Security News
Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and National Security Agency have laid bare the tactics, techniques, and procedures adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks.
The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors, orchestrated by Russian-backed hacking groups. "In some cases, Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology/industrial control systems networks with destructive malware."
The global healthcare cloud infrastructure market size is expected to reach $142 billion by 2028, according to ResearchAndMarkets. The growing trend of healthcare digitalization, rising expenditures, overburdened health systems, rising traffic on the network, growing data siloes, and the emergence of remote working is contributing to the demand for healthcare cloud infrastructure systems and solutions.
Let's examine some of the big challenges in OT security, and how zero trust can fix them. Zero trust is a security framework that assumes every user or device is a potential threat.
The Cybersecurity and Infrastructure Security Agency warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats. "In the lead up to the holidays and in light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyber attacks," the cybersecurity agency said [PDF].
If there's one thing we have a lot of, it's data. Veeam Software solution architect John Wood points out, "The data that you have today is obviously the most valuable data that you have."
The Federal Bureau of Investigation has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. "The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors," the federal law enforcement agency said.
Threats to the supply chain can take many forms, including malware attacks, piracy, unauthorized access to enterprise resources and data, and unintentional or maliciously injected backdoors in software source code. This means putting security at the center of the supply chain and making it a foundational element.
It followed this up with a memorandum on improving cybersecurity for critical infrastructure control systems. Cities don't often have the expertise or resources to secure systems well or monitor for these kinds of attacks, and the attackers only have to succeed once.
Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities. You can be reasonably confident that your bank website is actually your bank website when it presents your browser with an end-user or leaf certificate that's linked through a chain of trust to an intermediate certificate and ultimately the X.509 root certificate of a trusted CA. Each browser relies on a trust store consisting of a hundred or so root certificates that belong to a smaller set of organizations.