Cybersecurity

White House Report – Roadmap to Enhancing Internet Routing Security

The Office of the National Cyber Director released a report Tuesday, “Roadmap to Enhancing Internet Routing Security,” designed to help fortify a vulnerable element of the internet known as Border Gateway Protocol (BGP). Administration officials have cautioned that certain technical rules for internet data routing, which is BGP, are vulnerable to hackers, and that the United States is not adequately prepared to safeguard against it.

Read more about White House Report – Roadmap to Enhancing Internet Routing Security

Threat Awareness – Surge in Password Reset Attacks Fuels Fraud and Account Takeovers

A recent report from LexisNexis Risk Solutions reveals a concerning trend in password attacks, highlighting that as many as one in four password reset attempts via desktop browsers are fraudulent. Researchers identified approximately 70,000 weekly password reset attacks in the UK, a significant escalation attributed to "detail change" attacks, which surged by 232% in 2023.

Read more about Threat Awareness – Surge in Password Reset Attacks Fuels Fraud and Account Takeovers

Cyber Resilience – Michigan’s EGLE Launches Cybersecurity Plan for Water Treatment Operators

On Tuesday, the Michigan Department of Environment, Great Lakes, and Energy (EGLE) unveiled an initiative aimed at enhancing cybersecurity preparedness for drinking water and wastewater treatment operators throughout Michigan. This initiative intends to establish a comprehensive strategy that bolsters operators' resilience against both online and offline threats.

Read more about Cyber Resilience – Michigan’s EGLE Launches Cybersecurity Plan for Water Treatment Operators

Awareness - WaterISAC, EPA Featured in Recent Article

In a recent publication, GovTech magazine emphasized the cybersecurity threats facing critical infrastructure. One of the focuses of the article was water and wastewater systems.

Read more about Awareness - WaterISAC, EPA Featured in Recent Article

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 5, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 5, 2024

Supplemental Cyber Highlights – September 3, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – September 3, 2024

Ransomware Awareness – New Ransomware Group “Cicada3301” Surfaces with Connections to ALPHV Network

Security researchers have identified a new ransomware group named "Cicada3301," linked to the ALPHV/BlackCat variant and the Brutus botnet. Cicada3301 has been observed targeting VMware ESXi environments, aiming to disrupt virtual machines by shutting them down, deleting snapshots, and encrypting data. The group's first data leak site post appeared on June 25, followed by an invitation for new affiliates to join on the cybercrime forum Ramp. WaterISAC is sharing for broader awareness of threat actor groups and tactics.

Read more about Ransomware Awareness – New Ransomware Group “Cicada3301” Surfaces with Connections to ALPHV Network

Ransomware Resilience – The Always Shifting Ransomware Landscape

Given the constantly evolving nature of the ransomware landscape, it is essential to keep abreast of the latest trends and tactics employed by threat actors. Recent observations such as adapting cybercriminal operations to increased competition, shifting criminal structures in light of law enforcement action, as well as lack of trust among ransomware affiliates highlight the ever-changing nature of this growing threat.

The following five recently observed developments within the ransomware landscape underscore some of the current notable shifts within the ecosystem:

Read more about Ransomware Resilience – The Always Shifting Ransomware Landscape

Cyber Resilience – CISA Releases New Incident Reporting Portal

CISA has announced the transition of its cyber incident reporting form to a new CISA Services Portal, aimed at enhancing the reporting process. WaterISAC joins CISA in reminding members of the importance of reporting incidents as it benefits not only their utility but the entire sector and wider community as a whole.

Read more about Cyber Resilience – CISA Releases New Incident Reporting Portal

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 3, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 3, 2024

You are here

Cybersecurity

White House Report – Roadmap to Enhancing Internet Routing Security

Threat Awareness – Surge in Password Reset Attacks Fuels Fraud and Account Takeovers

Cyber Resilience – Michigan’s EGLE Launches Cybersecurity Plan for Water Treatment Operators

Awareness - WaterISAC, EPA Featured in Recent Article

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 5, 2024

Supplemental Cyber Highlights – September 3, 2024

Ransomware Awareness – New Ransomware Group “Cicada3301” Surfaces with Connections to ALPHV Network

Ransomware Resilience – The Always Shifting Ransomware Landscape

Cyber Resilience – CISA Releases New Incident Reporting Portal

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 3, 2024

Pages

You are here

Cybersecurity

Pages

Footer Email Signup