You are here

Home » Cybersecurity

Cybersecurity

Cyber Resiliency – National League of Cities Helping Municipalities Do More with Less

It’s no secret that small-medium cities, towns, and villages often struggle with cybersecurity despite their implementation of technology solutions. While not the first, nor the last, the incident that occurred in Oldsmar, Florida is a poignant example. Quite simply, cybersecurity is a cost of doing business or providing a critical service in today’s society that just can’t be ignored. Short of an apocalypse, the need for cybersecurity is not going away, regardless of funding and resource constraints.

FBI and CISA Advisory: APT Actors Exploiting FortiOS Vulnerabilities to Gain Initial Access for Future Attacks

Today the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a Cybersecurity Advisory stating that advanced persistent threat (APT) actors are engaged in activities to exploit Fortinet FortiOS vulnerabilities to gain initial access to government, commercial, and technology services networks for future attacks.

DHS Secretary’s Cybersecurity Vision Includes Addressing Ransomware, Industrial Control Systems, and On-the-Horizon Issues

On March 31, Secretary of Homeland Security Alejandro Mayorkas outlined his vision and roadmap for the Department’s cybersecurity efforts in a virtual address. He announced a series of 60-day cybersecurity “sprints” aimed at focusing DHS’s efforts on ransomware and industrial control systems, among other priorities. He called ransomware “a national security threat” and cited the incident at the water treatment plant in Oldsmar, Florida as a “powerful reminder” of the substantial risks to industrial control systems that need to be addressed.

ICS Cybersecurity Recommendations for Level 0 and Level 1 Devices

What seemed to begin as a friendly debate between industrial cybersecurity experts Joe Weiss and Dale Peterson, has resulted in a salient three-part series on security controls for Purdue Level 0 and Level 1 devices. While the need for security of Level 0 and Level 1 devices is not in question, some organizations understandably grapple with the priority of implementing proper controls to protect these crucial devices.

According to Dale, this three part article series can be summarized as follows:

Kaspersky Report on APT Attacks Against Industrial Organizations

Yesterday, Kaspersky ICS CERT released a report on advanced cyber threat groups they track targeting industrial organizations. While APT attacks do not represent the bulk of cyber threat activity against our industrial organizations, they do represent the highest consequence if successful. However, not all APT groups have advanced tradecraft with the capability to disrupt or destroy industrial assets. In other words, just because a group has targeted industrial organizations, does not mean they have advanced capabilities beyond IT-based network actions.

U.K. Releases New Tools Offering Cybersecurity Advice to Individuals and Small Businesses

The U.K.’s National Cyber Security Centre (NCSC) has launched new tools for individuals and small businesses to receive advice on improving their cybersecurity. The Cyber Action Plan, divided into one tool for individuals and families and another for small businesses, asks a series of questions on topics like passwords and two-factor authentication. It then presents a customized list of actions to help improve cybersecurity. The news of the tools’ release came on the same day the NCSC announced the results of a survey it had conducted of the British public.

Canada’s First Drone Strategy Prioritizes Understanding and Addressing Security Risks, including to Critical Infrastructure

Transport Canada has published Drone Strategy to 2025,the first document of its kind for the country that provides the government’s initial strategic vision for drones. It emphasizes that while drones are part of the future of transportation it is necessary to gain public trust and social acceptance for the technology to be a success. To earn these, the strategy acknowledges the importance of continuing to mitigate risks, including those posed by drones at critical infrastructure.

ODNI Group Guidance for U.S. Critical Infrastructure to Address Growing Insider Threats

The National Counterintelligence and Security Center (NCSC), a group within the Office of the Director of National Intelligence (ODNI), has issued Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective, a new publication aimed at helping U.S. critical infrastructure organizations understand and address the growing problem of insider threats. As the publication observes, concerns over insider threats have been exacerbated by geopolitical tensions – foreign adversaries have demonstrated their interest in U.S.

Claroty Research on Ovarro TBox RTUs and TWinSoft Engineering Software (products used in water/wastewater systems)

Industrial cybersecurity firm Claroty released its research regarding findings of vulnerabilities affecting Ovarro’s TBox remote terminal units (RTUs) and TWinSoft engineering software. ICS-CERT has published ICS Advisory ICSA-21-054-04. Claroty’s research highlights findings in implementations of Ovarro’s proprietary version of the Modbus protocol which allows for malicious code to be injected through the modification of an update package.

Pages

Subscribe to Cybersecurity