Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Ransomware gang leaks data stolen from Colorado, Miami universities

    March 23, 2021

    Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. Starting in December, threat actors affiliated with the Clop ransomware operation began targeting Accellion FTA servers and stealing the data stored on them. Companies use these servers to share ...

  • Energy Giant Shell Is Latest Victim of Accellion Attacks

    March 23, 2021

    Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance (FTA) product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang. “Shell has been impacted by a data-security incident involving Accellion’s File Transfer Appliance,” the ...

  • UK colleges and unis urged to prepare for ransomware before it’s too late

    March 23, 2021

    Britain’s National Cyber Security Centre (NCSC) has urged universities, schools, and colleges to be vigilant following an increase in ransomware attacks targeting educational institutions. “While operational details cannot be disclosed, the NCSC has dealt with a significant increase in the number of attacks since late February, when establishments were preparing to welcome students back to the ...

  • China takes aim at ‘spying’ Tesla cars, bans military staff use

    March 22, 2021

    Elon Musk has said Tesla would be “shut down” if accusations that the firm’s cars could be used for spying purposes were true. Last week, the Wall Street Journal reported that the Chinese government has restricted the use of Tesla vehicles in military and key, state-owned company settings. Military and government staff are reportedly not permitted to ...

  • How Can the Trucking Industry Secure Their Telematics?

    March 22, 2021

    The trucking sector is essential to countless other industries. Without reliable transportation, supply chains would crumble, and companies and consumers would face shortages. With so much riding on it, it’s no wonder why the industry has fully embraced technology like telematics in recent years. Telematics refers to the suite of technologies fleets use to share data ...

  • CISA: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

    March 18, 2021

    This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following CISA Alerts: AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, which primarily focuses ...

  • SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests

    March 18, 2021

    Cyberattackers involved in worldwide hacking campaigns are using the compromised systems of high-profile victims as playgrounds to test out malicious tool detection rates. On Thursday, Swiss cybersecurity firm Prodaft said that SilverFish (.PDF), an “extremely skilled” threat group, has been responsible for intrusions at over 4,720 private and government organizations including “Fortune 500 companies, ministries, airlines, ...

  • FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics

    March 17, 2021

    The FBI’s Internet Crime Complaint Center has released its annual report. The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of more than 300,000 complaints from 2019—and reported losses exceeding $4.2 billion. State-specific statistics have also been released and can be found within the 2020 Internet Crime Report and ...

  • FBI warns of rise in PYSA ransomware operators targeting US, UK schools

    March 17, 2021

    The FBI has warned of a surge in attacks against schools in which ransomware operators are stealing data to pile on the pressure for payment. In a joint FBI and DHS-CISA flash industry alert (.PDF) this week, law enforcement said a recent increase in attacks leveraging PYSA ransomware, also known as Mespinoza, has been traced to ...

  • China-linked TA428 Continues to Target Russia and Mongolia IT Companies

    March 17, 2021

    Recorded Future’s Insikt Group recently identified renewed activity attributed to the suspected Chinese threat activity group TA428. The identified activity overlaps with a TA428 campaign previously reported by Proofpoint as “Operation LagTime IT”, which targeted Russian and East Asian government information technology agencies in 2019. Based on the infrastructure, tactics, and victim organization identified, we ...

  • Hackers are targeting telecoms companies to steal 5G secrets

    March 16, 2021

    A cyber-espionage campaign is targeting telecoms companies around the world with attacks using malicious downloads in an effort to steal sensitive data – including information about 5G technology – from compromised victims. Uncovered by cybersecurity researchers at McAfee, the campaign is targeting telecommunications providers in Southeast Asia, Europe and the United States. Dubbed Operation Diànxùn, researchers ...