Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.
With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.
- NATO and European Union leadership sign third joint declaration
January 10, 2023
NATO Secretary General Jens Stoltenberg, the President of the European Council, Charles Michel, and the President of the European Commission, Ursula von der Leyen, met on Tuesday (10 January 2023) at NATO Headquarters to sign the third Joint Declaration on NATO-European Union cooperation. Speaking at a joint press conference, Mr Stoltenberg said: “we are determined to ...
- New York Adopts Law Protecting Power Grid from Cyber Attacks
January 4, 2023
New York Gov. Kathy Hochul signed legislation to create cybersecurity protections for the state’s energy grid. The legislation (designated A.3904B/S.5579A) will require utilities to prepare for cyberattacks in their annual emergency response plans, just as they would for storm or other hazards. The new protections also give the Public Service Commission enhanced auditing powers to ensure ...
- Ontario: Children’s Hospital Expects Weekslong Ransomware Recovery
December 28, 2022
Nearly a week after a ransomware attack forced a network shutdown at Toronto’s Hospital for Sick Children, patients are still experiencing delays in treatment and diagnostic procedures. The hospital says it has restored some systems, phones and websites, but the recovery process could take weeks. Hackers targeted the hospital’s network on Dec. 19, forcing it to ...
- Hackers stole data from multiple electric utilities in recent ransomware attack
December 27, 2022
Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators ...
- After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices
December 22, 2022
A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said. EPM, one of Colombia’s largest public energy, water, and gas providers suffered from a ransomware attack reported on ...
- CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
December 19, 2022
At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the investigation, experts found that two 0-day vulnerabilities in Microsoft Exchange Server were used in the attack. The first one, later identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability that allows an authenticated attacker to ...
- Australia: Fire Rescue Victoria confirms cyber attack from ‘external third party’ as outage continues
December 16, 2022
Fire Rescue Victoria has confirmed it has been the victim of a cyber attack as it continues to deal with a widespread IT outage. FRV revealed on Thursday it was having to alert firefighters to emergencies by mobile phone and radio because of an outage affecting its computer dispatch system. The service said preliminary investigations had ...
- Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs
December 15, 2022
An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint. Over the past two years, the threat actor group that ...
- Cyber Signals: Risks to critical infrastructure on the rise
December 14, 2022
Today, the third edition of Cyber Signals was released spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. In this edition, we share new insights on wider risks that converging IT, Internet of Things (IoT), and operational technology (OT) systems pose to critical infrastructure. Cyber Signals presents ...