You are here

Home » Cybersecurity

Cybersecurity

Dragos 2020 ICS Cybersecurity Year in Review

In case you haven’t seen it yet, Dragos published its 2020 ICS Cybersecurity Year in Review yesterday. This years' report has some cool interactive elements displayed as an executive summary. Based on extensive experience, assessments, and incident response insights, Dragos shares its observations, lessons learned, and recommendations in this annual data-driven analysis of Industrial Control System (ICS)/Operational Technology (OT) focused cyber threats and vulnerabilities.

In addition to several key findings and recommendations for ICS defenders, read the report for more on:

CISA Alert: Exploitation of Accellion File Transfer Appliance

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert about cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance, noting this activity has impacted organizations globally. According to the alert, the actors have attacked government entities at all levels (federal, state, local, and more) as well as private industry organizations, including those in the telecommunications and energy sectors. The alert contains technical details of the activity and a list of recommendations for organizations that use Accellion FTA.

OT/ICS Security – Going From A(ir Gap) to Z(ero Trust)

Zero trust has become a bit of a buzzword lately, especially since the disclosure of the SolarWinds incident. In addition, it’s possible that the concept of zero trust is thought of as applicable only to IT systems and may have industrial systems operators dismissing it. But as the air-gap continues to erode in favor or greater (remote) access to control systems, zero trust becomes essential.

ACSC Small Business Cybersecurity Guide

The Australian Cyber Security Centre (ACSC) has published a guide intended to help small businesses protect themselves from the most common cybersecurity incidents. It identifies and explains the most common types of cyber threats and what can be done to protect a business, with some examples being malicious software, automatic updates, and multi-factor authentication. It also includes a series of checklists, including on people and procedures, as well as a glossary of terms.

Aperture: A Claroty Podcast, Features WaterISAC to Discuss Oldsmar and Sector Cybersecurity

As the country continues discussing the cyber incident which occurred at the Oldsmar Florida Water Treatment Plant on February 5, 2021, it is important to continue highlighting the need for information sharing across the sector. Michael Mimoso, Aperture’s host and Claroty Editorial Director invited Water ISAC Managing Director Michael Arceneaux and Cyber Threat Analyst Jennifer Lyn Walker to discuss the incident, how it underscores the need for better information-sharing about incidents, and improved security hygiene inside critical infrastructure sectors such as water and wastewater.

DHS Emphasizes CISA’s Role in Announcing Steps to Improve Cybersecurity

Yesterday U.S. Department of Homeland Security (DHS) Secretary Alejandro Mayorkas announced a variety of steps he plans his department to take to further address cyber threats to the nation. Cybersecurity and Infrastructure Security Agency (CISA) will be responsible for or have a significant role in implementing many of these steps, some of which involve building on existing efforts.

FBI PIN: Telephony Denial of Service Attacks Can Disrupt Emergency Call Center Operations

The FBI has published a Private Industry Notification (PIN) to provide awareness regarding Telephony Denial of Service (TDoS) attacks, noting they can affect the availability and readiness of emergency call centers and undermine public trust in these services. The PIN further discusses the impacts these attacks can have on call centers and threat actors’ motives, which can include to advance political or social causes or to extort municipalities for financial gain.

CISA Alert: North Korean Cryptocurrency Malware “AppleJeus”

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to highlight the cyber threat to cryptocurrency posed by North Korea and provide mitigation recommendations. CISA refers to the malware and other activity by the North Korean government as “AppleJeus.” In a series of seven malware analysis reports (MARs), it provides full technical details of the malware and associated indicators of compromise. Access the alert and MARs at CISA.

Even the Basics are Critical for Critical Infrastructure

The dust (new details/disclosures) seems to be settling on the incident at the Oldsmar, Florida Water Treatment Plant that occurred on February 5, 2021. If you haven’t already, now is a good time to assess that your utility is not as vulnerable to the same basic cybersecurity shortcomings that reportedly contributed to the incident and/or have been identified during the investigation.

Security Tips for Social Media and Social Networking Apps

The Australian Cyber Security Centre (ACSC) has posted advice on secure usage of social media and social networking or messaging apps, underscoring that both can pose a number of security and privacy risks to organizations and individuals when used in an inappropriate or unsafe manner. It also observes that social networking or messaging apps are a common way for an adversary to gather information on organizations and their employees, projects, and systems.

Pages

Subscribe to Cybersecurity