11 May 2022

Purdue cybersecurity experts coached guardians of Ukrainian critical infrastructure

Purdue University, a leading seat of cybersecurity expertise, may have helped cybersecurity personnel guarding power plants, the electrical grid and other critical infrastructure in Ukraine successfully fend off recent cyber attacks. CERIAS (the Center for Education and Research in Information Assurance and Security at Purdue) has provided programs in cybersecurity training,

Read More
17 Mar 2022

Russia Faces IT Crisis With Only Two Months of Data Storage Capacity Available

Within two months, Russia will run out of data storage capabilities (for their government and public sector information technology operations) after Western IT service providers pulled their cloud computing capabilities out of the country.

Read More
04 Jan 2022

National Cognitive Infrastructure Protection:  What Can We Learn from the Swedish Psychological Defence Authority? 

In 2019, in what now reads like a strikingly prescient premonition, OODA CTO Bob Gourley penned a two-part series on the neglect of our national Cognitive Infrastructure, which includes the mental capacities of our citizens and the decision-making ability of people, organizations, and our government. It also includes the information channels used to feed our decision-making capabilities and the education and training systems used to prepare people and organizations for critical thinking. In the series, Bob discussed the efforts by the U.S. government in the 1990s to create a framework for “Critical Infrastructure Protection” when talking about manufacturing, dams, the energy sector, nuclear reactors, etc. But what about the protection of our critical cognitive infrastructure, which is threatened in ways few of us ever imagined just a few years ago? The Swedes offer an exemplary agency model.

Read More
30 Jan 2019

Medical devices are woefully insecure. This public-private partnership working to fix that.

The Healthcare Sector Coordinating Council, a public-private partnership of hospitals and medical devices working on critical infrastructure security and resilience, has published a joint security plan document outlining a series of vulnerabilities and needed improvements in the industry. Essentially a “to-do list” for manufacturers, it highlights the current vulnerabilities of

Read More
08 Jan 2019

Pamex adjusts logistics to combat $3 billion/yr in stolen fuel; shortages occur across Mexico

In an effort to reduce gasoline theft, State oil company Petroleos Mexicanos (Pamex) has changed their distribution methods, resulting in shortages and long lines at refueling stations across 6 states. Fuel theft in the country had risen from around $500,000 USD per year in the early 2000s to around $3

Read More
21 Dec 2018

With eye on China, Germany toughens rules for foreign buyouts

“Germany was Wednesday set to toughen rules on non-EU share purchases and acquisitions of its strategic companies, amid growing disquiet about takeovers by Chinese firms. It plans to lower the threshold where reviews apply to foreign purchase offers of 10 percent of companies, down from 25 percent now. Germany and

Read More
21 Dec 2018

Plan to Dumb-Down the Power Grid In Name of Cybersecurity Passes Senate

The Senate passed a measure to establish a two-year pilot program to investigate the possibilities of analog systems to be integrated into the U.S. power grid in order to prevent cyber vulnerabilities. Introduced in 2017 and approved by the Energy and Natural Resources Committee, a mirror version of the “retro

Read More
14 Dec 2018

Operation Sharpshooter Takes Aim at Global Critical Assets

“Operation Sharpshooter uses a new implant to target mainly English-speaking nuclear, defense, energy and financial companies. Researchers have detected a widespread reconnaissance campaign using a never-before-seen implant framework to infiltrate global defense and critical infrastructure players — including nuclear, defense, energy and financial companies. The campaign, dubbed Operation Sharpshooter, began

Read More
13 Dec 2018

Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals

“Several critical infrastructure organizations in Russia have been targeted by hackers believed to be financially-motivated cybercriminals rather than state-sponsored cyberspies. An analysis of malicious Word documents led researchers at endpoint security firm Cylance to discover fake websites set up to impersonate the legitimate sites of Russian oil giant Rosneft and

Read More
06 Dec 2018

FBI: Watch out for Iranian SamSam malware

DHS and the FBI shared a joint alert on December third regarding the critical infrastructure threat posed by the Iranian SamSam virus. The ultimate purpose of the virus is the successful intrusion and takeover of a network for the purpose of extorting a ransom (ransomware). The alert recommended strong passwords,

Read More