A new study by Dragos warns that cyber attacks targeting industrial control systems (ICS) are on the rise, with threat actors focusing on the oil and gas industry in particular. ICS environments are being targeted by nine different threat groups, one of which was only recently discovered by Dragos. Five

A Thursday incident in Johannesburg, South Africa that left some residents without power serves as a grave reminder of the destructive potential of ransomware. City Power, a local pay-as-you-go power provider owned by the city, had its network infected with file-encrypting malware that rendered many of its services unavailable. Johannesburg

Applied Risk warns that even though cyber risk awareness has increased, cybersecurity is still often an afterthought in industrial environments where new technologies are regularly deployed without proper testing. As a result, Operational Technology (OT) used in critical infrastructure is often vulnerable to cyberattacks. The most common flaws in industrial

The United States is close to starting a two-year pilot program aimed at bolstering the security of the power grid by making use of analog technologies. The program is part of the Securing Energy Infrastructure Act (SEIA) that has already been approved by the Senate, but still needs to pass

New research by Dragos indicates that the threat actors behind the 2017 Triton (aka Trisis) malware attack that shut down a petrochemical plant in Saudi Arabia, started to scan power grids in the US and Asia-Pacific regions at the end of last year. Because of this, analysts are worried that

US intelligence officials have been investigating the Russian power grid since at least 2012 and recently began targeting power grid control systems in offensive operations, according to a recent New York Times report based on information from current and former government officials. The offensive operations involved infecting Russian systems with

A recent security audit[pdf] of the Transportation Security Administration (TSA) by the US Government Accountability Office (GAO) has exposed serious shortcomings in the TSA’s efforts to protect the US pipeline system for oil and gas. The report shows that both the physical security and cybersecurity of this critical system, which

In the latest example of the growing cyber threat to critical infrastructure, Cleveland Hopkins International Airport was hit by a ransomware attack last week. The ransomware disrupted the airport’s systems used for email, payroll and digital records. In addition, most screens around the airport that are used for digital signage

On Thursday morning, a “malicious software attack” on the network of US pay television channel The Weather Channel (TWC) forced the station to air 90 minutes of canned content instead of live footage, after which it restored its live broadcast “through backup mechanisms.” While the incident may not strike most

FireEye researchers say that they have detected a second attack involving the highly disruptive Triton (aka Trisis) malware. Triton is considered to be incredibly dangerous as it is capable of remotely disabling safety systems. In the summer of 2017, Triton malware shut down a petrochemical plant in Saudi Arabia. The