Critical Infrastructure News, Articles and Updates

Cyber space wars may require new international regimes

Cyber space wars may require new international regimes

By

While it might not include the Death Star cyber warfare among the stars is almost inevitable.

Can one CISO ever beat an army of IoT devices?

Can one CISO ever beat an army of IoT devices?

The security threat from the Internet of Things (IoT) has grown real because far too many of those sneaky IoT devices fly in under the radar. Corporate maintenance, facilities and operations departments are not accustomed to requesting IT's signoff on purchasing light bulbs or door locks. And yet, when those devices have their own independent - or dependent - communications capabilities, they are an easy backdoor for cyberthieves.

Energy sector cybersecurity workers overconfident in their capabilities

Energy sector cybersecurity workers overconfident in their capabilities

By

A Tripwire survey found IT staffers in the energy sector frequently don't have the data needed to see if their assumptions on how their security apparatus function are correct.

Hinkley Point C nuclear power station to go ahead with Chinese involvement despite previous concerns

Hinkley Point C nuclear power station to go ahead with Chinese involvement despite previous concerns

Despite concerns over security from both the Prime Minister and one of her chiefs of staff, Hinkley Point C nuclear power station has been given a green light today for construction with backing from China.

Paper: Only 200K mobile bots needed to impair U.S. 911 system with DDoS attack

Paper: Only 200K mobile bots needed to impair U.S. 911 system with DDoS attack

By

A few as 200,000 mobile bots would be enough to launch a successful DDoS attack against the U.S.' 911 infrastructure, significantly disrupting service nationwide, a new research paper from Ben-Gurion University reports.

Pentagon faulted for lack of cyber preparedness, GAO report

Pentagon faulted for lack of cyber preparedness, GAO report

By

The Department of Defense does not have the necessary visibility into the cyber capabilities of the National Guard, according to a report by the GAO.

Voter databases in two states breached by foreign hackers, FBI

Voter databases in two states breached by foreign hackers, FBI

By

The FBI said foreign hackers made their way into voter databases in two states in recent weeks, the latest indication of potential problems to come in November's presidential election.

U.S. government extends offer to protect states from electoral cyberthreats

U.S. government extends offer to protect states from electoral cyberthreats

By

Updated! As it considers classifying the electoral system as critical infrastructure, the U.S. government has pledged to provide states with federal assistance to help manage voting cyber risks and taking additional steps to quell fears the election this fall could be hacked.

Iran investigating possible cyber angle on oil fires

Iran investigating possible cyber angle on oil fires

By

Updated! Iran's Supreme National Cyberspace Council is investigating whether a recent string of oil and petrochemical fires were caused by a cyberattack.

Legacy systems within U.S. financial sector likely to blame for breaches, report

Legacy systems within U.S. financial sector likely to blame for breaches, report

By

A recent SecurityScorecard study claims America's financial industry is highly susceptible to data breaches, and legacy systems may be to blame.

Feds looking to hire cyberpros

Feds looking to hire cyberpros

By

Acknowledging a shortfall in the pool of cybersecurity talent needed to combat today's increasingly sophisticated cyberattacks, the federal government announced it is actively expanding recruitment.

ICIT Report: Despite pact with U.S., China continues to steal intellectual property

ICIT Report: Despite pact with U.S., China continues to steal intellectual property

By

A report released today by the Institute for Critical Infrastructure Technology warns that China's latest five-year plan is reliant upon the digital theft of Western nations' intellectual property, despite a 2015 Sino-U.S. pact to eliminate cyberattacks against corporate assets.

Zero Days documentary: Stuxnet a harbinger of cyberwarfare

Zero Days documentary: Stuxnet a harbinger of cyberwarfare

By

In the documentary-thriller Zero Days, an anonymous source not only acknowledges that the U.S. and Israel were behind the Stuxnet cyberattack on Iran's Natanz nuclear facility, but also blames Israel for the worm's eventual discovery.

Bill seeks to alter nation's critical infrastructure

Bill seeks to alter nation's critical infrastructure

By

Disconnecting computers used in power plants and electrical grids from the internet is being proposed in a bill before the Senate.

Shades of Stuxnet: Newly found malware can sabotage industrial controls, but only in simulated environments

Shades of Stuxnet: Newly found malware can sabotage industrial controls, but only in simulated environments

By

FireEye yesterday revealed details of a recently discovered malware, dubbed Irongate, whose properties echo the infamous StuxNet virus, in that it is theoretically designed to manipulate industrial control systems.

