April 22, 2020
OpenSSL version 1.1.1g has been released to address a vulnerability affecting versions 1.1.1d–1.1.1f. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update. Read the advisory at CISA.
Most initial network compromises occur due to social engineering techniques such as phishing websites and malicious attachments.
The FBI’s Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams. Cyber criminals threaten to release sexually explicit photos or videos of victims unless they agree to send payment. The alert provides additional characteristics of these scams and offers a list of tips for protection.
CISA has published an advisory on an improper access control vulnerability in Inductive Automation Ignition 8 Gateway. Versions prior to 8.0.10 are affected. Successful exploitation of this vulnerability could allow an attacker to write endless log statements into the database, which could result in a denial-of-service condition. Inductive Automation recommends upgrading Ignition 8 Gateway to v8.0.10. If this isn’t possible, it recommends a series of workarounds. CISA also recommends a series of measures to mitigate the vulnerability.
Speaking in an online panel last week, FBI Deputy Assistant Director Tonya Ugoretz said the number of cyber crime reports received by the FBI’s Internet Crime Complaint Center (IC3) has quadrupled compared to months before the pandemic. "Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day. Not all of those are COVID-related, but a good number of those are,” said Ugoretz. She also described the kinds of activity that have been reported to the IC3. "They really run the gamut.
During the coming transition from stay-at-home to “Opening up America Again,” we must keep our staff aware of the cyber threats that will continue to plague us. When coronavirus guidelines begin relaxing, threat actors will not. Miscreants will persist in their campaigns and it is important to remind employees to not let their guard down.
Advanced ICS-specific malware is limited to just a few samples such as TRISIS/TRITON, Stuxnet, CRASHOVERRIDE/Industroyer, and BlackEnergy2; however, countless reports and observations demonstrate commodity malware has been increasingly impacting industrial operations. ICS cybersecurity firm Dragos has identified an increase in malware infections at industrial companies globally throughout 2019 and the beginning of 2020. Notably, the LockerGoga, Emotet, and Ryuk infections of 2019 support this trend with their potential to create operational disruption.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an Alert that updates a previous alert, Continued Exploitation of Pulse Secure VPN Vulnerability (published on January 10), which advised organizations to immediately patch CVE-2019-11510 – an arbitrary file reading vulnerability affecting Pulse Secure virtual private network (VPN) appliances.
According to a Pew Research Center survey conducted from March 3 to 29, Americans identified the spread of infectious diseases as the greatest international threat. Nearly all U.S. adults surveyed (98 percent) say this is at least a minor threat, with roughly eight-in-ten (79 percent) naming outbreaks of disease as a major threat to the country. While this may not be too surprising given the ongoing situation with COVID-19, the current data puts diseases 27 percentage points higher than the level of concern that was assessed in the midst of the West Africa Ebola outbreak in 2014.
Infrastructure is being adapted and secured to support social distancing as staff work from home and essential on-site shifts are restructured to skeleton crews. The current worldwide health pandemic has forced nearly every organization to enact some sort of business continuity plan, whether they had one or not. Likewise, tested plans are being validated with actual experience. Whether an organization had a remote workforce policy in place or not, now is the time to pay it due attention, including the cybersecurity aspect.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
