Cybersecurity

SANS 2024 State of ICS/OT Cybersecurity Report Finds Incident Response Plan Gaps, Increased Cloud Use

SANS has released its 2024 State of ICS/OT Cybersecurity report, which offers key insights and benchmarks for industrial cybersecurity programs worldwide through a survey of 530 professionals. Based on inputs from cyber professionals across multiple critical infrastructure sectors, it provides actionable guidance as to how organizations can manage industrial cyber risk effectively.

Key insights from the report include:

Read more about SANS 2024 State of ICS/OT Cybersecurity Report Finds Incident Response Plan Gaps, Increased Cloud Use

Hacktivist Targeting of Small Texas Utility Demonstrates Interest in Less-Secure OT Networks

CSO Online has published an article revealing details on a recent ICS/OT-related cyberattack targeting the water system of Stanton, Texas. Despite only serving a population of 2,700, Russia-linked hacktivists still breached the utility’s network in order to access a human-machine interface (HMI) and manipulate its settings. Due to the threat actor’s inexperience, they were only capable of randomly changing settings, resulting in the loss of some untreated water. However, a more sophisticated state adversary with the same level of access could cause more significant damage.

Read more about Hacktivist Targeting of Small Texas Utility Demonstrates Interest in Less-Secure OT Networks

Supplemental Cyber Highlights – October 17, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience & OT Vulnerability Management

Read more about Supplemental Cyber Highlights – October 17, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 17, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 17, 2024

Threat Awareness – Phishing Tactics Observed Evading Cybersecurity Tools

Threat actors have recently been observed deploying tactics that evade cybersecurity phishing defenses, namely Natural Language Processing (NLP) detection methods. NLP involves analyzing the language used in emails or other text to identify patterns or phrases that may indicate spam or phishing attempts. It has gotten more advanced and effective as AI technology has advanced in recent years. NLP methods are similar to behavioral analysis tools, which go beyond regular anti-virus methods for detecting threats by looking for adverse patterns or anomalies.

Read more about Threat Awareness – Phishing Tactics Observed Evading Cybersecurity Tools

CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment

Yesterday, CISA and the FBI released joint guidance on Product Security Bad Practices, giving an overview of exceptionally risky product security practices for software manufacturers who produce software in support of critical infrastructure or national critical functions.

Read more about CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment

Joint Advisory – Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Yesterday, CISA and other federal and international partners released a joint Cybersecurity Advisory (CSA) “Iranian Cyber Actors' Brute Force and Credential Access Activity Compromise Critical Infrastructure.” The advisory highlights known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian cyber threat actors to disrupt organizations across critical infrastructure sectors.

Read more about Joint Advisory – Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Incident Awareness – Major Water Utility Experiences Cyber Attack (Update - October 15, 2024)

October 15, 2024

Read more about Incident Awareness – Major Water Utility Experiences Cyber Attack (Update - October 15, 2024)

Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation

Last week, the NSA, FBI, and other federal and international partners issued a joint Cybersecurity Advisory (CSA) “Update on SVR Cyber Operations and Vulnerability Exploitation”. The joint CSA warns of ongoing Russian Federation Foreign Intelligence Service (SVR) cyber threats, highlighting how SVR actors are currently exploiting a set of software vulnerabilities and have intentions to exploit additional vulnerabilities.

Read more about Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation

Supplemental Cyber Highlights – October 15, 2024

Critical Infrastructure Resilience & OT/ICS Vulnerability Management

Read more about Supplemental Cyber Highlights – October 15, 2024

You are here

Cybersecurity

SANS 2024 State of ICS/OT Cybersecurity Report Finds Incident Response Plan Gaps, Increased Cloud Use

Hacktivist Targeting of Small Texas Utility Demonstrates Interest in Less-Secure OT Networks

Supplemental Cyber Highlights – October 17, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 17, 2024

Threat Awareness – Phishing Tactics Observed Evading Cybersecurity Tools

CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment

Joint Advisory – Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Incident Awareness – Major Water Utility Experiences Cyber Attack (Update - October 15, 2024)

Joint Cybersecurity Advisory – Update on SVR Cyber Operations and Vulnerability Exploitation

Supplemental Cyber Highlights – October 15, 2024

Pages

You are here

Cybersecurity

Pages

Footer Email Signup