Critical Infrastructure Protection


Today’s interdependent and interconnected world requires joint efforts and holistic approaches to protect critical infrastructure assets from the growing number of attacks and to address ever-evolving cyber threats to government, energy, healthcare, education, banking, transportation, telecommunication and other critical sectors.

With a dedicated section focusing on Critical Infrastructure protection, we aim to enhance cooperation and engage security professionals through news, articles and in-depth analysis of emerging threats and technologies.


NEWS

  • Hackers are targeting telecoms companies to steal 5G secrets

    March 16, 2021

    A cyber-espionage campaign is targeting telecoms companies around the world with attacks using malicious downloads in an effort to steal sensitive data – including information about 5G technology – from compromised victims. Uncovered by cybersecurity researchers at McAfee, the campaign is targeting telecommunications providers in Southeast Asia, Europe and the United States. Dubbed Operation Diànxùn, researchers ...

  • COVID-19: Examining the threat landscape a year later

    March 15, 2021

    A year ago — everything changed. In an effort to stem the tide of a rapidly spreading pandemic, the world shut down. Shops were forced to shut their doors, and whole countries were placed on stringent lockdowns. Schools were closed around the world, with more than one billion children affected, and the vast majority of ...

  • Critical Security Hole Can Knock Smart Meters Offline

    March 12, 2021

    Critical security vulnerabilities in Schneider Electric smart meters could allow an attacker a path to remote code execution (RCE), or to reboot the meter causing a denial-of-service (DoS) condition on the device. Schneider Electric’s PowerLogic ION/PM smart meter product line, like other smart meters, is used by consumers in their homes, but also by utility companies ...

  • Security and Privacy of COVID-19 Contact-Tracing Apps

    March 12, 2021

    Symantec analyzed the top 25 COVID-19 national contact-tracing apps to see which follow security and privacy best practices. Unfortunately, in this new COVID-19 era it’s not just our computers we have to protect from infection, but also ourselves and our loved ones. Along with social distancing, wearing a mask, and washing our hands, technology is also ...

  • Microsoft Exchange Servers Face APT Attack Tsunami

    March 11, 2021

    Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10 different advanced persistent threat (APT) groups, all bent on compromising email servers around the world. Overall exploitation activity is snowballing, according to researchers. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions ...

  • Ryuk ransomware hits 700 Spanish government labor agency offices

    March 10, 2021

    The systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. “Currently, work is being done with the objective of restoring priority services as soon as possible, among which is the portal of the State Public Employment Service and then gradually ...

  • Russia: Majority of governmental agencies’ websites go live after failure

    March 10, 2021

    Websites of the majority of Russian government authorities have recovered after the failure occurred on Wednesday. Websites of the Kremlin, the government, Russian media watchdog, Ministry of Industry and Trade, Ministry of Economic Development, Security Council and Russian Investigative Committee resumed operations. Furthermore, the State Duma and the Ministry of the Interior websites restarted operations earlier. It was ...

  • Europol: New Major Interventions To Block Encrypted Communications Of Criminal Networks

    March 10, 2021

    Judicial and law enforcement authorities in Belgium, France and the Netherlands have in close cooperation enabled major interventions to block the further use of encrypted communications by large-scale organised crime groups (OCGs), with the support of Europol and Eurojust. The continuous monitoring of the criminal use of the Sky ECC communication service tool by investigators ...

  • WaterISAC: 15 Security Fundamentals You Need to Know

    March 10, 2021

    Attacks such as the one at Oldsmar highlight the need for water facilities to continue honing their ability to defend themselves against digital attacks. Towards that aim, they can use WaterISAC’s guidelines for water and wastewater utilities. The security fundamentals covered in those guidelines include the following: Asset Inventory Database You can’t protect what you don’t know you ...

  • Hackers access surveillance cameras at Tesla, Cloudflare, banks, more

    March 9, 2021

    Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. Hacks multiple cameras in ...

  • Intel joins DARPA in search of encryption ‘holy grail’

    March 9, 2021

    Intel has signed an agreement with Defense Advanced Research Projects Agency (DARPA) to take part in its Data Protection in Virtual Environments (DPRIVE) program, which is aiming to develop an accelerator for fully homomorphic encryption (FHE). “Fully homomorphic encryption remains the holy grail in the quest to keep data secure while in use,” Intel Labs principal ...

  • Cracking of encrypted messaging service dealt major blow to organised crime

    March 9, 2021

    The cracking of a previously-unbreakable encrypted messaging service popular with criminals involved in drug trafficking and organised crime delivered a major victory for the justice system on Tuesday. The cracking of the expensive messaging app, called “Sky ECC,” was what allowed over 1,500 police officers across Belgium to be simultaneously deployed in at least 200 raids, ...

  • European Banking Authority discloses Exchange server hack

    March 8, 2021

    The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. EBA is part of the European System of Financial Supervision and it oversees the integrity orderly functioning of the EU banking sector. “The Agency has swiftly launched a full investigation, in ...

  • Airlines warn passengers of data breach after aviation tech supplier is hit by cyberattack

    March 8, 2021

    Global aviation industry IT supplier SITA has confirmed it has fallen victim to a cyberattack, with hackers gaining access to personal information of airline passengers. The information technology and communications company, which claims to serve around 90% of the world’s airlines, said that a cyberattack on February 24, 2021 led to “data security incident” involving passenger ...