Critical Infrastructure | SC Media Critical Infrastructure

Critical Infrastructure

Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…

No immediate cyberthreat seen over Soleimani killing, but preparation is key

The most recent military portion or the United States’ on-going confrontation with Iran appears to be completed, but chatter is being detected among Iran’s supporters indicating anger over recent events, but none indicate an immediate threat. However, that does not mean government agencies, companies and others who may find themselves in Iran’s crosshairs should be…

leaking faucet

3,000 affected by Fort Worth water utility data breach

The Fort Worth, Texas Water Department is notifying about 3,000 customers that their payment information may have been exposed during a data breach. The utility reported that payments made between August 27, 2019 and October 23, 2019 were included in the breach and the content exposed included cardholder’s name, credit card billing address, credit card…

Pemex claims victory over cyberattack; $4.9 million ransom reportedly demanded

The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to…

Imaginative attack scenarios elicit intrigue at NYU’s CSAW cyber event

Using AI to create artificial fingerprints that can unlock strangers’ phones… abusing electric vehicle charging stations to overwhelm the power grid… exploiting 3D printer technology to execute an all-new form of supply chain attack… These may have once sounded like far-flung ideas, but top cyber minds at New York University have been actively exploring such…

Indian gov’t confirms cyberattack on nuclear plant

Indian government officials last week confirmed that its Kudankulam nuclear power plant did come under cyberattack. The attack reported to Indian authorities on September 3 by threat analyst Pukhraj Singh on September, but the government did not confirm that the incident took place until last week. North Korea is the likely culprit, according to Avast,…

Energy company hit with DoS attack last spring identified as sPower

Utah-based wind and solar energy developer sPower has been identified as the utilities company that suffered a previously reported denial of service attack that disrupted its normal business activity last March 5. The cyberattack briefly cut off communications between sPower’s control centers and a dozen remote wind and solar farms that served as its power…

DefCon: You cannot 'cyberhijack' an airplane, but you can still create mischief

Feds to boost scrutiny of airliner cybersecurity vulnerabilities

The Department of Homeland Security, Pentagon and Department of Transportation plan to bolster an established program that investigates airliner cybersecurity vulnerabilities. The Wall Street Journal is reporting the program would run tests on actual airplanes to probe for weaknesses, much like was done several years ago when an older Boeing 757 was put to the…

Power plant Russia

Second phishing campaign featuring LookBack malware targets U.S. utilities

A malicious threat actor continued to target the U.S. utilities sector with LookBack malware last August, launching a new phishing campaign that targeted organizations with emails impersonating a certification test administrator. Discovered earlier this year by researchers at Proofpoint, LookBack includes a proxy mechanism and a remote access trojan module. In July, the attackers behind…

Next post in Security News