As pharmaceutical companies and healthcare organizations turn their attention from the development to the deployment of coronavirus vaccines, well-resourced cybercriminals are hotly following suit. The vaccine supply chain is rife with logistical complexities making the enormously valuable data on the various vaccines deeply attractive to threat actors. In fact, cybercriminals are already attempting to steal vaccine formulas and disrupt operations.
The National Cyber Investigative Joint Task Force (NCIJTF) has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques.
The newly released National Strategy to Secure 5G plan by the NTIA details how the United States will lead global development, deployment, and management of secure and reliable 5G infrastructure.
In the U.S., critical infrastructure consists of sixteen essential sectors that make daily life possible. National critical functions are the functions of government and the private sector so vital to the U.S. that their disruption, corruption, or dysfunction would have a debilitating effect on security, national economic security, national public health or safety. Here, we talk to Brian Harrell about the importance of protecting critical infrastructure, the threats and hazards that pose the greatest risks to critical infrastructure and more.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) published the Resilient Positioning, Navigation, and Timing (PNT) Conformance Framework today. PNT services, such as the Global Positioning System (GPS), is a national critical function that enables many applications within the critical infrastructure sectors. This framework will inform the design and adoption of resilient PNT systems and help critical infrastructure become more resilient to PNT disruptions, such as GPS jamming and spoofing.
According to media reports, the U.S. Energy Department and National Nuclear Security Administration have evidence that hackers accessed their networks as part of a major cyber espionage operation that affected many U.S. federal agencies.
Domestic critical infrastructure is arguably now more at risk than at any point in living memory, and certainly in a peacetime context. As a consequence of the pandemic, there have been multiple attacks on electricity grids, water systems and energy organizations, election locations, and newly distributed enterprises. What is the best way to go about protecting what is at risk?
After a successful launch earlier this year, Carnegie Mellon researchers introduced the latest version of the IoT Privacy Assistant, an app and digital infrastructure that enables users to discover IoT devices nearby, learn about the data they collect and any controls they might possibly give, such as opting in or out of their data collection and use practices.
When we hear the term “critical infrastructure,” we want to believe that the assets – whether they are physical or digital – are extremely secure. Our minds conjure images of the vaults of Fort Knox, which are protected from every angle. However, critical infrastructure of the digital variety is not necessarily any more secure than any other digital asset. It all comes down to how meticulous the organization is in looking for and quickly closing vulnerabilities and security gaps that expose an attack surface for a bad actor to exploit.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will be releasing a document that provides a roadmap to threat mitigation of Position, Navigation, and Timing (PNT) services, a national critical function powering many of the critical infrastructure sectors that enable modern society. The conformance framework was developed with input from industry stakeholders and will help critical infrastructure owners and operators make risk-informed decisions when deciding what PNT equipment to deploy. It provides distinct levels of resilience so end users can choose equipment that’s appropriate for their needs, based on criticality and risk tolerance.
