You are here

Home » Cybersecurity

Cybersecurity

CISA FY2019 Risk Vulnerability Assessment Infographic

The U.S. Department of Homeland Security Cybersecurity and Information Security Agency (CISA) has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework. The infographic identifies routinely successful attack paths CISA observed during RVAs conducted across multiple sectors. Cyber attackers can use these attack paths to compromise organizations.

DHS Homeland Threat Assessment, October 2020

Today the U.S. Department of Homeland Security (DHS) released Homeland Threat Assessment, an unclassified document that provides information into the department’s current threat priorities. The document includes only one reference to water but many references to critical infrastructure security generally, particularly with respect to cybersecurity. The report noted that Russia, China and North Korea have varying abilities to conduct cyber attacks against critical infrastructure.

WaterISAC’s ‘15 Cybersecurity FUNdamentals Awareness Month’ (15CFAM) – Having FUN Assessing Risks

Welcome back to our homage to National Cybersecurity Awareness Month (NCSAM) with the WaterISAC ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM) where we walk through WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities. Today we are touching on risk assessments.

CISA Alert: Emotet Malware

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published an alert on the Emotet malware. In the alert, CISA states that since August there has been a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. It emphasizes that this increase has rendered Emotet one of the most prevalent ongoing threats.

Australian Cyber Security Centre Notes Increase in Ransomware Incidents

The Australian Cyber Security Centre (ACSC) has released a special report on ransomware, noting it has observed an increase in the number of these incidents affecting Australian organizations and individuals. Some of the most significant takeaways from the report include that most ransomware incidents occurred after other malicious activity has been conducted against an organization (e.g. phishing campaigns) and that all sectors and individuals with information of value are potential targets for cyber criminals seeking opportunities for financial gain.

Europol’s Annual Cyber Crime Report Discusses Effects of COVID-19 and Evolving and New Trends

Europol has just released its annual Internet Organised Crime Threat Assessment, in which it reports on the latest trends and current impacts of cyber crime within the European Union and beyond. The report emphasizes the impacts the COVID-19 has had on the cyber threat landscape. It notes that the pandemic demonstrated how cyber criminals take advantage of society when it’s most vulnerable, enhancing many existing cyber threats and challenges.

National Cybersecurity Awareness Month 2020, Week One – If You Connect It, Protect It

National Cybersecurity Awareness Month 2020’s Week 1 theme, “If You Connect It, Protect It” seems fitting this year. With widespread and persistent remote working, there is no telling how many home routers, wireless access points, mobile devices, gaming systems, toasters, coffeemakers, and baby monitors have unintentionally been connected to corporate networks. Left unsecured, these hostile foreign devices are not only vulnerable to a plethora of cyber threats, but they also have the potential to wreak havoc on enterprise networks, home networks, and the internet at large.

Security Incident Survey (July to September 2020)

In support of its mission to identify threats to the water and wastewater sector, WaterISAC is asking utilities to respond to its survey asking about incidents and suspicious activities they've experienced in the past quarter, from July 1 to September 30, 2020. WaterISAC will aggregate, anonymize*, and share with members the information collected from the survey in its next Quarterly Water Sector Incident Summary report. The response deadline is Friday, October 16, 2020.

Pages

Subscribe to Cybersecurity