Critical Infrastructure News, Articles and Updates

Xenotime broadens reach to target critical infrastructure SIS in U.S. and abroad

Using a variant of the Trisis malware, which was used in a 2017 attack in Saudi Arabia, Xenotime is aimed at the safety instrumental control systems that safeguard industrial systems in energy and manufacturing plants.

DHS cybersecurity strategy keys in on risk, vulnerability management

The DHS Cybersecurity Strategy may have been delivered late, but it's on point, cybersecurity pros said.

U.S. retreat from Iran agreement could spur uptick in cyberattacks

Before the agreement was signed, cybersecurity pros saw increased attack activity against Western critical infrastructure.

Zero-Day vulnerability found in two Schneider Electric ICS products

Tenable Security researchers have revealed a Zero Day flaw in two Schneider Electric industrial controller that if exploited could give an attacker an attack the ability to remotely execute code with high privileges.

DHS cyber official calls election security a priority; GAO report says agency's risk mitigation efforts fall short

DHS chief cybersecurity official Jeanette Manfra testified in a Congressional committee hearing yesterday that her agency is "doing everything that we can" to protect the nation's electoral infrastructure.

Separate ransomware attacks hit Ukraine and Canada

Two widely separated ransomware attacks against the Ukrainian energy ministry and the provincial government of Canada's Prince Edward Island (PEI) have knocked each agencies primary website offline.

New standard accepted by Federal Energy Regulatory Commission for critical infrastructure protection

The Federal Energy Regulatory Commission (FERC) approved a new standard to improve electronic access controls to low impact Bulk Electronic Systems (BES), mandatory security controls for mobile devices and develop modifications to critical infrastructure protection (CIP) reliability standards.

First SCADA cryptominer seen in the wild

Radiflow researchers discovered the malware attacking the OT network of a water utility company in order to mine the Monero cryptocurrency.

Failure to comply with U.K. gov't directive to bolster cybersecurity, infrastructure firms could face stiff fines

If they don't make the necessary moves to ratchet up cybersecurity and invest in proper safeguards, the newly appointed special-sector regulators could fine energy, transport, water and health companies as much as £17 million.

National Security Strategy stresses fortification of cyber defenses, paints Russia as malicious actor

The National Security Strategy document released by the Trump administration on Monday calls for the reinforcement of cyber defenses to protect government systems and critical infrastructure, as well as an improved response to attacks against such assets.

Newly formed government council on election security adopts charter

Local voting officials have officially adopted a charter for the newly formed Elections Government Sector Coordinating Council (GCC) - a key step following DHS' designation of elections systems as critical infrastructure.

Banks lose £30m plus to new hybrid threat hitting former Soviet states

Banks face a new hybrid threat from hackers that has already netted criminals a cool £30 million, according to a new report.

Industrial tech security association set up, NCSC calls for cooperation

Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.

NIAC members resign, saying president has under-prioritized cybersecurity

Eight members of the National Infrastructure Advisory Council said Trump had given "insufficient attention" to cybersecurity threats.

Attackers used template injection technique to steal credentials of power plant operators

The hackers responsible for breaching the systems of multiple U.S. energy operators since May 2017 employed a phishing scheme that used malicious attachments to download a template file via an SMB connection, in order to silently harvest credentials, according to a blog post from Cisco Talos.

Reports: Feds issue alert after adversary breaches power plant business networks

Since May, foreign hackers have breached computer networks at 12 or more U.S. power plants, including nuclear facilities, prompting the FBI and DHS to issue an urgent amber warning to utility companies, according to reports.

Kaspersky: Banks, manufacturers, oil and gas utilities roughly 82% of NotPetya's corporate victims

Kaspersky further reported that 60 percent of NotPetya infections took place in Ukraine, while Russia experienced just over 30 percent.

Russia blamed for DDoS attacks on Baltic Power grid

The Lithuanian, Latvian and Estonian power grids have all been targeted by Russia undergoing a series of limited Distributed Denial of Service (DDoS) over the last few years that may be probing for weaknesses.

Study: Infections of industrial systems common, but few are targeted

Approximately 3,000 unique industrial sites per year are randomly infected with generic malware, while attacks involving malware specifically designed to target industrial control systems are far less common, according to a study.

Energy facilities may become main target of cyber-attacks in Russia

It's estimated that power companies in Russia suffered more than 350 serious cyber-attacks in 2016, a 50 percent increase on the previous year.

Researchers tentatively link Greenbug cyberspy group to Saudi Shamoon attackers

Researchers may have found a tenuous link between a cyberespionage organization's credentials-stealing trojan and the Shamoon hacking group that's been targeting Saudi energy companies with Disttrack disk-wiping malware.

DHS designates election systems as critical infrastructure, under 'Government Facilities' category

Secretary of Homeland Security Jeh Johnson on Friday officially declared the U.S. electoral system as critical infrastructure.

New variant of KillDisk wiper threatens industrial control networks with ransomware

The KillDisk disk-wiper program that was used in conjunction with BlackEnergy malware to attack Ukrainian energy utilities now includes a ransomware component, according to researchers at CyberX.