Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Rob Joyce to Take Over as NSA Cybersecurity Director

    January 19, 2021

    As the incoming Biden administration continues to shake up federal leadership, the National Security Agency announced Friday that Rob Joyce, who is currently serving at the U.S. Embassy in London, was named to lead its cybersecurity division. Joyce will inherit the job from Anne Neuberger, who will leave the post to serve as deputy national security ...

  • Improving Your Security Posture with the Pipeline Cybersecurity Initiative

    January 19, 2021

    A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more ...

  • Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

    January 19, 2021

    In December 2020, FireEye uncovered and publicly disclosed a widespread attacker campaign that is being tracked as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to on-premises networks to gain unauthorized access to the victim’s Microsoft 365 environment. Goals and Objectives Methodologies that ...

  • DNSpooq bugs let attackers hijack DNS on millions of devices

    January 19, 2021

    Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. Dnsmasq is a popular and open-source Domain Name System (DNS) forwarding software regularly used that adds DNS caching and Dynamic Host Configuration ...

  • U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector

    January 18, 2021

    The U.S Government released on January 5, 2021, a cybersecurity plan to secure the nation’s maritime sector against cybersecurity threats that could endanger national security. The Maritime Cyber Environment With International Maritime Organization’s (IMO) mandate “to ensure that cyber risks are appropriately addressed in existing safety management systems” and the increasing number of cyber-attacks against maritime and ...

  • Medical Device Security: Diagnosis Critical

    January 18, 2021

    A hacked insulin pump is the last thing a diabetic wants to worry about when life-saving fluids are pumped into their body. Sadly, concerns about medical device IT security are a healthcare reality. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued more than a half-dozen warnings tied to connected drug pumps alone. Vulnerabilities ...

  • UK MoD under fire over multiple data breaches

    January 18, 2021

    The UK Ministry of Defense (MoD) suffered more data breaches in 2020 than in the year prior, seven of which were reported to the Information Commissioner’s Office (ICO) for further investigation. This is according to a new report from the Parliament Street Think Tank, and based on data provided by the MoD itself. Overall, there was an ...

  • Ransomware attacks now to blame for half of healthcare data breaches

    January 15, 2021

    Almost half of all data breaches in hospitals and the wider healthcare sector are as a result of ransomware attacks according to new research. Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in bitcoin to restore them, ...

  • Hackers breach Foreign Office computers in cyber attack on Government countryside outpost

    January 15, 2021

    It is understood the attack is not connected to the devastating cyber attack on the Solar Winds Orion software, which US officials pin on Russian hackers. The Foreign Office has not commented on any suspects of its investigation, but tonight confirmed the breach, which was first reported by The Sun. A Government spokesperson said: ‘We take data ...

  • UK: ‘Human error’ blamed for wiping of thousands of police records

    January 15, 2021

    Home Secretary Priti Patel must “take responsibility” for the wiping of 150,000 arrest records from police databases, Labour has said. The records were accidentally wiped last week and they included fingerprint, DNA and arrest histories, according to The Times. The newspaper says the technological blunder could allow offenders to go free, as evidence from crime scenes would ...