critical infrastructure

Internet of Things Demands Visibility-Driven Security

In an earlier blog, I discussed essentials for visibility-driven security and the importance of having both visibility and correlation to quickly assess events in real-time. In this post, we will examine the different dimensions of visibility across the attack continuum and how crucial it is to have these dimensions in place in order to defend against known and emerging threats. Visibility-driven capabilities are critical if cybersecurity professionals are to do their job effectively. In order to accurately see what’s really happening across dynamic, changing, environments and provide a full understanding of malicious incidents, visibility must provide an accurate picture of users, devices, data, threats, and the relationships between them. And it must do so in near real-time and across  a wide range of infrastructures to support new business models related to mobility, cloud, and the Internet of Things (IoT). For many security breaches, the gap between the time of compromise and the […]

Continue Reading

Regin Espionage Tool Active since 2008 | Symantec Connect

Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.”   In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]

Continue Reading

Biggest Threat to Critical Infrastructure? Lack of Imagination

The threats to critical infrastructure in the U.S. and elsewhere are so plentiful that even trying to enumerate them is futile (and not a bit depressing). But – if we were to rank them in order of importance – what would be at the top of that list? Clearly, as this blog has noted, software security is a major concern. Recently, the Industrial Control System CERT (ICS-CERT) warned about a sophisticated malware campaign targeting users of HMI (human-machine-interface) technology from leading vendors.  In at least some cases, the systems targeted were exposed directly to the Internet, making compromise simple. In other cases, industrial control system software is deployed with default administrator credentials, or easy to guess passwords. In other words: while some attackers are persistent and clever, many critical infrastructure owners make their job pretty easy. So, perhaps, its not software insecurity that belongs at the top of the list, […]

Continue Reading

U.S. Weather Systems Victims of Cyber Attack

The Washington Post is reporting that hackers from China breached the network of the National Oceanic and Atmospheric Administration (NOAA) in September, forcing cyber security teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses. The article cites sources within the government and Congress. The intrusion occurred in late September. However, NOAA officials gave no indication that they had a problem until Oct. 20, according to three people familiar with the hack and the subsequent reaction by NOAA, which includes the National Weather Service. According to the report, NOAA officials believe that actors based in China are responsible for the attack. The report also claims that efforts to respond to it resulted in an interruption in some key services, including NOAA’s National Ice Center Web Site, a partnership with the U.S. Navy and U.S. Coast Guard to monitor conditions for navigation. That two-day outage skewed the accuracy […]

Continue Reading

IoT Security: The Next-Generation Matters Now

As a cyber security professional, I spend most of my days speaking with customers and colleagues about all of the nefarious ways “the bad guys” can wreak havoc and how we can best defend ourselves. The topics we discuss often include situational awareness, defense-in-depth, threat intelligence, and new cyber security paradigms we may find ourselves adopting as the Internet of Things (IoT) evolves. I would assert that these are extremely important topics to sort out. But there’s a very important element not being discussed: the question of who will sort them out. Simply put: what difference does it make if you have the world’s greatest technology if nobody in your organization knows what to do with it? Cisco estimates that there will be a deficit of one million skilled cyber security professionals over the next five years. By 2015, 90 percent of jobs in the developed world will require some set of […]

Continue Reading
1 22 23 24 25 26 35