You are here

Home » Cybersecurity

Cybersecurity

How Can an ISAC Improve Cybersecurity and Resilience?

An article from IBM describes information sharing and analysis centers (ISAC) (specifically identifying WaterISAC among a selection of ISACs) and how they can contribute to improving the cybersecurity of an organization. The article emphasizes that joining an ISAC allows organizations to share knowledge about incidents and threats, increase their maturity levels, network and develop contacts, and join forces with others in their sector or area.

U.S. Intelligence Chief Lays Out Threats to U.S. Infrastructure, Efforts to Protect It

On July 13, 2018, U.S. Director of National Intelligence Dan Coats stated that the U.S.’s digital infrastructure is under constant attack from foreign entities including China, Iran and North Korea, but he singled out Russia as the “most aggressive” one, highlighting the country’s reported efforts to use hacking and information campaigns to influence U.S. elections. But Coats also warned against having tunnel vision focused on the elections, noting that foreign actors continually target other aspects of U.S. critical infrastructure.

More Questions than Answers Regarding Ukrainian Chlorine Facility Incident Affected by VPNFilter Malware

ICS cybersecurity firm Dragos offers notes to consider regarding last weeks’ report of the Ukrainian chlorine facility incident (reported by WaterISAC on Thursday, July 12), most notably on-going questions regarding the role VPNFilter malware, as reported, played in the event.

Collaboration Efforts Promote Secure-By-Design Standards for Industrial Connected Devices

Automation.com recently reached out to Eaton on the status of a strategic partnership they entered with Underwriters Laboratories (UL) in February 2018, to advance cybersecurity for power management technologies, and help establish measurable cybersecurity standards for network-connected power management products and systems. The first fruits of their labor include a research and testing facility where Eaton’s products are tested in a specialized lab for compliance with industry cybersecurity requirements before they are installed in critical systems.

Chlorine Facility for Drinking Water and Sewage Treatment Targeted by Russia, Alleges Ukraine

The Security Service of Ukraine, or SBU, claims to have stopped a Russian cyber attack on a Ukrainian facility that provides chlorine for drinking water and sewage treatment. In its allegation, the SBU indicates the attack involved the VPNFilter malware (reported on by WaterISAC initially in late May – read more here) and was intended to disrupt operations.

Schweitzer Engineering Laboratories, Inc. Compass and AcSELerator Architect (ICSA-18-191-02) – Products Used in the Energy Sector

The NCCIC has released an advisory on incorrect default permissions, XXE, and resource exhaustion vulnerabilities in Schweitzer Engineering Laboratories, Inc. Compass and AcSELerator Architect. Compass Version 3.0.5.1 and prior and AcSELerator Architect Version 2.2.24.0 and prior are affected. Successful exploitation of these vulnerabilities could allow modification/replacement of files within the Compass installation directory, disclosure of information, or denial of service. Schweitzer Engineering Laboratories recommends users upgrade to the latest release of both products.

Pages

Subscribe to Cybersecurity