Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.
With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.
NEWS
- Department of Homeland Security email accounts exposed in SolarWinds hack
March 30, 2021
Email accounts belonging to US Department of Homeland Security (DHS) officials may have been compromised during the SolarWinds attack by Russian threat actors. The Associated Press reports that unauthorized intrusions occurred during the SolarWinds supply-chain attack. SolarWinds, the central point of entry, was compromised by threat actors in December who were able to plant a malicious Orion ...
- New survey report released: The state of industrial cybersecurity (Part 1)
March 29, 2021
The cybersecurity has been the word not only in IT world, but also in ICS/OT world. The Stuxnet targeting SCADA systems were uncovered as first ICS malware to damage nuclear plants in 2010. The Wannacry became worldwide famous ransom worm which spread on hundreds of thousands of vulnerable computers and encrypt their data in 2017. ...
- Harris Federation hit by ransomware attack affecting 50 schools
March 29, 2021
The IT systems and email servers of London-based nonprofit multi-academy trust Harris Federation were taken down by a ransomware attack on Saturday. Harris Federation is an education charity running 50 Harris primary and secondary academies with 37,000 students from London and surrounding areas. The attack hit the school trust’s systems over the weekend on Saturday, March 27, ...
- Australia cyber attacks hit television channel and parliament
March 28, 2021
A cyber attack has disrupted Channel Nine’s live broadcasts from Sydney, the TV company has confirmed, at the same time as an attack led to Parliament House’s email system being taken offline. As a result of the attack, the channel’s Sunday morning news programme, Weekend Today, was not aired, nor was its 5pm news show, although ...
- The security dilemma of smart factories [Part 1] Specificity of the programming languages used to move industrial robots
March 26, 2021
Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...
- Fleeceware Apps Bank $400M in Revenue
March 25, 2021
About 204 different “fleeceware” applications with a combined billion+ downloads have raked in more than $400 million in revenue so far, via the Apple App Store and Google Play, analysis has revealed. Fleeceware apps generally offer users a free trial to “test” the app, before commencing automatic payments that can be exorbitant. In an analysis from ...
- Threat landscape for industrial automation systems. Statistics for H2 2020
March 25, 2021
There is no longer a downward trend in the percentage of ICS computers on which malicious objects were blocked. Starting with the second half (H2) of 2019, we observed a decline in the percentages of ICS computers on which malicious objects were blocked. This was observed in industrial control systems (ICS) as well as in corporate ...
- Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech
March 25, 2021
In April 2020, we reported on a large influx of COVID-19 themed phishing attacks starting in February 2020. With March 2021 marking the one-year anniversary that the World Health Organization declared COVID-19 a pandemic, we revisited the phishing trends we observed in the past year to gain deeper insight into the various COVID-related topics that ...
- EU, Japan, and the US Conducted Joint Cybersecurity Training
March 24, 2021
Early this month, the EU, Japan, and the US recently conducted a joint cybersecurity training program as part of a series of dialogues on digital policies held last February 2021. The dialogues led to an agreement to strengthen the countries’ partnership on issues like platform regulation and industrial research. The training program was developed over the ...