Could a cyber attack darken US cities for days? weeks? months? The Security Ledger talks with Joe Weiss, a noted expert on the cyber security of the electric grid and critical infrastructure. Joe says that the means to achieve a long term power outage is there. All that’s missing is the motive.
Search Results for "critical infrastructure"
Serial To Ethernet Converters are the Huge Critical Infrastructure Risk Nobody Talks About
In-brief: There are more warnings that a common piece of hardware known as Serial-to-Ethernet converters are very vulnerable to remote attacks – and more evidence that the vendors who manufacture them aren’t in a rush to fix the holes.
DHS: APT behind Half of Cyber Incidents In Critical Infrastructure
In-brief: A new report from the Department of Homeland Security reveals that there were 245 reported incidents of cyber attacks on critical infrastructure in 2014. More than half were attributed to sophisticated “APT” type actors.
Biggest Threat to Critical Infrastructure? Lack of Imagination
The threats to critical infrastructure in the U.S. and elsewhere are so plentiful that even trying to enumerate them is futile (and not a bit depressing). But – if we were to rank them in order of importance – what would be at the top of that list? Clearly, as this blog has noted, software security is a major concern. Recently, the Industrial Control System CERT (ICS-CERT) warned about a sophisticated malware campaign targeting users of HMI (human-machine-interface) technology from leading vendors. In at least some cases, the systems targeted were exposed directly to the Internet, making compromise simple. In other cases, industrial control system software is deployed with default administrator credentials, or easy to guess passwords. In other words: while some attackers are persistent and clever, many critical infrastructure owners make their job pretty easy. So, perhaps, its not software insecurity that belongs at the top of the list, […]
White House Cyber Chief: JP Morgan Underscores Critical Infrastructure Risk
The White House’s cyber security czar, Michael Daniel, said the Obama Administration is deeply concerned about the reported hack of systems belonging to banking giant JP Morgan Chase & Co. but sees the incident as part of a larger trend of attacks against U.S. critical infrastructure. Asked about the targeted attack against JP Morgan and other banks and financial institutions, Daniel said that the White House was concerned, but not surprised by the incident. “We have watched for several years the trend of malicious actors in cyber try to figure out how to target critical infrastructure,” he said. “Financial services is critical infrastructure.” The White House was concerned that a major U.S. bank would fall victim to hackers, but sees it in the context of a “broad trend,” rather than an isolated incident, he said. Speaking with Michael Farrell, the Cybersecurity Editor at Christian Science Monitor, Daniel hit on many of the now-common talking […]