Cyber needs to speak language of the C-suite

Cyber needs to speak language of the C-suite

By

Communicating with the C-suite depends in part of creating a language they understand and identifying company assets that are most important, panelists told an SC Congress Toronto audience.

Canadian Cyber Threat Exchange to select its MSP by end of month

Canadian Cyber Threat Exchange to select its MSP by end of month

By

Five weeks after its official launch, the Canadian Cyber Threat Exchange is already close to selecting an MSP that will manage the group's new cyberthreat intelligence sharing forum, according to a panel session at SC Congress Toronto on Wednesday.

Risk-based approach essential to realistic, manageable IT security program

Risk-based approach essential to realistic, manageable IT security program

By

Security and risk are often mentioned in the same breath, and while they can complement each other, taking a risk-based approach is essential to building a realistic and manageable IT security program.

 SC Congress Atlanta: Atlanta is no dummy when it comes to cybersecurity, CISO says

SC Congress Atlanta: Atlanta is no dummy when it comes to cybersecurity, CISO says

By

Atlanta has an ambitious plan to bolster its cybersecurity posture.

DHS issues alert over old SAP vulnerability after 36 organizations infiltrated

DHS issues alert over old SAP vulnerability after 36 organizations infiltrated

By

The DHS yesterday issued its first-ever US-CERT security alert pertaining to the active exploit of an SAP application, after a security vendor determined 36 organizations were infiltrated via an SAP vulnerability that was disclosed over five years ago.

Tampa airport to conduct major IT security audit following apparent breach

Tampa airport to conduct major IT security audit following apparent breach

By

Tampa International Airport has expedited and expanded an audit of its network security, following the resignation of an IT consultant who was allegedly found to have shared system passwords with unauthorized parties.

U.S. Cyber Command closer to break from NSA

U.S. Cyber Command closer to break from NSA

By

A defense authorization bill could split off the U.S. Cyber Command from under the direction of U.S. Strategic Command and the NSA.

Smart cities still dumb enough to be hacked

Smart cities still dumb enough to be hacked

The root of the problem with malicious smart city hacking lies in the fact that sensors typically collect 'raw' data and then merely pass it on.

FBI, DHS launch series of briefings to raise awareness of Ukraine power grid attack

FBI, DHS launch series of briefings to raise awareness of Ukraine power grid attack

By

The FBI and DHS has scheduled a series of unclassified webinars and threat briefings across the U.S. addressing the 2015 cyberattack against Ukraine's power grid.

DHS issues three advisories warning of vulnerabilities in Industrial Control Systems

DHS issues three advisories warning of vulnerabilities in Industrial Control Systems

By

The DHS Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, has issued security advisories on vulnerabilities in ICS technologies from Eaton Lighting Systems, Pro-face and Rockwell Automation.

 Devalue data, deter cybercriminals

Devalue data, deter cybercriminals

By

The same motivation that has for decades convinced cat burglars to sneak in through open windows and pilfer jewels from the dresser drawers of their sleeping victims moves cybercriminals to slither around in cyberspace to steal data: It's valuable. And easy to get to.

DHS launches two-way threat sharing system for public-private collaboration

DHS launches two-way threat sharing system for public-private collaboration

By

The Department of Homeland Security has declared itself officially ready to exchange cybersecurity intelligence with private industries and other organizations using an automated threat-sharing system, under the terms of the Cybersecurity Act of 2015.

U.S. preparing indictment against Iranian hackers of NY dam

U.S. preparing indictment against Iranian hackers of NY dam

By

U.S. authorities are reportedly preparing to issue an indictment against Iranian hackers believed to have carried out acyber attack against a New York dam.

 Scaling the cloud

Scaling the cloud

By

There used to be a time when large enterprises, in particular, took pride in the idea of managing all their various and sundry IT functions, every backend process, in-house.

Book 'Dark Territory' chronicles how NSA hacked DoD command-control systems in four days

Book 'Dark Territory' chronicles how NSA hacked DoD command-control systems in four days

By

In the first-ever high-level exercise testing the U.S. military's ability to defend against a cyberattack, the NSA in 1997 hacked into the DoD's entire network in just four days, according to a new book by Pulitzer Prize-winning journalist Fred Kaplan.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US