When we think about cyberattacks and malicious hackers, we often think in terms of our own personal lives and our own organizations. In my experience in cybersecurity, I often hear people say “Why would hackers target me? We are too small” or “I’ve never been affected by a cyberattack, so it’s not really something I’m interested in.”
The reality is that cybercriminals may be targeting you not because of your size but because of who your customers and clients are. Although you may not have noticed it, we are all affected by the increasing number of cyberattacks, the threat of which is only increasing.
We have long known that the possibility of attacks on Supervisory Control and Data Acquisition (SCADA) systems was a very real threat to our modern way of living. These systems routinely control how power, water, nuclear, manufacturing, and oil and gas are managed and distributed, forming part of our Critical National Infrastructure (CNI). Attacks on CNI are nothing new, and there are examples where these digital attacks have the potential of affecting our lives in very real ways.
The Stuxnet worm raised the attention of every cybersecurity practitioner in the land. Almost like the plot line of a spy thriller movie, this computer worm, once installed on the network, sought out specific software on computers controlling programmable logic controllers (PLC). It was programmed to hide its presence as it caused the fast-spinning centrifuges to tear themselves apart, making it one of the first forms of malware which impacted the physical world. Stuxnet was highly effective in its targeting of control systems. It is thought to have infected over 200,000 computers and physically damaged 1,000 of them.
What is important to note is that, in order to get their weapon (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/attacks-on-critical-national-infrastructure-cni-on-the-rise/
With cyber threats constantly evolving, protecting your network’s security is important. Network pen testing, also known as Network VAPT (Vulnerability…
The RSA Conference 2024 will kick off on May 6. Known as the “Oscars of Cybersecurity,” the RSAC Innovation Sandbox…
The stereotype of the government as a slow-moving behemoth is not ill-fitting, but when it makes adjustments and changes, it…
On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in…
3 min read By introducing vulnerabilities, long-lived credentials can erase the rapid, iterative improvements automated software processes are designed to…
There's more to open source risk than CVEs! The post Quick Guide to the OWASP OSS Risk Top 10 appeared…