Colorado energy company loses 25 years of data after cyberattack while still rebuilding network

Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and caused 25 years of historical data to be lost. In an update sent to customers Read More …

Queensland government energy generator hit by ransomware

Queensland government-owned energy generator CS Energy said on Tuesday it was responding to a ransomware incident that occurred over the weekend. First reported by Energy Source & Distribution, the company said the incident has not impacted electricity generation at Callide Read More …

2 US defense officials say Israel hacked Iran’s gas system in late October

Israel carried out a cyber attack against Iran’s nationwide fuel system last month, two United States defense officials told the New York Times in a report published Saturday. Days later, Iran-affiliated hackers breached an Israeli LGBTQ dating site and released Read More …

Meet Lyceum: Iranian hackers targeting telecoms, ISPs

Researchers have provided a deep dive into the activities of Lyceum; an Iranian threat group focused on infiltrating the networks of telecoms companies and internet service providers (ISPs). Lyceum, also known as Hexane, Siamesekitten, or Spirlin, has been active since Read More …

Mobile phishing attacks targeting energy sector surge by 161%

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year’s (H2 2020) data, and the trend is showing no signs of slowing down. Although the perils of outdated and vulnerable devices plague all Read More …

India Releases Cybersecurity Guidelines for Power Sector

The Indian Government’s Power Ministry and the Central Electricity Authority (CEA) recently released cybersecurity guidelines to enhance the power sector’s cybersecurity readiness. It is the first time that cybersecurity guidelines are created for the sector. CEA, under the “Central Electricity Read More …

New APT ChamelGang Targets Russian Energy, Aviation Orgs

A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at security Read More …

The state of ransomware: national emergencies and million-dollar blackmail

Banks have been “disproportionately affected” by a surge in ransomware attacks, clocking a 1,318% increase year-on-year in 2021. Ransomware has become one of the most well-known and prevalent threats against the enterprise today. This year alone, we have seen high-profile Read More …

API Releases New Standard for Pipeline Control Systems

On August 18, 2021, the American Petroleum Institute (API) released the third edition of Standard 1164, Pipeline Control Systems Cybersecurity. The edition has been in development since 2017—a result of expert input from over 70 organizations, including the US’s Department Read More …

How Pipeline Owners and Operators Can Fulfill the TSA’s Second Security Directive

Senior officials at the Department of Homeland Security (DHS), of which the TSA is a part, announced at the time of their security directive that they would soon require pipeline organizations to implement a new set of mandatory security controls Read More …