Risky Business #669 -- Finally, an ICS attack that made stuff explode!

<p>On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:</p> <ul> <li>Activists who are totally not Israeli military hackers make Iranian steel mills firebally</li> <li>Chinese APT crews use ransomware to muddy attribution</li> <li>Attackers are now ransoming cloud access</li> <li>Chinese APTs using building control systems for persistence and stealth</li> <li>USA, UK and NZ govts issue PowerShell advice</li> <li>Much, much more</li> </ul> <p>This week’s show is brought to you by Material Security. JJ Agha, CISO at Compass, joins the show to talk about how he’s using it to make phishing triage and automation less traumatic.</p> <p>Links to everything that we discussed are below and you can follow <a href="https://twitter.com/riskybusiness">Patrick</a> or <a href="https://twitter.com/metlstorm">Adam</a> on Twitter if that’s your thing.</p> <div class="panel panel-default"> <div class="panel-heading"> <h3 class="panel-title">Show notes</h3> </div> <div class="panel-body"> <ul> <li><a href="https://www.cyberscoop.com/iran-cyberattack-israel-hacktivist-steel-ics/">Iranian steel facilities suffer apparent cyberattacks</a></li> <li><a href="https://www.bleepingcomputer.com/news/security/automotive-fabric-supplier-tb-kawashima-announces-cyberattack/">Automotive fabric supplier TB Kawashima announces cyberattack</a></li> <li><a href="https://therecord.media/us-arm-of-japanese-automotive-hose-maker-nichirin-pauses-production-after-ransomware-attack/">US arm of Japanese automotive hose maker Nichirin pauses production after ransomware attack - The Record by Recorded Future</a></li> <li><a href="https://www.secureworks.com/research/bronze-starlight-ransom