During the coming transition from stay-at-home to “Opening up America Again,” we must keep our staff aware of the cyber threats that will continue to plague us. When coronavirus guidelines begin relaxing, threat actors will not. Miscreants will persist in their campaigns and it is important to remind employees to not let their guard down.
Advanced ICS-specific malware is limited to just a few samples such as TRISIS/TRITON, Stuxnet, CRASHOVERRIDE/Industroyer, and BlackEnergy2; however, countless reports and observations demonstrate commodity malware has been increasingly impacting industrial operations. ICS cybersecurity firm Dragos has identified an increase in malware infections at industrial companies globally throughout 2019 and the beginning of 2020. Notably, the LockerGoga, Emotet, and Ryuk infections of 2019 support this trend with their potential to create operational disruption.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an Alert that updates a previous alert, Continued Exploitation of Pulse Secure VPN Vulnerability (published on January 10), which advised organizations to immediately patch CVE-2019-11510 – an arbitrary file reading vulnerability affecting Pulse Secure virtual private network (VPN) appliances.
According to a Pew Research Center survey conducted from March 3 to 29, Americans identified the spread of infectious diseases as the greatest international threat. Nearly all U.S. adults surveyed (98 percent) say this is at least a minor threat, with roughly eight-in-ten (79 percent) naming outbreaks of disease as a major threat to the country. While this may not be too surprising given the ongoing situation with COVID-19, the current data puts diseases 27 percentage points higher than the level of concern that was assessed in the midst of the West Africa Ebola outbreak in 2014.
Infrastructure is being adapted and secured to support social distancing as staff work from home and essential on-site shifts are restructured to skeleton crews. The current worldwide health pandemic has forced nearly every organization to enact some sort of business continuity plan, whether they had one or not. Likewise, tested plans are being validated with actual experience. Whether an organization had a remote workforce policy in place or not, now is the time to pay it due attention, including the cybersecurity aspect.
While staff may more or less be adjusting to their new remote work environment, statistics indicate they are still being inundated with phishing and other suspicious cyber attack attempts. Given heightened environmental distractions and other challenges with working remotely, it is important during this time that we keep security awareness and cyber hygiene reminders forefront in our users minds. Mail security firm MailGuard answers six important questions about working remotely and cybersecurity.
While coronavirus-related news and information are still rampant, it is reasonable to expect many people have settled into a relative current normal and are not micro-checking every story or statistic that is published. That said, there are still significant advisories, updates, and developments that are prudent to maintain situational awareness from authoritative and vetted sources. WaterISAC continues striving to curate the most relevant updates so you don’t have to. Today, we bring you COVID-19 Key Developments from risk intelligence organization Flashpoint.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an alert intended to serve as a comprehensive resource on the North Korean cyber threat. The U.S. Departments of State and the Treasury and the FBI also contributed to this product. Although much of the malicious activity described in the alert is targeted against the financial sector, the alert reminds its audience that North Korea has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure.
Oracle has released its Critical Patch Update for April 2020 to address 397 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA) encourages users and administrators to review the Oracle April 2020 Critical Patch Update and apply the necessary updates.
April 14, 2020
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain escalation of privileges. CISA encourages users and administrators to review the following Intel advisories and apply the necessary updates or workarounds. Read the advisory at CISA.
March 10, 2020
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
