Posts

Cisco Patches Critical Authentication Bug With Public Exploit – Threatpost

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



Cisco Patches Critical Authentication Bug With Public Exploit  Threatpost

Source…

Why ransomware is such a threat to critical infrastructure

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


A recent spike in large-scale ransomware attacks has highlighted the vulnerabilities in the nation’s critical infrastructure and the ease with which their systems can be breached.

ransomware critical infrastructure

Little more than a decade ago, what was considered critical infrastructure was largely limited to air traffic control and generation and transmission of energy, and security regulations have been tightly focused on these areas. Today, however, there’s a growing acknowledgment that infrastructure encompasses much more, from stormwater systems to garbage processors, telecom providers, hospitals, financial services, pipelines, and more.

Cyberattacks and ransomware pose a greater risk to critical infrastructure than a non-digital external threat like a nation-state does, and the size and scale of the infrastructure has little to do with the scope of the risk; ransomware is just as much as threat to a water treatment plant in downtown Smallville, USA, as it is to a large-scale energy grid or gasoline pipeline.

Ransomware relies on phishing scams or holes in security it can exploit, including both digital and human vulnerabilities. The attacker then holds the data hostage until a ransom is paid.

As cyberthreats increase in sophistication, we can expect the threat presented by ransomware to evolve, and the actions taken to protect the nation’s critical infrastructure must evolve as well.

While there’s no centralized national agency overseeing all critical infrastructure in the U.S., we have a great model of what the energy industry did with the critical infrastructure protection (CIP) standards that guide utilities. We can apply that model to a broader definition of what constitutes critical infrastructure.

Many of the precautions mandated by CIP, like isolating critical systems from the internet and replacing single-factor, password-based authentication with multi-factor credentials including digital certificates based on public key infrastructure (PKI), could make other types of infrastructure just as secure and resilient as CIP-protected systems are.

It will take regulatory action, though. Municipalities and other critical infrastructure organizations are unlikely to take significant…

Source…

Can Critical Infrastructure Companies Prevent Ransomware Attacks?

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Can critical infrastructure pipeline owners and operators flat out prevent another ransomware attack similar to the one that knocked Colonial Pipeline on its back for five days?

The answer: No. But the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) is getting there, issuing a security directive that requires owners and operators of critical infrastructure pipelines to implement specific mitigations to protect against ransomware attacks. The agency has also ordered critical pipeline owners and operators to:

  • Develop and implement a cybersecurity contingency and recovery plan.
  • Conduct a cybersecurity architecture design review.

The order is particularly important to managed security service providers (MSSPs) engaging customers in the energy sector and other critical infrastructure segments.

“The lives and livelihoods of the American people depend on our collective ability to protect our nation’s critical infrastructure from evolving threats,” said DHS secretary Alejandro Mayorkas of the new TSA directive.  “Through this security directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security,” he said.

TSA Doubles Down On U.S. Pipeline Infrastructure Security

It’s the second security-related command that TSA has directed at the pipeline sector in the past two months. Last May, in the immediate wake of the Colonial Pipeline ransomware attack, TSA issued its first ever mandatory security order aimed at shoring up the nation’s oil and gas pipelines to repel cyber offensives. The instruction requires critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to DHS’ Cybersecurity and Infrastructure Agency (CISA). In addition:

  • Owners and operators must designate a 24/7/365 cybersecurity coordinator.
  • Critical pipeline owners and operators will be required to review their current practices and identify any gaps and related remediation measures to address cyber-related risks.
  • Results must be reported to TSA and CISA within 30…

Source…

DVIDS – News – Cyberspace Developer’s Course Critical to Retention and National Security

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



FORT GEORGE G. MEADE, Md. – Cyber Soldiers and a Marine graduated from the 11-month Tool Developer Qualification Course (TDQC) in a ceremony hosted by the 780th Military Intelligence Brigade (Cyber) at the Post Theater, July 13.

The United States Army has partnered with the University of Maryland Baltimore County (UMBC) to train Soldiers and Marines to become Cyberspace Capability Developers.

The nation’s demand, makes the retention of cyberspace Soldiers more challenging; however, in addition to a unique mission set, programs like 170D, Cyber Capabilities Developer Technician (https://recruiting.army.mil/170d/) warrant officer recruitment; the 780th MI Brigade’s in house certification of Network +; Security +; Certified Ethical Hacker and CISSP; and education partnership programs like TDQC are essential if the U.S. Army and Marine Corps want to retain the “best and the brightest.”

Army Gen. Paul M. Nakasone, commander, U.S. Cyber Command and director, National Security Agency chief, Central Security Service, told the House Armed Forces Committee in March 2020, “I continue to pursue creative ways to leverage our nation’s best and brightest to want to contribute to our missions.”

According to the 780th MI Brigade S3 (operations) program managers, graduates of the TDQC course are proficient to an intermediate level in creating programs using the C and Python computer programming languages, and provides an education path for individuals to become experienced at 90 percent of the identified critical developer requirements that an individual must be able to articulate and demonstrate through practical application in order to be certified as a Cyberspace Capability Developer.

“Its purpose is to educate individuals who have little to no computer programming experience that have been identified through an assessment as having an aptitude and desire to become a computer programmer,” said Sgt. 1st Class Corbin Greeff, a brigade senior Non-Commissioned Officer.

The 2021 TDQC graduating class includes: Spc. William Colley; Spc. Arthur Gould; Staff Sgt….

Source…