Security News > 2021 > May > Colonial Pipeline attack reminds us of our critical infrastructure's vulnerabilities
Cybersecurity expert discusses the many ways attackers could have gotten access to the Colonial Pipeline company and reminds us why the threat always looms.
TechRepublic's Karen Roby spoke with Vyas Sekar, a professor in electrical and computer engineering at Carnegie Mellon University, about the Colonial Pipeline ransomware attack by the hacker group Darkside.
Karen Roby: We're learning more about the Colonial Pipeline ransomware attack.
As you mentioned, this is a cyber-physical attack on a critical infrastructure component, which in this case was pipelines.
Which means that we know that such critical infrastructure attacks are possible.
The research, or the education focus, of CyLab is both on the education front, how do we train the workforce? How do we create the next generation of cybersecurity workers? And also on the research front, how do we give that workforce better tools from the research to proactively find new attack vectors? How to defend them inside the network? How to do recovery strategies? And so on.
News URL
Related news
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical vulnerabilities remain unresolved due to prioritization gaps (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)