US DHS, CISA, along with authoring organizations, assess pro-Russia hacktivist groups are conducting less sophisticated, lower-impact attacks against critical infrastructure entities, compared to advanced persistent threat (APT) groups. These attacks use minimally secured, internet-facing virtual network computing (VNC) connections to infiltrate (or gain access to) OT control devices within critical infrastructure systems. Pro-Russia hacktivist groups: Cyber Army of Russia Reborn (CARR), Z-Pen
scada (10)
The Colonial Pipeline ransomware infection has become a cautionary story about how ‘borking’ critical infrastructure can cause real-world pain, with fuel shortages leading to long lines and fistfights breaking out at gas stations. Or as Jen Easterly, boss of the US Cybersecurity and Infrastructure Security Agency, warned Congress recently, "Societal panic and chaos."
The CISA Director and other security and law enforcement chiefs stressed the reality in which nation-states operating against Ame
Hackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week. "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o
The Fortinet 2023 State of Operational Technology and Cybersecurity Report is their fifth annual study based on data from an in-depth worldwide survey of 570 OT professionals conducted by a respected third-party research company.
Protecting OT systems is now more critical than ever as more organizations connect their OT environments to the internet. Although IT/OT convergence has many benefits, it is being hampered and handicapped by advanced and destructive cyberthreats. The spillover of these
Emerging technology in the maritime arena is being used for tracking emissions, avoiding collisions and route planning, but lawyers are circling the technology, a recent seminar reported. The rapid expansion of artificial intelligence (AI) faces major stumbling blocks in shipping, where more than 80% of large vessels barely have enough communications capacity to send an email, a seminar heard on 19 September.
The use of problem-solving AI has the potential to cut costs in the coming decades, bu
Hackers attacked the national power grid of an unspecified Asian country earlier this year using malware typically deployed by personnel connected to China’s government, researchers said last week. Cybersecurity company Symantec declined to attribute the incident to China but pointed to a group it tracks as RedFly. The group compromised the network for as long as six months, stealing credentials and targeting multiple computers, the researchers said.
The malware, known as ShadowPad, also has b
Five vulnerabilities, two deemed critical, have been found in the Terrestrial Trunked Radio (TETRA) standard. TETRA is the most widely used police radio communication system outside the US. It is used by fire and ambulance services, transportation agencies, utilities, military, border control, and customs agencies in more than 100 nations globally and by the UN and NATO.
The vulnerabilities were discovered by cybersecurity firm Midnight Blue (Amsterdam, Netherlands) with funding from NLnet as
The Sandworm Group, a Russian based APT, which recently made headlines after their botnet of machines infected with Cyclops Blink malware, was taken down by the US Department of Justice, has been busy crafting attacks targeting the Ukrainian power grid. The Computer Emergency Response Team of Ukraine (CERT-UA), had to step in and take action to thwart the attack on the country’s energy facilities. Blame for the attack has been placed on Sandworm in support of Russian military actions in Easter
Electricity, oil and gas and other critical infrastructure vital to any country’s day to day lives is increasingly at risk from cyber-attackers who know that successfully compromising industrial control systems (ICS) and operational technology (OT) can enable them to disrupt or tamper with vital services. A report from cybersecurity company Dragos[1] details ten different hacking operations which are known to have actively targeted industrial systems in North America and Europe and its warned t
The electric grid is so important to any country’s national security and thus the high importance of keeping the electricity flowing. Even an outage of only a few minutes can wreak havoc on any residence or business. Cyber attackers responsible for distributing LookBack malware are targeting US utility providers with a new threat called “FlowCloud.” The FlowCloud modular remote-access trojan (RAT) has similarities and connections to the LookBack malware. The LookBack at its core is a remote
