Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • State Department creates bureau to reduce ‘likelihood of cyber conflict’

    January 11, 2021

    Secretary of State Mike Pompeo announced on Thursday the creation of a new bureau inside the US Department of State dedicated to addressing cybersecurity as part of the US’ foreign policy and diplomatic efforts. The new bureau will be named the Bureau of Cyberspace Security and Emerging Technologies (CSET). “The CSET bureau will lead US government diplomatic ...

  • Sunburst backdoor – code overlaps with Kazuar

    January 11, 2021

    On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named “Dark Halo”. FireEye did not link this activity to any known actor; instead, ...

  • Capitol attack’s cybersecurity fallout: Stolen laptops, lost data and possible espionage

    January 11, 2021

    When hostile actors penetrated the Capitol Building on January 6, they gained access to individual chambers and offices and remained at large within the Capitol complex for well over two hours. We have reports that items were stolen. One report comes from acting US Attorney for DC, Michael Sherwin, who stated “items, electronic items were stolen ...

  • United Nations data breach exposed over 100k UNEP staff records

    January 11, 2021

    Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP). The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated with over ...

  • UK: Fake NHS text asks for bank details in return for coronavirus vaccine

    January 8, 2021

    People are being warned about a fake NHS text which is demanding bank details from people waiting for a coronavirus vaccine. Liverpool City Council said in a “scam alert” that the message had been “circulating”, advising people they were eligible for a COVID-19 jab. The National Police Chiefs’ Council (NPCC) also tweeted a warning, reminding those waiting ...

  • Investigation launched into vulnerabilities found within US Judiciary case file system

    January 8, 2021

    The United States Judiciary has announced an audit into its systems, following concerns its case file system has been compromised. In making the announcement, the Judiciary said the Administrative Office of the US Courts was working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary’s Case Management/Electronic Case Files ...

  • North Korean hackers launch RokRat Trojan in campaigns against the South

    January 7, 2021

    A North Korean hacking group is utilizing the RokRat Trojan in a fresh wave of campaigns against the South Korean government. The Remote Access Trojan (RAT) has been connected to attacks based on the exploit of a Korean language word processor commonly used in South Korea for several years; specifically, the compromise of Hangul Office documents ...

  • CISA Update: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

    January 6, 2021

    The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat ...

  • Disgruntled Former Employee Disrupted Shipments of Needed PPE During Pandemic

    January 6, 2021

    When the COVID-19 pandemic reached the United States last spring, a Georgia-based medical equipment packaging company worked to get personal protective equipment (PPE) to medical workers treating sick patients. But a disgruntled former employee thwarted those efforts at a time when protective equipment was desperately needed. Christopher Dobbins, a vice-president in the company who’d been fired a ...

  • JetBrains denies being involved in SolarWinds hack

    January 6, 2021

    Czech software development firm JetBrains published a statement today denying reports from the New York Times and the Wall Street Journal claiming that JetBrains is under investigation for possibly being involved in the SolarWinds hack that impacted thousands of companies across the globe. The reports, citing government sources, said that US officials are looking at a ...

  • Cyberattacks on Healthcare Spike 45% Since November

    January 5, 2021

    As COVID-19 ravages international healthcare systems, cybercriminals have decided to leverage the increasingly dire circumstances to squeeze a few bucks out of the human suffering. According to new findings from Check Point Software, healthcare organizations have seen a 45-percent increase in cyberattacks since November, which is more than double other industry sectors, which a average 22-percent ...

  • US government formally blames Russia for SolarWinds hack

    January 5, 2021

    Four US cyber-security agencies, including the FBI, CISA, ODNI, and the NSA, have released a joint statement today formally accusing the Russian government of orchestrating the SolarWinds supply chain attack. US officials said that “an Advanced Persistent Threat (APT) actor, likely Russian in origin” was responsible for the SolarWinds hack, which officials described as “an intelligence ...

  • Italian mobile operator offers to replace SIM cards after massive data breach

    January 5, 2021

    Ho Mobile, an Italian mobile operator, owned by Vodafone, has confirmed a massive data breach on Monday and is now taking the rare step of offering to replace the SIM cards of all affected customers. The breach is believed to have impacted roughly 2.5 million customers. It first came to light last month on December 28 when ...

  • Singapore police had used COVID-19 contact tracing data in murder probe

    January 5, 2021

    The Singapore government has defended its decision to allow the police to access the country’s COVID-19 contact tracing data when necessary, in order to safeguard public safety and interest. It reveals that data collected via the TraceTogether platform already has been tapped at least once to assist in a homicide investigation. Its defence came a day ...

  • Japanese Aerospace Firm Kawasaki Warns of Data Breach

    December 29, 2020

    Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company’s data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas office in Thailand, on June 11, 2020. After terminating that access, the company ...

  • The future of cyberconflicts

    December 21, 2020

    The ever-increasing role of technology in every aspect of our society has turned cybersecurity into a major sovereignty issue for all states. Due to their asymmetrical nature, offensive cyber-capabilities have been embraced by many countries that wouldn’t otherwise have the resources to compete on a military or economic level with the most powerful nations of ...

  • Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

    December 18, 2020

    Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to expect many more victims to come to light as investigations continue. Adversaries were able to use SolarWinds’ Orion network management platform to infect users with a stealth ...

  • Suspected Russian hackers spied on U.S. Treasury emails – sources

    December 13, 2020

    Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg. The hack is so serious it led to a National Security Council meeting at ...

  • Australia’s critical infrastructure definition to span communications, data storage, space

    November 9, 2020

    The federal government on Monday published an exposure draft on the Security Legislation Amendment (Critical Infrastructure) Bill 2020. It seeks to amend the Security of Critical Infrastructure Act 2018 to implement “an enhanced framework to uplift the security and resilience of Australia’s critical infrastructure”. The Australian government’s Critical Infrastructure Resilience Strategy currently defines critical infrastructure as: ...

  • US Treasury sanctions Russian research institute behind Triton malware

    October 23, 2020

    The US Treasury Department announced sanctions today against a Russian research institute for its role in developing Triton, a malware strain designed to attack industrial equipment. Sanctions were levied today against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (also known as CNIIHM or TsNIIKhM). A FireEye report ...

  • CISA says a hacker breached a federal agency

    September 24, 2020

    A hacker has gained access and exfiltrated data from a federal agency, the Cybersecurity and Infrastructure Security Agency (CISA) said on Thursday. The name of the hacked federal agency, the date of the intrusion, or any details about the intruder, such as an industry codename or state affiliation, were not disclosed. CISA officials revealed the hack after ...

  • Critical Industrial Flaws Pose Patching Headache For Manufacturers

    September 23, 2020

    While patch management already presents challenges for enterprises, it’s even more of a headache for manufacturers and other industrial firms – who may even need to shut down entire factory operations in order to apply fixes. Sharon Brizinov, the principal vulnerability researcher with Claroty, has discovered and reported various security flaws in industrial control systems (ICS), ...

  • CISA warns of notable increase in LokiBot malware

    September 22, 2020

    The US government’s cyber-security agency has issued a security advisory today warning federal agencies and the private sector about “a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020.” The Cybersecurity and Infrastructure Security Agency (CISA) said that its in-house security platform (the EINSTEIN Intrusion Detection System) has detected persistent ...