While there were not a lot of high-profile incidents, it was another busy week in ransomware, particularly in the evolution of tactics to coerce victims into paying, as we reported last week in Let Me Show you my Shocked Face for $1000, Alex.
Given the Abnormal Security’s Q3 Quarterly BEC Report shows that business email compromise (BEC) has recently grown in interest over the last quarter, and the energy/infrastructure industries have experienced a 93% increase in attacks, now is NOT the time to curtail your security awareness reminders on BEC and other impersonation-based scams.
WaterISAC members continue to needfully advance cybersecurity as a top business and operational priority, but that does not mean it is always easy. Therefore we continue to provide encouragement, reminders, and resources to help utilities stay on track. One such resource is a recent article posted in the Water & Wastes Digest.
What: New report from ratings agency Moody’s confirms larger, vertically integrated utilities more cyber resilient.
The U.S. Department of Energy (DOE) has announced a new program for operational technology security managers in the energy sector to engage with cyber and national security experts across the government. Named the “OT Defender Fellowship,” participants will spend one year in the program to gain a greater understanding of the adversaries’ strategies and how U.S. government cyber operators defend the nation.
In an homage to Alex Trebek, what is: Ransomware gangs not honoring ransom payments for stolen data? While this is not an entirely surprising development, it is a little confusing. It hasn’t been since the early days of ransomware attacks where amateur groups did not honor their “promise” to discontinue an attack or unlock files after payment. It’s been quite a few years since ransomware groups realized they needed to protect their credibility in order to profit.
It has been a bit of a whirlwind in ransomware this past week. Bits have been circulating about Ryuk reaping the rewards from its wreckage, a new strain detonating within an hour after gaining access to the network, and an indiscriminate sample with a version to infect Linux. BleepingComputer has those details and much more in its recent “The Week in Ransomware” series for November 6, 2020.
The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry partners recently published the Building A More Resilient ICT Supply Chain: Lessons Learned During The COVID-19 Pandemic report, which examines how the COVID-19 pandemic impacted the logistical supply chains of information and communication technology companies and provides recommendations to increase supply chain resilience.
November 5, 2020
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
