- Paging A Joint Task Force: Cyber Defense Of Pandemic Medical Infrastructure
March 24, 2020
The ongoing global response to COVID-19 infections has become a critical public health, economic, and national security priority. The crisis has been made worse by ransomware and other disruptive intrusion incidents, threatening the continued provision of healthcare services to patients affected by the disease. U.S. Health and Human Services disclosures of known data breaches — even prior ...
- Critical Bugs in Rockwell, Johnson Controls ICS Gear
March 10, 2020
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure.
First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software. The ...
- What to know about cyberattacks targeting energy pipelines
March 1, 2020
The Department of Homeland Security (DHS) this past month disclosed a disruptive cyberattack on a U.S. energy facility, raising new concerns about protections for energy providers.
The Cybersecurity and Infrastructure Security Agency (CISA), a division of DHS, said a ransomware attack hit a “natural gas compression facility,” leading to a two-day shutdown for the entire pipeline.
While the agency ...
- RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
February 28, 2020
Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this year – especially as ransomware looms as a main threat to the sector going forward.
That’s according to Christopher Krebs, director of CISA, speaking at RSA Conference 2020 this week.
“My agency ...
- Assessment of Ransomware Event at U.S. Pipeline Operator
February 19, 2020
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on 18 February 2020 on a ransomware incident impacting a natural gas compression facility at an unidentified U.S. pipeline operator. The ransomware event impacted both IT and ICS assets by causing loss of view and control impacts that caused the facility to implement controlled shutdown processes ...
- Frankfurt shuts down IT network following Emotet infection
December 19, 2019
Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware.
Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.
The other three are ...
- Story of the year 2019: Cities under ransomware siege
December 11, 2019
Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems.
Looking back at the past three years, the share of users targeted with ransomware in the overall number of malware detections has risen from 2.8% to 3.5%. While ...
- Equipping the Education Sector With Threat Intelligence to Defend Against Cyberattacks
October 17, 2019
When you think about sophisticated cyberattacks, certain targeted industries probably come to mind immediately — government, critical infrastructure, and financial services, to name a few. It’s fair to say that for most people, the education sector isn’t generally first on that list.
Despite this, educational institutions (particularly those in higher education) have become an increasingly popular ...
- 17 US utility firms targeted by mysterious state-sponsored group
September 24, 2019
A mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29, Proofpoint reported today.
The purpose of these attacks was to infect employees at US utility firms with LookBack, a remote access trojan with an extensive set of features.
While no formal ...
- US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks
July 2, 2019
The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.
The idea is to use “retro” technology to isolate the grid’s most important control systems, to limit ...
- Senior Defence figure raises concerns about future cyber attacks
February 19, 2019
One of Australia’s senior military figures says the threat of cyber attacks against the nation’s infrastructure and military networks is on the rise.
Major General Marcus Thompson leads the Information Warfare Division, which was set up in mid-2017 with the aim of providing both defensive and offensive cyber capabilities.
In his first media major interview, he told ...
- Germany sees big rise in security problems affecting infrastructure
February 17, 2019
Germany has experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids and water suppliers, the BSI cybersecurity agency said on Sunday, adding however that they were not all due to hacking.
The Welt am Sonntag weekly had reported on Sunday that Germany had learned of 157 hacker attacks ...
- Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure
December 11, 2018
Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosa cyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk ...
- Mattis establishes DOD task force to protect critical tech, information
November 1, 2018
Secretary of Defense James Mattis has established a task force whose sole purpose is to better secure the Department of Defense’s important technology and information.
Mattis issued a memo dated Oct. 24 creating the Protecting Critical Technology Task Force (PCTTF) to report to the deputy secretary of Defense and the vice chairman of the Joint Chiefs of Staff.
“Working with our partners ...