise, and in some cases control, ICS systems over the Internet.
Our cybersecurity team used all security flaws present in the 2016 OWASP Mobile Top 10 list during the study to discover as many vulnerabilities as they can. Our experts found plenty of them, 152 to be more exact. This leads them to conclude that more than 90% of the apps don’t have security at all for protecting the apps against code tampering.
The other 10% that have this security feature has only the fundamental one that can be overpass easily by malware that is designed to root the infected device before starting the attack.
A tiny number, 7 of them, had secure authorization features that were correctly implemented. Nearly 60% of them didn’t use code obfuscation and other encryption methods for protecting their source code, and this translates in that any hacker can reverse engineer the app if they want to insert malicious code.
The percentage remains the same for the number of apps that failed to secure exported data from the ICS. Neither the communication between apps and ICS system was secured, our experts managing to exploit more than a half of the apps tested.
Looking back at this study our CEO stated: “The way that many companies handle cybersecurity for their apps it is unbelievable. Many of them are insecure in case of a cyber attack placing at risk the whole industrial process that the systems are designed for and in danger the workers that operate them.
Every engineer, as well as every user, must not rely on standard security options that in many cases are weak or inexistent. Instead, they have to install only the best security option like a top antivirus to stay safe!”
Regular users are the most affected by malware this day because most of them do not care about what antivirus they have installed in their systems.
Users can download antivirus developed by our company directly by clicking the download banner from the end of the page.
Our free download antivirus can help users to protect their Mac or Windows devices against malware and adware.
We offer a free antivirus one day license to all our users who want to test the full power of our antivirus solution.
Our antivirus can detect a vast spectrum of threats, from dangerous malware to nasty browsers extensions used for mining the crypto-currency.
The antivirus our company is offered is a certified product of OPSWAT.
Most of the companies don't care about cybersecurity until they suffer a breach.
A healthy company must perform a penetration test from time to time. The penetration test must execute against all the assets of the company, including the workers who are the most vulnerable to the social engineering attacks.
A penetration test can be done either by a security specialist from inside of the company or by hiring an external cyber security company who can take care of everything.
Besides penetration test, a company must have a minimum healthy cybersecurity system installed like antivirus or firewall.
CyberByte company can perform various penetration tests on all the spectrum of PCI/DSS compliance to the red team, perimeter testing, and social engineering.
We also provide services to employee profiling and cyber threat monitoring, since most of the data breaches this day come from the inside of the company.
To check our penetration test services go to the Services tab from the main menu.
Windows users can download free antivirus solution CyberByte by clicking the banner. The free antivirus will help you to know if your PC is infected. Windows free antivirus of CyberByte is an awarded software for malware detection.
Mac / MacOS / OS X users can download free Mac antivirus solution CyberByte by clicking the banner. The free antivirus will help you to know if your Mac is infected. MacOS / OS X free antivirus of CyberByte is an awarded software for malware detection. The free antivirus for Mac is available for new MacOS and older OS X versions.
Features of CyberByte™ antivirus:
- Protects you from all kind of threats
- CyberByte™ custom detection engine includes Mac and Windows malware protection and detection
- Fastest scanning times in the market
- Crypto Mining rogue extensions/malware detection
- Ransomware detection - don’t negotiate with ransomware cyber terrorists – keep your Mac and Windows safe
- Active live protection from background
- Certified Threat Detector by OPSWAT
- Easy to Install
- Easy to Manage
- Incredible value for money
Invisible, protecting you from behind the scenes - You will not feel it is installed on your computer, easy on the resources, like a protection software should be.
Original technology that combines behavioral heuristic analysis with powerful signatures database – the CyberByte™ Protection Engine delivers top of the line protection in an instant.
Fastest scanning times in the market – your time is precious, but also so is your digital life – CyberByte™ delivers fast scanning saving both time and your valuable data.
Don’t negotiate with ransomware cyber terrorists – keep your Mac safe and don’t ever end up paying for what is already yours.
Protect others as well – the CyberByte™ Protection Engine not only detects the threat but stops it from spreading to other Macs or Windows machines.
Don’t let strangers use your resources – more than 80% of the attacks are crypto mining driven. Are you sure your computer is not mining for crypto while you read this text?
Our malware protection will continuously look after your device providing the best security against viruses. Give us the chance to prove it by downloading the antivirus for your device.
CyberByte Antivirus is a certified product by OPSWAT (OPSWAT is a San Francisco-based software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT delivers solutions that provide manageability of endpoints and networks, and that help organizations protect against
zero-day attacks by using multiple antivirus engine scanning and document sanitization.
To learn more about OPSWAT’s innovative and unique solutions, please visit http://www.opswat.com).
CyberByte Antivirus comes in two flavors:
MacOS Version - the free download Mac antivirus available on our website (https://mac.cyberbyte.org)
Windows Version - the free download Windows antivirus available on our website (https://pc.cyberbyte.org)
The procedure is simple:
Just free download antivirus from CyberByte website either for Mac or Windows.
Install it using the antivirus installer package.
Windows and Mac users will free malware scan their devices. The scan duration depends on how many files the end user has.
CyberByte antivirus will show if any files are infected after the scan is finished.