Critical Infrastructure | SC Media

Critical Infrastructure

Government warns OT assets still in danger of attack over internet

Security professionals responsible for protecting critical infrastructure strive to isolate and segregate their most mission-critical systems, but there are still too many operational technology (OT) assets that are accessible to attackers over the internet, according to a new government alert. When searchable and accessible via the internet, OT systems – just like conventional IT systems…

Threat Profiling in the ICS World: What You Need to Know

Vulnerabilities in two Schneider Electric ICS products reminiscent of Stuxnet

Vulnerabilities reminiscent of Stuxnet found in two Schneider Electric products could allow an attacker to gain operation control of a device by intercepting then retransmitting commands. Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC). By exploiting the flaws,…

Top 5 cyber risks that impact businesses.

Trump cites cybersecurity concerns issuing order to protect power grid

President Trump declared a national emergency to protect the nation’s bulk-power infrastructure that stops the purchase or use of any equipment that involves a foreign adversary in any way. The declaration was part of an Executive Order signed on May 1 that stated the federal government had found that foreign adversaries are increasingly creating and…

’Havex’ malware strikes industrial sector via watering hole attacks

Israeli cyber defenders warn of attacks on water supply

Israel’s National Cyber Array issued a notification that cyberattacks have been launched against a variety of water control critical infrastructure targets. The Cyber Array report noted it was informed on April 23 that attacks had been launched on control and control systems of wastewater treatment plants, pumping stations and sewers.  In response the agency is…

Ragnar Locker’s well-conceived ransomware attack on Energias de Portugal

Ragnar Locker’s ransomware attack on Energias de Portugal (EDP) and its subsequent 1,580 bitcoin, or $11 million, ransom demand indicates the attack was well thought out with the attacker fully understanding it’s victim’s financial capabilities. James McQuiggan, security awareness advocate at KnowBe4, told SC Media that Ragnar Locker’s general modus operandi is to charge a…

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms The Cyberspace Solarium Commission issued a 182-page report stating the United States in dangerously insecure when it comes to defending itself from a cyberattack and offered a litany of recommendations to shore up the nation’s defenses. The Commission, headed by Sens. Angus…

Next post in Government/Defense