Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Critical Infrastructure

Natural gas pipeline companies under siege, DHS arm warns

May 07, 2012

A sustained attack against the nation's natural gas pipelines, apparently orchestrated by the same malicious party, is proving difficult to quell.
 

Anonymous says power grid concerns are U.S. gov't spin

February 21, 2012

The head of the National Security Agency is warning that Anonymous may be developing capabilities to target the U.S. power grid, but members of the hacktivist collective called such claims nothing more than fear mongering.
 

New cyber security bill is bipartisan, but has its critics

February 16, 2012

A new version of a federal law designed to protect the nation's critical assets is toned-down from previous cyber security proposals, but business and privacy leaders have concerns.
 

Some 2M possibly affected by NYSEG, RG&E data compromise

January 25, 2012

Unauthorized individuals gained access to the personal data belonging to customers of New York State Electric & Gas (NYSEG) and Rochester Gas & Electric (RG&E), which are owned by Iberdrola USA.
 

APTs in critical infrastructure organizations

Dave Amsler, President and CIO, Foreground Security January 18, 2012

Many managers of utilities companies don't understand or appreciate the value of IT security...at their, the facilities' and the community's peril.
 

Energy Department to analyze power grid cyber threats

January 09, 2012

The proposal is helpful, but still doesn't answer the question: who to call when an attack happens.
 

MIT researchers suggest power grid security oversight

December 06, 2011

While a number of entities have a stake in maintaining the cyber security of the U.S. electric grid, no single organization is currently responsible for overseeing protection across all aspects of grid operations.
 

Illinois water pump failure not a cyberattack

November 28, 2011

An Illinois water utility pump failure may have been an accident caused by an employee -- not the work of foreign hackers.
 

Water utilities in Illinois, Houston reportedly hacked

November 18, 2011

Hackers reportedly breached the systems of a company that makes supervisory control and data acquisition (SCADA) systems, used to manage operations at critical infrastructure facilitates, and stole customer usernames and passwords.
 

U.S. and EU partner for security response exercise

November 04, 2011

"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
 

Microsoft issues workaround for Duqu malware

November 04, 2011

Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.
 

"Nitro" attacks target 29 firms in chemical sector

November 01, 2011

Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
 

Duqu underscores trouble AV industry has in stopping threats

October 21, 2011

The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
 

The government has it wrong on Anonymous and critical infrastructure

October 19, 2011

When it comes to stopping individuals who want to compromise industrial control systems, the Anonymous group is certainly not Enemy No. 1.
 

Sponsored video: Pan Kamal of AlertEnterprise on SCADA

September 22, 2011

Fresh off the Stuxnet attack, critical infrastructure environments must evolve to meet the growing threat, Pan Kamal, VP of marketing at AlertEnterprise, tells SC Magazine Executive Editor Dan Kaplan.
 

Researcher again discloses multiple SCADA flaws

September 19, 2011

An Italian analyst said he spent little time finding a new batch of vulnerabilities impacting industrial control systems.
 

White House proposals include breach notification law

May 12, 2011

The White House on Thursday unveiled sweeping cybersecurity legislative recommendations to Congress.
 

Industrial control systems at risk, ICS-CERT warns

May 12, 2011

Software products used to manage critical infrastructure facilities contain a vulnerability that could allow an attacker to take control of affected systems, the ICS-CERT warned.
 

Despite threats, security not enough of priority at utilities

April 19, 2011

Critical infrastructure providers have been slow to respond to an increasing number of threats targeting industries such as power, oil, gas and water, according to a new report.
 

Exxon, Shell, BP targeted in operation "Night Dragon"

February 25, 2011

Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers believed to be from China to steal proprietary information about oil and gas field bids and operations, according to Bloomberg News. McAfee earlier this month disclosed details about the intrusions, dubbed "Night Dragon." The security firm, however, did not list any of the victim companies. According to Bloomberg, citing unnamed individuals familiar with the investigations, the list of targeted companies also includes Marathon Oil, ConocoPhillips and Baker Hughes. — AM
 

Has cyberwar happened? Interview with Mikko Hypponen, chief research officer of F-Secure

February 23, 2011

Mikko Hypponen, chief research officer of F-Secure, distinguishes among cyberwar and everything else, explains why the anti-virus industry failed when it came to detecting and preventing Stuxnet, discusses why critical infrastructure is at major risk to attack and reveals how he tracked down the authors of the first PC virus, which turns 25 years old this year. SC Magazine Executive Editor Dan Kaplan spoke with Hypponen following a media luncheon at the RSA Conference in San Francisco.
 

Chinese hackers break into oil companies' networks

February 10, 2011

Sophisticated hackers, believed to be from China, have broken into the networks of several global oil, energy and petrochemical companies.
 

What Stuxnet means for the process industry

Eddy Willems, security evangelist, G Data Software February 09, 2011

Governments and process control firms must work together to prevent highly sophisticated malware, such as Stuxnet, from spreading.
 

Critical infrastructure lacking cyber supply chain security

November 30, 2010

Critical infrastructure firms are not adequately securing their "cyber supply chains," and thus face an increased risk of attacks that could impact business operations and disrupt service delivery, according to new analyst findings.
 

SC Congress Canada: Smart grid and privacy

November 22, 2010

Ann Cavoukian, privacy commissioner of Ontario, discusses how privacy risks must be considered as smart meters are deployed to homes throughout North America. Many utilities, she says, are overlooking the privacy dangers, such as third-parties gaining access to homeowners' electrical usage patterns, but that mindset must change.
 

Senate debates DHS, reporting responsibility post Stuxnet

November 19, 2010

The Stuxnet worm has prompted lawmakers to consider imparting additional cyber-oversight on the Department of Homeland Security.
 

Consider privacy when deploying smart grid technology

November 16, 2010

The smart grid certainly brings security concerns, but less-often mentioned are privacy risks, an official said Tuesday at SC Congress Canada.
 

Lawmaker says attack against power grid will happen

November 11, 2010

The likelihood of a crippling cyberattack against the U.S. electric gird is 100 percent, a congresswoman said Wednesday at SC World Congress in New York.
 

White House cybersecurity coordinator expected to keynote

October 20, 2010

Scheduled to hit the stage on Nov. 11 at 4:30 p.m. for an SC World Congress' keynote address, Howard Schmidt, cybersecurity coordinator and special assistant to President Obama, plans to discuss progress of the U.S. National Cybersecurity Strategy and how he and his staff will help to propel it forward. Outlining the myriad IT security challenges that both the public and private sectors face, Schmidt also plans to highlight just some of the efforts underway to keep the nation's infrastructure up and running. SC World Congress Data Security Conference and Expo is taking place Nov. 10 and 11 at the Sheraton New York Hotel & Towers in in New York City.
 

'Unknown unknowns' and the electric grid

Mark Weatherford, VP and CSO, North American Electric Reliability Corp. October 20, 2010

NERC's Coordinated Action Plan is designed to address the possibility that a cyberattack can disable the U.S. power grid.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws