Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Oil & Gas Cybersecurity: Halt Critical Operation Attacks

    March 15, 2022

    The oil and gas utilities industry face threats from cyber incidents. The ransomware attack on the Colonial Pipeline in May 2021 had a huge impact on the industry. In February 2022, it was also reported that European oil facilities hit by cyber-attack and forced to operate at limited capacity. These latest incidents suggest that oil and ...

  • Utility Cybersecurity: Situational Awareness Cuts Risk

    March 14, 2022

    The electric utility industry is one of the most critical infrastructure industries that highly affect people’s lives and economic activities. The power grids connect the systems of power generation, substation, transmission, and distribution over a wide area. They are going modernized and under threat from nation-state attacks. In the US, Biden’s administration took action to protect ...

  • Russian space agency says hacking satellites is an act of war

    March 2, 2022

    Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war, as the country’s space agency director said in a TV interview. Dmitry Rogozin, the current head of the Russian Roscosmos State Space Corporation, added that such attempts would also be considered crimes and investigated by Russia’s law enforcement agencies. “Because disabling the satellite group ...

  • Building cyber secure Railway Infrastructure

    February 28, 2022

    The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive. The report released today is designed to give guidance on building cybersecurity zones and conduits for a railway system. The approach taken is based on the recently ...

  • CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure

    February 18, 2022

    CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical ...

  • Singapore to build quantum-safe network for critical infrastructure trials

    February 17, 2022

    Singapore is aiming to build a quantum-safe network that it hopes will showcase “crypto-agile connectivity” and facilitate trials with both public and private organisations. The initiative also includes a quantum security lab for vulnerability research. The three-year initiative is led by the Quantum Engineering Programme (QEP), with SG$8.5 million ($6.31 million) set aside to fund its ...

  • US Government sets forth Zero Trust architecture strategy and requirements

    February 17, 2022

    To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028 specifically calls for federal agencies and their suppliers “to modernize approach to ...

  • Ukraine: Websites of some banks and ministries are under a cyberattack

    February 15, 2022

    According to local media, hackers are now attacking a number of sites in Ukraine. Several banks and the website of the Ministry of Defense are under DDoS attack. “Ukrainska Pravda” citing sources in the Ukrainian government understands that a powerful DDoS attack affected Privatbank and Oschadbank banks, as well as the Ministry of Defense and the ...

  • Australia: Pezzullo frames Critical Infrastructure Bills as ‘defence’ and ransomware plan as ‘offence’

    February 14, 2022

    At the end of last year, Australia’s Security Legislation Amendment (Critical Infrastructure) Act 2021 became law to give government “last resort” powers to direct an entity when responding to cyber attacks, which included introducing a cyber-incident reporting regime for critical infrastructure assets. Those laws were originally drafted to be wider in scope, with Home Affairs proposing ...

  • Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

    February 11, 2022

    Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution (RCE) as SYSTEM on any unpatched MXview server, researchers warned this week. The five bugs, affecting versions 3.x to 3.2.2, score a collective 10 out of 10 on the CVSS vulnerability-severity scale, according to Claroty’s Team82 research ...

  • Croatian phone carrier data breach impacts 200,000 clients

    February 11, 2022

    Croatian phone carrier ‘A1 Hrvatska’ has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people. The announcement does not provide many details other than that they suffered a cybersecurity incident involving the unauthorized access of one of their user databases, which contained sensitive personal information. The type of information that ...

  • Actinium hacking group is targeting emergency response and security organizations in Ukraine

    February 7, 2022

    Microsoft has detailed recent hacking activity of cyber actors, most likely aligned with the Russian Federal Security Service (FSB), who have targeted Ukraine government, security agencies and aid organizations. Microsoft says the hacking group, which it calls Actinium, has “targeted or compromised accounts” at Ukraine emergency response organizations since October. Actinium hackers also targeted organizations that ...

  • Airport services firm Swissport reports ransomware incident

    February 4, 2022

    Swiss airport management service Swissport reported a ransomware attack affecting its IT systems on Friday. The company said the ransomware attack targeted its IT infrastructure. The group behind the attack was not named. Also: Prosecutors investigating cyberattacks affecting multiple Belgian and Dutch ports “The attack has been largely contained, and we are working actively to fully resolve the ...

  • Oil terminals disrupted after European ports hit by cyberattack

    February 3, 2022

    Port facilities in Belgium, Germany, and the Netherlands have been targeted by a large-scale cyberattack, authorities say. Officials say the hack began several days ago and has primarily disrupted operations at oil terminals, preventing tankers from delivering energy supplies. German judicial authorities say they have launched an investigation into suspected “extortion” of oil operators, amid soaring energy ...