The attacks were detected and incident response began immediately, with unscheduled maintenance being performed to mitigate the threat.
The Department of Energy contract will allow Norse to support the agency's Cybersecurity Risk Information Sharing Program (CRISP).
Simulation exercises show how companies should respond under a cyberattack, says HHS's Sara Hall. Teri Robinson reports.
A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world.
Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.
Two Trend Micro experts sit with us to discuss research they've conducted concerning critical infrastructure and the future of the threat landscape.
Though no attacks were successful, ICS-CERT said the incidents show a glaring need for operators to remain vigilant in monitoring and thwarting network intrusions.
The vulnerability was found in two programmable gateway devices often used by auto, food and manufacturing businesses in the United States. Meanwhile, a new study shows attacks against utility companies are growing.
While a major attack has yet to take place on the U.S. energy sector, now is the right time for these critical infrastructure providers to ready their defenses.
Not only are there new security concerns, but leaders must ensure disparate groups of workers can adequately collaborate.
The unsuccessful attacks were the result of email addresses being publicly posted on an electric company's website.
Honeypots installed by researchers at security firm Trend Micro provided bait for 39 attacks on simulated ICS environments over the course of a month.
A virus has reportedly shut down the energy company's website and email servers, giving rise to questions of whether the Shamoon virus is to blame.
Oil company Saudi Aramco has yet to confirm whether a virus, which struck 30,000 of its workstations, is Shamoon -- malware said to be targeting the Middle East energy sector.
Shamoon, malware that overwrites files to the point of making computers unusable, has been described as a targeted, yet damaging threat.
Better coordination, actionable information, and risk awareness are needed to protect the country's critical infrastructure, especially the power grid, according a congressional watchdog report.
Whether it is defending against cyber terrorism, cyber warfare, or malicious hackers, it seems clear that securing our countries critical infrastructure must be a nationwide priority.
A sustained attack against the nation's natural gas pipelines, apparently orchestrated by the same malicious party, is proving difficult to quell.
The head of the National Security Agency is warning that Anonymous may be developing capabilities to target the U.S. power grid, but members of the hacktivist collective called such claims nothing more than fear mongering.
A new version of a federal law designed to protect the nation's critical assets is toned-down from previous cyber security proposals, but business and privacy leaders have concerns.
Unauthorized individuals gained access to the personal data belonging to customers of New York State Electric & Gas (NYSEG) and Rochester Gas & Electric (RG&E), which are owned by Iberdrola USA.
Many managers of utilities companies don't understand or appreciate the value of IT security...at their, the facilities' and the community's peril.
The proposal is helpful, but still doesn't answer the question: who to call when an attack happens.
While a number of entities have a stake in maintaining the cyber security of the U.S. electric grid, no single organization is currently responsible for overseeing protection across all aspects of grid operations.
An Illinois water utility pump failure may have been an accident caused by an employee -- not the work of foreign hackers.
Hackers reportedly breached the systems of a company that makes supervisory control and data acquisition (SCADA) systems, used to manage operations at critical infrastructure facilitates, and stole customer usernames and passwords.
"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- Vulnerabilities identified in three Advantech products
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context