Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Insights on Cyber Threats Targeting Users and Enterprises in Brazil

    July 12, 2024

    Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted ...

  • Allies agree new NATO Integrated Cyber Defence Centre

    July 10, 2024

    The NATO Integrated Cyber Defence Centre (NICC) will enhance the protection of NATO and Allied networks and the use of cyberspace as an operational domain. The Centre will inform NATO military commanders on possible threats and vulnerabilities in cyberspace, including privately-owned civilian critical infrastructures necessary to support military activities. The Centre will bring together civilian and ...

  • FBI: Renewable energy systems vulnerable to cyber attacks

    July 2, 2024

    The FBI has issued an official alert to the public about the potential for malicious cyber actors to disrupt power generation, steal intellectual property, or hold critical information for ransom within the U.S. renewable energy sector. The warning comes as federal and local governments increasingly advocate for renewable energies, expanding the industry and creating more opportunities ...

  • The US Wants to Integrate the Commercial Space Industry With Its Military to Prevent Cyber Attacks

    June 29, 2024

    The US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry. The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites. As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation-states will ...

  • Stopping Chinese cyberattacks is officially now the biggest priority for US security forces

    June 25, 2024

    The US Department of Homeland Security (DHS) has shuffled its priorities to place battling the “cyber and other threats posed by the People’s Republic of China” at the top of the list, at least until the end of 2025. China has been conducting numerous cyber attacks against US infrastructure, particularly focussing on internet-facing endpoints within water ...

  • Sustained Campaign Using Chinese Espionage Tools Targets Telcos

    June 20, 2024

    Attackers using tools associated with Chinese espionage groups have breached multiple telecom operators in a single Asian country in a long-running espionage campaign. The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials. The attacks have been underway since at least 2021, with evidence to suggest that some of this ...

  • ExCobalt: GoRed, the hidden-tunnel technique

    June 19, 2024

    While responding to an incident at one of their clients, the PT ESC CSIRT team discovered a previously unknown backdoor written in Go, which they attributed to a cybercrime gang dubbed ExCobalt. ExCobalt focuses on cyberespionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt gang. Cobalt attacked ...

  • Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

    May 30, 2024

    Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by different nation-backed actors, including attacks by IRGC-affiliated “CyberAv3ngers” in November 2023, as well ...

  • Hellhounds: Operation Lahat. Part 2

    May 23, 2024

    In November 2023, the team at the Positive Technologies Expert Security Center (PT ESC) released their first research report on attacks by the hitherto-unknown group Hellhounds on Russian companies’ infrastructure: Operation Lahat. The report focused on the group’s attacks on Linux hosts that relied on a new backdoor known as Decoy Dog. Hellhounds carried on attacks ...