Critical Infrastructure Protection

March 5,2021 — Not that many planes are taking off these days, but that didn’t stop the flight of passenger records from servers belonging to aviation tech supplier SITA after it was hit by a “cyberattack”.

In a public disclosure, the Swiss outfit confirmed it had last month fallen victim to a wide-ranging data security incident that ensnared passengers from some of the world’s largest airlines.

SITA told The Reg: Source: TheRegister

February 26, 2021 — Mafia-type organisations, often based in Eastern Europe, are likely to have been behind a recent wave of cyber attacks on French hospitals, rather than foreign powers, France’s Digital Technology Minister says.

“Concerning the hospitals, in all likelihood, it is not foreign powers, but rather mafia-type organisations — often situated in eastern countries but not just limited to there — who are looking for money,” minister Cedric O told France 2 television.

Source: ABC News

February 11, 2021, — unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also known as lye, a caustic chemical, as part of the water treatment process. Water treatment plant personnel immediately noticed the change in dosing amounts and corrected the issue before the SCADA system’s software detected the manipulation and alarmed due to the unauthorized change. Source: US CERT

January 10, 2021 — On Sunday, New Zealand’s central bank reported that it was responding with urgency to a “malicious” breach of one of its data systems.

The Reserve Bank of New Zealand (RBNZ) announced that a third-party file-sharing service used by the bank to share and store some sensitive information was illegally accessed.

RBNZ Governor Adrian Orr said the breach had been contained and the bank’s main functions “remain sound and operational.” Source: DW

Cyberattack on US Department of Energy a 'grave threat'

December 18, 2020 — (DW) The attack is part of the huge SolarWinds hack that has hit other government agency systems and critical infrastructure. The US cybersecurity agency has warned it poses a serious risk.

The US Department of Energy (DoE) said on Thursday it was responding to a cyber breach on its networks. The incident is part of a massive hack campaign that has struck at least two other US government agencies.

New Westminster: December 3, 2020 — TransLink’s CEO has now confirmed the system was targeted with a ransom attack.

In a statement Thursday, Kevin Desmond says “this attack included communications to TransLink through a printed message.”

He goes on to assure customers their credit card and payment information has not been accessed. Source: News1130

On November 13, 2020 — the European Union Agency for Cybersecurity (ENISA) released its Cybersecurity in Railways report at the joint ENISA and European Union Agency for Railways (ERA) webinar to bring awareness to the most pressing cybersecurity challenges facing Europe’s rail sector. The report identifies the current cybersecurity status and challenges, and provides an analysis of the sector’s regulatory context. According to the report, the sector needs enhanced cybersecurity measures to combat challenges and move ahead smoothly. Source: ESPC

October 26, 2020 — Hospitals and health care institutions preparing for a fall wave of coronavirus cases are bracing for more cyberattacks after hackers seeking to take advantage of the pandemic launched several successful attacks this year that severely disrupted patient services.

The attacks have been widespread around the world, hitting health care groups during the worst public health crisis in a century. Source: The Hill

Photo: IMO

London: October 1, 2020 (Reuters) – U.N. shipping agency the International Maritime Organization (IMO) said on Thursday its website and intranet had been disabled by a sophisticated cyber-attack and its IT specialists had shut down key systems to prevent further damage. Source: GCaptain

Houston: October 1, 2020 /PRNewswire/ — Jones Walker LLP today publicly released the findings of its 2020 Midstream Oil and Gas Cybersecurity Survey, examining cybersecurity preparedness in North America-based independent midstream oil and gas companies. The findings will be presented during a webinar hosted by the Institute for Energy Law at the Center for American and International Law today at 12:30 p.m. CT. Source: StreetInsider

Australia: September 24, 2020 — The Australian Cyber Security Centre (ACSC) is inviting organisations from the water and wastewater sectors to participate in a national, two-day cyber security exercise in August 2021 aimed to strengthen cyber security resilience. This invitation also extends to government agencies with a role in responding to cyber incidents affecting the sector.

The water and wastewater sector provides essential services for Australians. Source: ACSC

Australia: September 14, 2020 — Select federal government systems and networks will be classified critical infrastructure alongside nationally significant private sector systems, Home Affairs boss Mike Pezzullo has revealed.

Pezzullo confirmed during a webinar hosted by cyber security company CyberCX on Friday that planned changes to critical infrastructure laws will also extend to some government systems. Source: ITNews

Hong Kong, China: August 6, 2020  –  Trend Micro, the global leader in cloud security, today released research revealing a new class of security vulnerabilities in protocol gateway devices that could expose Industry 4.0 environments to critical attacks. Source: Media Outreach

Photo: The Hacker News

July 29, 2020 — Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS).

A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon’s eCatcher VPN client. Source: The Hacker News

July 24, 2020 – A cyber-attack on Spanish railway company Adif leveraged the REvil ransomware, it has been confirmed.

Adif, the Administrator of Railway Infrastructure, is a state-owned firm tasked with looking after rail infrastructure, managing rail traffic, and collecting fees from railway operators. Source: Port Swigger

July 23, 2020 — Over recent months, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure (CI) by exploiting internet-accessible operational technology (OT) assets.[1] Due to the increase in adversary capabilities and activity, the criticality to U.S. national security and way of life, and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign powers attempting to do harm to U.S. interests or retaliate for perceived U.S. aggression. Source: US CERT Alert

July 13, 2020 — The creation of a joint venture, named Middle East Cybersecurity, by Raytheon Technologies Corporation of the US and Saudi Aramco complies with EU Merger Regulation, the European Commission said on June 13. Source: New Europe

July, 2020 – Comprised of the moving parts that keep countries and their economies up and running, critical national infrastructure is a term to refer to any structure within the framework of society which is vital to our everyday lives, to our safety and to our country’s economy. Source: Cyberwatch Finland

10 July, 2020 – For a dedicated few, keeping Australia safe online starts in the early hours of the morning. That’s when the day shift starts for analysts in the Australian Cyber Security Centre’s 24/7 watch room. Source: ABC News