The Cybersecurity and Infrastructure Security Agency created a new de-escalation series to help critical infrastructure owners and operators recognize, assess, de-escalate and report behaviors that raise concern.
Crystal Valley, a Minnesota-based farming cooperative, has been hit by a ransomware attack, causing them to shut down their IT systems and their daily operations to be severely interrupted.
Iowa-based grain cooperative NEW Cooperative Inc.was struck by BlackMatter ransomware recently and has shut down its computer systems as it tries to mitigate the attack. BlackMatter is demanding a $5.9 million ransom.
A single application may have hundreds of thousands of vulnerabilities. Increasingly, cybercriminals are targeting people just as much if not more than the systems that underlie an infrastructure, which is why the trusted insider conundrum is exacting renewed attention. In most instances, they represent a cheaper and more accessible conduit to achieve one’s objective. What’s to be done?
The 2021 Insider Threat Virtual Conference, hosted jointly by the Defense Counterintelligence Security Agency and the Office of the Under Secretary of Defense for Intelligence and Security, will bring together security professionals and policy makers across U.S. government and industry to kick off the National Insider Threat Awareness Month (NITAM) campaign. The theme for this year's conference and campaign is Cultural Awareness and Insider Threat.
BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156, with a CVSS score of 9. BadAlloc is a collection of 25 vulnerabilities affecting multiple RTOSs and supporting libraries of critical infrastructure organizations and other organizations developing, maintaining, supporting, or using affected QNX-based systems.
Four critical infrastructure organizations in a South East Asian country were targeted in an intelligence-gathering campaign that continued for several months, Symantec Threat Hunter Team has found. Among the organizations targeted were a water company, a power company, a communications company, and a defense organization, with evidence the attackers were interested in information about SCADA systems.
Secure and reliable utility operations are vital to national security across the globe. The frequency of attacks on critical infrastructure is rapidly rising, not just in the U.S., but across the globe. Here’s what security leaders can do to protect utilities.