Botnets in 2018 continued to use DDoS as their primary weapon to attack high-speed networks, according to NSFOCUS. Continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, operations, and maintenance of botnets and IP Chain-Gangs. Throughout 2018, NSFOCUS developed profiles on 82 IP Chain-Gangs, groups of bots from multiple botnets acting in concert during specific cyber-attack campaigns. Understanding botnets in general and IP Chain-Gangs, … More →
ICS cybersecurity threats remain high and present evolving challenges, a new SANS report reveals. However, since the last SANS OT/ICS report released in 2017, a growing majority of organizations have significantly matured their security postures over the last two years and are adopting strategies that address OT/IT convergence. “The findings in this latest SANS report make it clear that 2019 is the year for ICS cybersecurity,” said Nozomi Networks CEO Edgard Capdevielle. “We see the … More →
Hackers have targeted the gaming industry by carrying out 12 billion credential stuffing attacks against gaming websites within the 17-month period analyzed in the report (November 2017 – March 2019) by Akamai. 55 billion credential stuffing attacks This puts the gaming community among the fastest rising targets for credential stuffing attacks and one of the most lucrative targets for criminals looking to make a quick profit. During the same time period, Akamai saw a total … More →
ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around the world. The attack reportedly started on Friday and the extent of the internal damage is still unknown. About ASCO Industries ASCO Industries is a privately held company that was acquired by Kansas-based Spirit AeroSystems in 2018. At the time it had 1,400 employees world-wide. It designs and manufactures wing components, … More →
Only 28 percent of organizations consistently enforce a defined security process for code signing certificates, a Venafi study of over 320 security professionals in the U.S., Canada and Europe reveals. “When the code signing keys and certificates that serve as machine identities fall into the hands of attackers, they can inflict enormous damage,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “Secure code signing processes enable apps, updates, and open … More →
Smart home security cameras equate to 47% of the most vulnerable devices followed by smart hubs such as Googlehome, Amazon Alexa, with the top countries executing attacks coming from China followed by USA, according to SAM Seamless Networks. Other findings reveal the USA and China are the foremost countries for both executing attacks and being targeted. The average home receives five attempted attacks per device per day via smart networks. Email malware and phishing are … More →
At least 3.4 billion fake emails are sent around the world every day — with most industries remaining vulnerable to spear-phishing and “spoofing” cyberattacks simply because they’re not implementing industry-standard authentication protocols, according to a Valimail report. The research report also found that the vast majority of suspicious emails emanate from U.S.-based sources. It’s not all bad news, however. Ongoing research also indicates that many industries are making progress in the fight against impersonation, some … More →
The travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly valuable travel data, according to the new IBM Security research. Compounding the problem, a new survey conducted by Morning Consult on behalf of IBM Security reveals that travelers are still blind to the risks they face on the road. The survey found that only 40% of respondents believed it was likely they would be targeted for cybercrime … More →
Cybercriminals continue to evolve the sophistication of their attack methods, from tailored ransomware and custom coding for some attacks, to living-off-the-land (LoTL) or sharing infrastructure to maximize their opportunities, according to the Fortinet latest report. Pre- and post-compromise traffic Research to see if threat actors carry out phases of their attacks on different days of the week demonstrates that cybercriminals are always looking to maximize opportunity to their benefit. When comparing Web filtering volume for … More →
One in five companies are already using forensic investigations and other sophisticated methods to identify their attackers, like setting up honey pots and repositories of fake data to give attackers the idea they’ve hit real data while acting as a diversion tactic, according to Neustar. Companies’ growing investment in advanced forensic capabilities that can help identify attackers in greater detail is increasingly eclipsing what most law-enforcement agencies are willing to devote. 72 percent of respondents … More →
A large majority of security IT decision makers are ready and willing to share valuable threat intelligence data to help the collective industry make better, more informed decisions when it comes to cyber attacks, an IronNet Cybersecurity report reveals. To compile the “Collective Offense Calls for a Collective Defense: A Reality Check for Cybersecurity Decision Makers” report, IronNet commissioned survey firm Vanson Bourne to interview 200 U.S. security IT decision makers across many industries including … More →
An apparent denial of service attack caused a disruption in a segment of the U.S. energy grid affecting Utah, Wyoming, and Southern California.
Little is currently known about the incident. It occurred March 5th, disabling several security devices. An unnamed utility company reported the incident to the Department of Energy.
“There was a denial-of-service attack…and that basically led operators to not be able to see what was going on in the grid,” said journalist Blake Sobczak, who initially reported the story. “As long as nothing crazy happens, you should be fine, but it certainly constitutes a disruption and a reportable event here to the Department of Energy.”
While the potential cyberattack did not lead to any known outages or interruptions in service and used a relatively unsophisticated method, it is noteworthy for being the first known incident to successfully target the nation’s energy infrastructure. Hackers targeting the U.S. energy grid have been theoretical up to this point, but security experts have long maintained that the infrastructure is poorly secured and that many utility companies are unprepared when it comes to cyber defense.
Fears of an attack on utilities have increased in the wake of Russian infiltration of U.S. critical infrastructure announced in 2018 by the Department of Homeland Security.