Two threat intelligence reports reveal substantial increases in the level of malicious cryptocurrency mining, reflecting that this activity is being a top tactic among cyber criminals. In its June 2018 Threats Report, McAfee noted its count of total coin miner malware rose by 629% in the first quarter of this year, accounting to nearly 3 million samples.
The NCCIC recently published Security Tip 18-002, Defending Against Illicit Cryptocurrency Mining Activity, which seeks to make aware its partners of the risks associated with cryptocurrencies and to help them avoid falling victim to cryptocurrency mining activity. This product describes crytpocurrency and cryptomining, explains the tactic of cryptojacking, and offers tips for how to protect systems and devices from this activity. These tips include checking systems privilege policies, uninstalling unused software, and creating and monitoring blacklists, among others.
Employees and contractors can become mere victims of a cyber attack. Often their actions are unintentional, but damaging nonetheless, when credentials are shared with others or stolen and used by attackers to illegally authenticate to valuable systems. Knowing how employees and contractors access your systems and the devices they use will help detect anomalous behavior attempting to impersonate these trusted relationships.
As industrial organizations embrace the Internet of Things (IoT), they must strike the proper balance between benefit and risk. SecurityWeek posts an article highlighting strategies to reduce the vulnerabilities inherent in Industrial IoT deployments from resulting in unintended consequences threatening safety and security. Having a robust asset management program is the first step and is foundational to protecting every network environment.
The NCCIC recently published Security Tip 18-001, Securing Network Infrastructure Devices, noting that this equipment constitutes an ideal target for malicious cyber actors. Moreover, the NCCIC submits that many of these devices are easy targets for attackers because they are not maintained at the same security level as general-purpose desktops and servers. This Security Tip aims to address this issue by providing users and network administrators with steps they can take to better secure their infrastructure.
The NCCIC has released an advisory on a stack-based buffer overflow vulnerability in Delta Electronics Delta Industrial Automation COMMGR. COMMGR Version 1.08 and prior are affected. Successful exploitation of this vulnerability may allow remote code execution, cause the application to crash, or cause a denial-of-service condition in the application server.
Undesirable habits of employees - including those of tele-workers, lack of physical document security, and inappropriate use of mobile devices are common factors contributing to the insider threat problem facing all organizations.
Understanding the organizational environment and addressing blind spots is foundational in achieving cybersecurity resilience in any system, IT or OT. Many organizations struggle with vulnerability management, and even more so with vendor/supply chain risk management, often sacrificing vendor risk completely. Threat actors will look for the weakest attack surface of an organization to exploit, which often exists through the supply chain.
According to the FBI Internet Crime Report, Business Email Compromise (BEC) and Email Account Compromise (EAC) are pervasive threats costing victims more than $676 million in 2017. These schemes are difficult to detect due to their convincing nature and high degree of tradecraft exhibited by threat actors.
Cyberscoop highlights a March 2018 Ponemon Institute global study sponsored by IBM Resilient on the importance of cyber resilience for a strong security posture.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
