Researchers Use Smart Light Bulbs to Infiltrate Networks

Researchers successfully infiltrated networks through a vulnerability in Philips Hue light bulbs. The CVE-2020-6007 vulnerability, which involves the ZigBee communication protocol, can be abused to remotely install malicious firmware in smart light bulbs and spread malware to other internet-of-things (IoT) devices. To make the Read More …

Oil-and-Gas APT Pivots to U.S. Power Plants

A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the Read More …

ICS Cyberwarfare: The Latest Threat to America’s Power Grid

The modern world is dependent on electricity, and the United States is no exception. I remember the notorious blackouts that affected the eastern U.S. and Canada in August 2003. The duration of the mass power outage lasted anywhere between several Read More …

ACSC helps power energy sector’s cybersecurity capabilities

The Australian Cyber Security Centre (ACSC) has plugged into energy sector organisations and government agencies to help power their cybersecurity capabilities. The nationwide program — which started in November 2018 – aims to improve the energy industry’s cyber threat resilience and responses. Read More …

AMEO ‘concerned’ about nation-state attacks on power grids

“For the energy sectors and critical infrastructure sectors, particularly around electricity, we are concerned about nation-state actors,” says Tim Daly, chief security officer (CSO) for the Australian Energy Market Operator (AEMO). “Nation-states are looking to have capability and implants that Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks

The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result. The Read More …

U.S. Escalates Online Attacks on Russia’s Power Grid

The United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and Read More …

South African Power Firm Eskom Fails To Secure Customer Data

A security researcher resorted to a public tweet about a serious data breach involving customer data, after a South African electricity provider ignored all other pleas to resolve the leak. Security researcher Devin Stokes issued the public tweet to Eskom, which Read More …