Critical Infrastructure Protection

Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.

NEWS

  • Airlines warn passengers of data breach after aviation tech supplier is hit by cyberattack

    March 8, 2021

    Global aviation industry IT supplier SITA has confirmed it has fallen victim to a cyberattack, with hackers gaining access to personal information of airline passengers. The information technology and communications company, which claims to serve around 90% of the world’s airlines, said that a cyberattack on February 24, 2021 led to “data security incident” involving passenger ...

  • GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

    March 4, 2021

    In a new report released Thursday, the U.S. Government Accountability Office (GAO) said the Department of Defense fails to communicate clear cybersecurity guidelines to contractors tasked with building systems for its weapons programs. As part of its so called congressional watchdog duties, the GAO found that Defense Department weapons programs are failing to consistently incorporate cybersecurity ...

  • Ursnif Trojan has targeted over 100 Italian banks

    March 3, 2021

    The Ursnif Trojan has been traced back to attacks against at least 100 banks in Italy. According to Avast, the malware’s operators have a keen interest in Italian targets and attacks against these banking institutions have led to the loss of credentials and financial data. The cybersecurity firm said on Tuesday that at least 100 banks have ...

  • CISA Alert (AA21-062A): Mitigate Microsoft Exchange Server Vulnerabilities

    March 3, 2021

    Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to gain persistent system access, as well as access to files and mailboxes on the server and to ...

  • Malaysia Airlines suffers data security ‘incident’ spanning nine years

    March 2, 2021

    Malaysia Airlines has suffered a data security “incident” that compromised personal information belonging to members of its frequent flyer programme, Enrich. The breach is purported to have occurred at some point during a period that spans almost a decade and involves a third-party IT service provider. The airline had sent out an emailer to Enrich members ...

  • New South Wales’ Transport agency extorted by ransomware gang after Accellion attack

    March 1, 2021

    The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files. Transport for NSW is New South Wales’ transport system in charge of the buses, ferries, regional air operators, and cargo transportation. Last week, Transport for NSW disclosed that their agency suffered ...

  • World’s leading dairy group Lactalis hit by cyberattack

    March 1, 2021

    Lactalis, the world’s leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company’s systems. Lactalis (short for Lactalis Group) has 85,000 employees in 51 countries, and it exports dairy products to over 100 countries around the world. The dairy group controls multiple leading international brands, including Président, Galbani, Lactel, Santal, ...

  • Universal Health Services lost $67 million due to Ryuk ransomware attack

    March 1, 2021

    Universal Health Services (UHS) said that the Ryuk ransomware attack it suffered during September 2020 had an estimated impact of $67 million. UHS, a Fortune 500 hospital and healthcare services provider, has over 90,000 employees who provide services to roughly 3.5 million patients each year in more than 400 US and UK healthcare facilities. UHS said last ...

  • Npower withdraws mobile app after hackers steal personal details

    February 27, 2021

    Npower has permanently withdrawn its mobile app after hackers used it to access its customers’ personal details, including the sort codes and the last four digits of their bank accounts. The hack, which cybersecurity experts said left the firm’s customers “wide open to fraud”, is understood to have taken place around the start of February. The company ...