You are here

Home » Cybersecurity

Cybersecurity

Cyber Hygiene – World Backup Day

Today is World Backup Day and in honor of this celebration WaterISAC is reminding all members of the importance of keeping multiple secure backups to ensure the security and resilience of their data and technical operations. One of the most efficient methods for backing up your data is the “3-2-1” approach. The first part entails maintaining three separate copies of the data, one is the original version and the other two serve as backups. Second, two backup copies should be stored on different types of media, such as an external thumb drive, tape drive, or cloud infrastructure.

FBI PIN: Ransomware Attacks Straining Local US Governments and Public Services

The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that ransomware attacks are straining local U.S. governments and public services. The FBI has been tracking cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Based on victim incident reporting, the Government Facilities Sector (GSF) was the second highest victimized sector of ransomware attacks, between January and December 2021.

SpringShell (“Spring4Shell”) – What it is and What it is Not (from what we know so far)

Over the past couple of days a developing situation regarding a remote code execution (RCE) vulnerability in Java’s Spring Framework has been surrounded with hype and rumors. Given the confusion, here are a few points and resources to explain.

Despite the seemingly sensationalized and similar nickname, until more is known, this vulnerability is not assessed to be as serious as “log4shell.” However, given this is an RCE vulnerability, utilities are encouraged to have their system administrators review available information and assess impact within your environment.

Joint Cybersecurity Advisory on Energy Sector ICS Targeting by Russian State-Sponsored Actors, Including TRISIS/TRITON Malware

In response to unsealed indictments by the Department of Justice, federal agencies have published multiple reports regarding Russian state-sponsored cyber activity. Given the current threat climate, it is prudent to pay specific attention to activity reports that CISA and other federal partners publish, as they may be representative of identifiable cyber activity.

FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report

The FBI’s Internet Crime Complaint Center (IC3) published its 2021 Internet Crime Report. The project draws data from 847,376 complaints of suspected internet crime reported to the FBI. Reports in 2021 represent a 7 percent increase in complaints from the 2020 report with reported losses exceeding $6.9 billion. The top three cyber crimes reported by victims in 2021 were phishing scams, non-payment/non-delivery scams, and personal data breaches. Victims lost the most money to business email compromise scams and investment fraud.

Pages

Subscribe to Cybersecurity