- Italy’s state railway may have been target of cyber attack
March 23, 2022
Italian railway company Ferrovie dello Stato Italiane (FS) said on Wednesday it had temporarily halted some ticket sale services as it feared they had been targeted by a cyber attack.
“Since this morning, elements that could be linked to a cryptolocker infection have been detected on the computer network of Trenitalia and RFI,” the company said ...
- Britain, U.S. warn of satellite communications risks after Ukraine hack
March 18, 2022
Britain and the United States have warned organisations of the risks associated with using satellite communications following a cyberattack on satellite internet modems as Russia invaded Ukraine.
Western intelligence agencies have been investigating the attack which disrupted broadband satellite internet access provided by U.S. telecommunications firm Viasat, Reuters reported last week.
“It’s certainly something we’re investigating quite ...
- CISA: Strengthening Cybersecurity of SATCOM Network Providers and Customers
March 17, 2022
CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments.
In response, CISA and FBI have published joint Cybersecurity Advisory (CSA) Strengthening Cybersecurity of SATCOM Network Providers and Customers, which provides ...
- Oil & Gas Cybersecurity: Halt Critical Operation Attacks
March 15, 2022
The oil and gas utilities industry face threats from cyber incidents. The ransomware attack on the Colonial Pipeline in May 2021 had a huge impact on the industry. In February 2022, it was also reported that European oil facilities hit by cyber-attack and forced to operate at limited capacity.
These latest incidents suggest that oil and ...
- Utility Cybersecurity: Situational Awareness Cuts Risk
March 14, 2022
The electric utility industry is one of the most critical infrastructure industries that highly affect people’s lives and economic activities. The power grids connect the systems of power generation, substation, transmission, and distribution over a wide area. They are going modernized and under threat from nation-state attacks.
In the US, Biden’s administration took action to protect ...
- Russian space agency says hacking satellites is an act of war
March 2, 2022
Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war, as the country’s space agency director said in a TV interview.
Dmitry Rogozin, the current head of the Russian Roscosmos State Space Corporation, added that such attempts would also be considered crimes and investigated by Russia’s law enforcement agencies.
“Because disabling the satellite group ...
- Building cyber secure Railway Infrastructure
February 28, 2022
The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive.
The report released today is designed to give guidance on building cybersecurity zones and conduits for a railway system.
The approach taken is based on the recently ...
- CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure
February 18, 2022
CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical ...
- Singapore to build quantum-safe network for critical infrastructure trials
February 17, 2022
Singapore is aiming to build a quantum-safe network that it hopes will showcase “crypto-agile connectivity” and facilitate trials with both public and private organisations. The initiative also includes a quantum security lab for vulnerability research.
The three-year initiative is led by the Quantum Engineering Programme (QEP), with SG$8.5 million ($6.31 million) set aside to fund its ...
- US Government sets forth Zero Trust architecture strategy and requirements
February 17, 2022
To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028 specifically calls for federal agencies and their suppliers “to modernize approach to ...
- Ukraine: Websites of some banks and ministries are under a cyberattack
February 15, 2022
According to local media, hackers are now attacking a number of sites in Ukraine. Several banks and the website of the Ministry of Defense are under DDoS attack.
“Ukrainska Pravda” citing sources in the Ukrainian government understands that a powerful DDoS attack affected Privatbank and Oschadbank banks, as well as the Ministry of Defense and the ...
- Australia: Pezzullo frames Critical Infrastructure Bills as ‘defence’ and ransomware plan as ‘offence’
February 14, 2022
At the end of last year, Australia’s Security Legislation Amendment (Critical Infrastructure) Act 2021 became law to give government “last resort” powers to direct an entity when responding to cyber attacks, which included introducing a cyber-incident reporting regime for critical infrastructure assets.
Those laws were originally drafted to be wider in scope, with Home Affairs proposing ...
- Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
February 11, 2022
Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution (RCE) as SYSTEM on any unpatched MXview server, researchers warned this week.
The five bugs, affecting versions 3.x to 3.2.2, score a collective 10 out of 10 on the CVSS vulnerability-severity scale, according to Claroty’s Team82 research ...
- Croatian phone carrier data breach impacts 200,000 clients
February 11, 2022
Croatian phone carrier ‘A1 Hrvatska’ has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people.
The announcement does not provide many details other than that they suffered a cybersecurity incident involving the unauthorized access of one of their user databases, which contained sensitive personal information.
The type of information that ...