Cybersecurity

When ransomware strikes a company, it is easy for pundits to say, “don’t pay the ransom.” But in reality, that is not always a practical choice. If you have not been impacted by ransomware yet, you are fortunate. Furthermore, if you think you know what you will do when you are (and even if you don’t know), you might want to read this recent post by Mailguard. The article includes a quick timeline of events regarding the WastedLocker ransomware attack on Garmin last month and thoughts on navigating the critical quandary to pay or not to pay.

With vulnerability management being a pillar of every successful cyber risk management strategy, the latest report by industrial cybersecurity firm Claroty provides material evidence for member utilities challenged with prioritizing cybersecurity in the OT environment. According to findings in the Claroty Biannual ICS Risk & Vulnerability Report: 1H 2020, the water and wastewater sector falls just below energy and critical manufacturing for the critical infrastructure sectors most affected by vulnerabilities published in ICS-CERT advisories.

In Day 4 of its Mobility Month mini series, Control Global shares the experience of John D’Aoust, water treatment plant manager, City of Haverhill, Massachusetts. D’Aoust outlines how his 10-member staff is prepared to operate with just one onsite staffer. “If you put the proper plans in place and have the right hardware to enable the necessary security, you can do this safely and securely,” adds D’Aoust, who says his team is prepared if fully remote monitoring is ever required.

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have jointly released a comprehensive technical advisory on previously undisclosed Linux malware they are attributing to Russian advanced persistent threat (APT) actors. The malware, dubbed Drovorub, is being associated to APT28/Fancy Bear, a Russian group notoriously known for the 2016 Democratic National Committee attacks.