The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Business email compromise (BEC) attacks cost organizations millions of dollars every year and there are no signs of them abating any time soon. In addition, executive level (C-suite) email accounts are witnessing significant numbers of attacks and their network privileges are making defensive measures more challenging. As such, there are a few simple cyber hygiene measures organizations can implement to protect themselves and mitigate further attacks. First, executives should receive role-based awareness training for recognizing suspicious emails.
A new advanced persistent threat (APT) actor, known as ChamelGang, has been observed targeting aviation and energy companies in Russia and government organizations in at least nine other countries. The threat actor has not been linked to any existing APT and its nationality is unknown. ChamelGang was first detected after it breached a Russian energy firm, which was followed by the APT’s identification by the cybersecurity company Positive Technologies (PT).
The Conti ransomware group has jumped on the bandwagon of recent threats made by similar groups about calling in the experts or otherwise publicly sharing information about ransomware attacks. Last week, the Conti ransomware group released a statement threatening to publish victims’ data if details or screenshots of ransomware negotiations are leaked to media or security researchers.
The Conti ransomware group is employing new techniques to cripple a victim’s backup software, according to a recent report from the cyber-risk prevention company Advanced Intelligence. The Conti ransomware gang has earned its spot as one of the more prolific ransomware groups for many of its advanced tactics, techniques, and procedures (TTPs), especially its propensity to destroy backups.
A prior post, ICS Preparedness/Resilience – More on Following NERC Guidance, Even Though it’s Not Required, discussed the benefits for water and wastewater utilities to voluntarily follow NERC CIP, especially given the cross-sector dependencies.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
We often train users about email-based phishing and common signs of an impersonated or fraudulent email address.
The COVID-19 pandemic and the resultant mass movement to remote work significantly accelerated the development toward a more distributed and fragmented network infrastructure. This paradigm reinforced the need to implement stricter security controls around user and device access.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
