Critical Infrastructure
Critical Infrastructure | News, how-tos, features, reviews, and videos
![wireless network - industrial internet of things edge [IoT] - edge computing](https://images.idgesg.net/images/article/2017/09/wireless_network_iot_internet_of_things_edge_computing_data_analytics__industrial_management_thinkstock_824082860_3x2_1200x800-100736487-small.3x2.jpg?auto=webp&quality=85,70)
MITRE ATT&CK v11 adds ICS matrix, sub-techniques for mobile threats
The latest version of the MITRE ATT&CK Framework addresses two of the most pressing threat-actor targets: mobile devices and industrial control systems.
After foiled Sandworm attack, US critical infrastructure should stand guard
Russian attack on Ukrainian power company likely just the beginning.
Rare and dangerous Incontroller malware targets ICS operations
A coalition of U.S. government agencies, security researchers, and companies warn about this new malware that can gain complete access to ICS and SCADA systems.
Ukraine energy facility hit by two waves of cyberattacks from Russia’s Sandworm group
Sandworm succeeded in planting a new version of the Industroyer malware to disrupt ICS infrastructure at multiple levels, but was thwarted from doing serious damage.
CISA, FBI, DOE issue cybersecurity advisory on Russian attacks against global energy sector
The advisory outlines two intrusion campaigns against U.S. and international energy sector organizations and warns of persistent threats posed by Russian cyber operations.
US charges Russian government agents for cyberattacks on critical infrastructure
Two sets of attacks used Triton and Havex malware to infiltrate industrial control systems at energy organizations in the US and abroad.
States step up cybersecurity efforts as threats increase
Spurred by recent attacks, some U.S. states are taking action and allocating funds to boost their defenses against cyber threats.
Fortress creates center for security information on energy suppliers
Vendor library offers means to bolster supply-chain security through data sharing and communication.
Cyber incident reporting measures approved in the omnibus spending bill
Critical infrastructure entities and federal agencies will have to report significant cyber incidents to CISA within 72 hours and ransomware attacks within 24 hours under legislation passed by the House that will likely become law.
Ransomware is top attack vector on critical infrastructure
An annual review from Dragos finds much improvement needed to protect industrial systems. More regulation is possible if they don't.
Russia’s offensive cyber actions should be a cause for concern for CISOs
Recent cyber attacks against Western entities operating in Ukraine aim to disrupt or conduct espionage. CISOs should be wary of such attacks expanding beyond the Ukrainian border.
Delta CISO Debbie Wheeler: Security can’t be seen as a competitive advantage
With the complexity and criticality of security in the aviation industry, Wheeler warns against viewing security as a competitive advantage. Instead, she says, a more collaborative approach is required.
DHS creates Cyber Safety Review Board to review significant cybersecurity incidents
The CSRB will advise the President and Department of Homeland Security director, as well as review major security events starting with the Log4j exploits.
SEC eyes more expansive cybersecurity requirements
New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.
Biden memo aims to bolster cybersecurity in national security systems
A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.
U.S. Cyber Command’s actions against ransomware draw support and criticism
The actions, which temporarily took down REvil, raise questions about using the military to combat ransomware.
6 key points of the new CISA/NSA 5G cloud security guidance
The security guidance focuses on zero-trust concepts as the US agencies anticipate growth of 5G networks.