Critical Infrastructure | SC Media

Critical Infrastructure

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms

Fed report castigates U.S. ability to fend off a cyberattack, suggests major reforms The Cyberspace Solarium Commission issued a 182-page report stating the United States in dangerously insecure when it comes to defending itself from a cyberattack and offered a litany of recommendations to shore up the nation’s defenses. The Commission, headed by Sens. Angus…

Experiment shows how often hackers want to attack critical infrastructure

CISA warns critical infrastructure sectors after successful ransomware attack on pipeline operator

The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational…

Report ties Ekans/Snake ransomware to Megacortex, emphasizes ICS threat

A new threat intelligence report has underscored the serious threat posed by the recently discovered Snake ransomware, which not only encrypts files, but can disrupt certain industrial controls systems processes. ICS security firm Dragos issued the blog post report yesterday after initially sharing it privately with its clientele back in mid-January. Dragos refers to ransomware…

PupyRAT found sniffing around EU energy concern

A command and control server used by the Iranian-associate group PupyRAT has been found communicating with the mail server of a European energy sector organization for the last several months. Recorded Future’s Insikt Group reported PupyRAT, a remote access trojan, had been chatting with the command and control server from November 2019 until about January…

Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…

No immediate cyberthreat seen over Soleimani killing, but preparation is key

The most recent military portion or the United States’ on-going confrontation with Iran appears to be completed, but chatter is being detected among Iran’s supporters indicating anger over recent events, but none indicate an immediate threat. However, that does not mean government agencies, companies and others who may find themselves in Iran’s crosshairs should be…

leaking faucet

3,000 affected by Fort Worth water utility data breach

The Fort Worth, Texas Water Department is notifying about 3,000 customers that their payment information may have been exposed during a data breach. The utility reported that payments made between August 27, 2019 and October 23, 2019 were included in the breach and the content exposed included cardholder’s name, credit card billing address, credit card…

Pemex claims victory over cyberattack; $4.9 million ransom reportedly demanded

The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to…

Imaginative attack scenarios elicit intrigue at NYU’s CSAW cyber event

Using AI to create artificial fingerprints that can unlock strangers’ phones… abusing electric vehicle charging stations to overwhelm the power grid… exploiting 3D printer technology to execute an all-new form of supply chain attack… These may have once sounded like far-flung ideas, but top cyber minds at New York University have been actively exploring such…

Next post in Research