Critical Infrastructure | SC Media

Critical Infrastructure

DefCon: You cannot 'cyberhijack' an airplane, but you can still create mischief

Louisville Regional Airport Authority grounded by ransomware attack

The Louisville Regional Airport Authority (LRAA) had its wings clipped on Monday by a ransomware attack on its systems, reports say. According to local news sources, an LRAA spokesperson said the incident encrypted the municipal corporation’s localized files, did not affect operations or security systems at the two airports under its purview, Louisville Muhammad Ali…

DHS lists critical infrastructure areas to protect from cyberattack

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today issued a list of the 55 areas of the nation’s critical infrastructure that it believes must be protected from cyberattacks. The National Critical Functions list was created by CISA’s National Risk Management Center and contains functions used or supported by the government and…

Ransomware disables Cleveland airport’s email systems, information screens

A ransomware attack reportedly has affected email, payroll and record-keeping systems at Cleveland Hopkins International Airport this week and also darkened the transportation facility’s information screens And according to a report from local news outlet WKYC, the attackers may have also accessed airport employee payroll records containing personal information. An April 22 press release issued…

'Havex' malware strikes industrial sector via watering hole attacks

Second Triton/Trisis critical infrastructure attack spotted

A second attack against a critical infrastructure target has been launched using the Triton/Trisis custom attack framework. FireEye researchers were able to attribute a second attack to the Russian group it fingered as being behind the initial 2017 attack that hit a petrochemical plant in Saudi Arabia through its industrial control system. Although details such…

Iranian hackers targeting critical infrastructure

Dragos acquires NexDefense to bolster ICS defense capability

Dragos has acquired the industrial control system (ICS) visibility technology firm NexDefense and has announced the availability of a suite of tools for companies to assess their ICS security. No financial or organizational details on the deal were released. “This is a mainly a technology acquisition, however a majority of the engineering team is joining…

Protecting the Critical Infrastructure from cyber warfare

Cyber attacks are hard to prevent. A cyberattack against our nation’s critical infrastructure (CI) is especially hard to thwart and could have devastating consequences to our human existence. Most everyone is aware of the catastrophic risk the electrical grid faces from a cyberattack. To put it in perspective, a complete outage of the electrical grids…

Layering EMV chip, tokenization, encryption bolsters card payment security

Chip and PIN protections may fall short as future threats materialize

The protections that chip and PIN payment card solutions offer may fall short as cybercriminals begin installing command-and-control malware on infected EMV device readers, a new report warns. Cybercriminals could begin repurposing ATM EMV malware to attack retail environments by infecting point-of-sale (POS) machines (possibly via malicious USB drives) and then introducing an altered EMV…

Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests

The malware used to disrupt the global operations of Italian energy contractor Saipem S.p.A. earlier this week was none other than Shamoon, a disk wiper that’s been used in two prior attacks against Saudi interests. Saipem identified Shamoon as the culprit in a Dec. 12 news release that updated its previously vague disclosure of the incident.…

‘Sharpshooter’ cyberespionage campaign scopes out defense, critical infrastructure sectors

A global phishing campaign called Operation Sharpshooter was discovered using fake job recruitment documents to infect defense, government and critical infrastructure organizations with a malicious backdoor implant, presumably for cyber espionage purposes. The implant, nicknamed Rising Sun, was observed in least 87 impacted organizations over the course of October and November, McAfee Labs reported today…

Next post in Security News