infrastructure – Page 3 – CyberSecurity Confabulation

Industrial Control System Malware Discovered

Posted 3 years ago by Bruce Schneier

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. There’s also no indication of how the malware was discovered. It seems not to have been used yet.

More information. News article.

How Does Cybersecurity Impact Environmental Services and Infrastructure?

Posted 3 years ago by Tripwire Guest Authors

Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity. Despite how different they may seem, these two topics are intertwined. If environmental services and infrastructure don’t embrace better security, the consequences could be severe. If organizations hope to make a positive environmental […]… Read More

The post How Does Cybersecurity Impact Environmental Services and Infrastructure? appeared first on The State of Security.

White House Warns of Possible Russian Cyberattacks

Posted 3 years ago by Bruce Schneier

News:

The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion.

[…]

Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors. But there’s been no sign so far of major disruptive hacks against U.S. targets even as the government has imposed increasingly harsh sanctions that have battered the Russian economy.

The public alert followed classified briefings government officials conducted last week for more than 100 companies in sectors at the highest risk of Russian hacks, Neuberger said. The briefing was prompted by “preparatory activity” by Russian hackers, she said.
U.S. analysts have detected scanning of some critical sectors’ computers by Russian government actors and other preparatory work, one U.S. official told my colleague Ellen Nakashima on the condition of anonymity because of the matter’s sensitivity. But whether that is a signal that there will be a cyberattack on a critical system is not clear, Neuberger said.
Neuberger declined to name specific industry sectors under threat but said they’re part of critical infrastructure – a government designation that includes industries deemed vital to the economy and national security, including energy, finance, transportation and pipelines.

President Biden’s statement. White House fact sheet. And here’s a video of the extended Q&A with deputy national security adviser Anne Neuberger.

EDITED TO ADD (3/23): Long — three hour — conference call with CISA.