- Oil & Gas Cybersecurity: Halt Critical Operation Attacks
March 15, 2022
The oil and gas utilities industry face threats from cyber incidents. The ransomware attack on the Colonial Pipeline in May 2021 had a huge impact on the industry. In February 2022, it was also reported that European oil facilities hit by cyber-attack and forced to operate at limited capacity.
These latest incidents suggest that oil and ...
- Utility Cybersecurity: Situational Awareness Cuts Risk
March 14, 2022
The electric utility industry is one of the most critical infrastructure industries that highly affect people’s lives and economic activities. The power grids connect the systems of power generation, substation, transmission, and distribution over a wide area. They are going modernized and under threat from nation-state attacks.
In the US, Biden’s administration took action to protect ...
- Russian space agency says hacking satellites is an act of war
March 2, 2022
Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war, as the country’s space agency director said in a TV interview.
Dmitry Rogozin, the current head of the Russian Roscosmos State Space Corporation, added that such attempts would also be considered crimes and investigated by Russia’s law enforcement agencies.
“Because disabling the satellite group ...
- Building cyber secure Railway Infrastructure
February 28, 2022
The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive.
The report released today is designed to give guidance on building cybersecurity zones and conduits for a railway system.
The approach taken is based on the recently ...
- CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure
February 18, 2022
CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical ...
- Singapore to build quantum-safe network for critical infrastructure trials
February 17, 2022
Singapore is aiming to build a quantum-safe network that it hopes will showcase “crypto-agile connectivity” and facilitate trials with both public and private organisations. The initiative also includes a quantum security lab for vulnerability research.
The three-year initiative is led by the Quantum Engineering Programme (QEP), with SG$8.5 million ($6.31 million) set aside to fund its ...
- US Government sets forth Zero Trust architecture strategy and requirements
February 17, 2022
To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028 specifically calls for federal agencies and their suppliers “to modernize approach to ...
- Ukraine: Websites of some banks and ministries are under a cyberattack
February 15, 2022
According to local media, hackers are now attacking a number of sites in Ukraine. Several banks and the website of the Ministry of Defense are under DDoS attack.
“Ukrainska Pravda” citing sources in the Ukrainian government understands that a powerful DDoS attack affected Privatbank and Oschadbank banks, as well as the Ministry of Defense and the ...
- Australia: Pezzullo frames Critical Infrastructure Bills as ‘defence’ and ransomware plan as ‘offence’
February 14, 2022
At the end of last year, Australia’s Security Legislation Amendment (Critical Infrastructure) Act 2021 became law to give government “last resort” powers to direct an entity when responding to cyber attacks, which included introducing a cyber-incident reporting regime for critical infrastructure assets.
Those laws were originally drafted to be wider in scope, with Home Affairs proposing ...
- Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
February 11, 2022
Critical security vulnerabilities in Moxa’s MXview web-based network management system open the door to an unauthenticated remote code execution (RCE) as SYSTEM on any unpatched MXview server, researchers warned this week.
The five bugs, affecting versions 3.x to 3.2.2, score a collective 10 out of 10 on the CVSS vulnerability-severity scale, according to Claroty’s Team82 research ...
- Croatian phone carrier data breach impacts 200,000 clients
February 11, 2022
Croatian phone carrier ‘A1 Hrvatska’ has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people.
The announcement does not provide many details other than that they suffered a cybersecurity incident involving the unauthorized access of one of their user databases, which contained sensitive personal information.
The type of information that ...
- Actinium hacking group is targeting emergency response and security organizations in Ukraine
February 7, 2022
Microsoft has detailed recent hacking activity of cyber actors, most likely aligned with the Russian Federal Security Service (FSB), who have targeted Ukraine government, security agencies and aid organizations.
Microsoft says the hacking group, which it calls Actinium, has “targeted or compromised accounts” at Ukraine emergency response organizations since October. Actinium hackers also targeted organizations that ...
- Airport services firm Swissport reports ransomware incident
February 4, 2022
Swiss airport management service Swissport reported a ransomware attack affecting its IT systems on Friday. The company said the ransomware attack targeted its IT infrastructure.
The group behind the attack was not named.
Also: Prosecutors investigating cyberattacks affecting multiple Belgian and Dutch ports “The attack has been largely contained, and we are working actively to fully resolve the ...
- Oil terminals disrupted after European ports hit by cyberattack
February 3, 2022
Port facilities in Belgium, Germany, and the Netherlands have been targeted by a large-scale cyberattack, authorities say.
Officials say the hack began several days ago and has primarily disrupted operations at oil terminals, preventing tankers from delivering energy supplies.
German judicial authorities say they have launched an investigation into suspected “extortion” of oil operators, amid soaring energy ...