Greenbone Networks revealed the findings of a research assessing critical infrastructure providers’ ability to operate during or in the wake of a cyberattack. The cyber resilience of critical infrastructures The research investigated the cyber resilience of organizations operating in the energy, finance, health, telecommunications, transport and water industries, located in the world’s five largest economies:…

While the economic and social fallout of the coronavirus captures virtually all federal, state and local policymaking resources, the US is quickly moving into a critical election season with election safety and security issues still unresolved. Yesterday, the House of Representatives voted overwhelmingly to pass the latest in a string of coronavirus-related bills, a $484…

The European cybersecurity market is determined to exceed $65 billion by 2025, according to Graphical Research. This growth is attributed to strong government initiatives to promote data safety and hefty investments in cybersecurity solutions. Industry sectors and cybersecurity The increasing cases of data breaches and cyber attacks on critical business infrastructure have driven several business…

Remember when, three years ago, several Mirai botnets hit DNS provider Dyn and caused part of the Internet to be unreachable for most users in North America and Europe? For a moment there it really seemed that IoT security would become an indisputable necessity. Unfortunately, that did not happen, and security professionals and consumers are…

The basics of cyber security are still not being practized regularly and new cyber security risks are emerging as more and more untested technologies are integrated within the critical infrastructures upon which society depends, according to Applied Risk. “We’re seeing rapid proliferation of new and untested technologies finding their way into Operational Technology (OT) that…

The Aurora Power Grid Vulnerability and the BlackEnergy Trojan

At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the US Department of Energy demonstrated the…

Rogue One — the best cybersecurity videotraining

Last year we analyzed an incident depicted in Star Wars: Episode IV. However, we got the feeling even back then that the security failures that led to the destruction of the Death Star were only the tip of the iceberg. The Empire’s problems with information systems security are clearly of a more galactic nature. Fortunately, researchers from Lucasfilm…

End the air gapping myth in critical infrastructure security

In an environment where we’re seeing increasing demand for connectivity between operational technology (OT) and IT, security teams have to dispel the air gapping myth to acknowledge that IT influences can exploit OT connections. The air gapping approach was used for a long time to prevent any impact on ICS systems. But it’s wishful thinking…