Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Ontario: Children’s Hospital Expects Weekslong Ransomware Recovery

    December 28, 2022

    Nearly a week after a ransomware attack forced a network shutdown at Toronto’s Hospital for Sick Children, patients are still experiencing delays in treatment and diagnostic procedures. The hospital says it has restored some systems, phones and websites, but the recovery process could take weeks. Hackers targeted the hospital’s network on Dec. 19, forcing it to ...

  • Hackers stole data from multiple electric utilities in recent ransomware attack

    December 27, 2022

    Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators ...

  • After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices

    December 22, 2022

    A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said. EPM, one of Colombia’s largest public energy, water, and gas providers suffered from a ransomware attack reported on ...

  • CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

    December 19, 2022

    At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the investigation, experts found that two 0-day vulnerabilities in Microsoft Exchange Server were used in the attack. The first one, later identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability that allows an authenticated attacker to ...

  • Australia: Fire Rescue Victoria confirms cyber attack from ‘external third party’ as outage continues

    December 16, 2022

    Fire Rescue Victoria has confirmed it has been the victim of a cyber attack as it continues to deal with a widespread IT outage. FRV revealed on Thursday it was having to alert firefighters to emergencies by mobile phone and radio because of an outage affecting its computer dispatch system. The service said preliminary investigations had ...

  • Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs

    December 15, 2022

    An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint. Over the past two years, the threat actor group that ...

  • Cyber Signals: Risks to critical infrastructure on the rise

    December 14, 2022

    Today, the third edition of Cyber Signals was released spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. In this edition, we share new insights on wider risks that converging IT, Internet of Things (IoT), and operational technology (OT) systems pose to critical infrastructure. Cyber Signals presents ...

  • Ransomware hits city of Antwerp

    December 6, 2022

    Cybercriminals infected the city’s IT systems with ransomware. Residents are unable to make appointments for public affairs. Antwerp’s police and museums are partially offline. The attack took place on the night of December 5-6. A city spokesperson told De Standaard that ransomware was found on several systems. The identity of the attacker(s) is unknown at the ...

  • French hospital cancels operations after cyberattack

    December 5, 2022

    A hospital complex in Versailles, near Paris, had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France’s health ministry said. The Hospital Centre of Versailles – which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home – was affected by the hacking attempt, said the complex’s ...