A new strain of Russian operational technology malware could cause electric power disruption in Europe, the Middle East and Asia, Mandiant found. The malware wreaks havoc by interacting with devices such as remote terminal units that are used for electric transmission and distribution operations.
Small electric utilities, wastewater facilities and hospitals struggle with defending their organizations against emerging cyberthreats given their meager resources, U.S. government officials said. Many utilities have failed to adopt cyber best practices despite the available tools and training.
Britain's National Cyber Security Centre said Russian hacktivists have ambitions of becoming a larger threat to Western critical infrastructure. "Disclosing this threat is not something we do lightly," said U.K. Cabinet Office Secretary of State Oliver Dowden.
The Biden administration is probing how highly classified military and intelligence documents detailing national security secrets came to be leaked via Discord servers and social media. Experts say the leaked documents appear to be genuine, although some have been crudely doctored.
Lawmakers urged Director Jen Easterly to devise metrics that quantify how effectively the Cybersecurity and Infrastructure Security Agency uses federal money to cut cyber risk. Rep. Dave Joyce wants CISA to more precisely measure the return on taxpayer spending given the agency's rising budget.
Utility companies have increasingly refrained from purchasing large power transformers from China given greater awareness of the security risks. Lawmakers sparred with the Energy Department's cybersecurity leader over how much of the electric grid contains components manufactured in China.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
The top U.S. cybersecurity agency says it is testing how to scan critical infrastructure organizations to detect vulnerabilities ransomware hackers can exploit in a bid to have the flaws patched before extortionists also discover them. The Ransomware Vulnerability Warning Pilot started on Jan. 30.
The U.K. government says a new national agency will work with the private sector to stymie national security threats including foreign hackers after British intellectual property. In an update to British foreign policy, Prime Minister Rishi Sunak vowed to "push back" against China.
A dozen U.S. senators on Tuesday introduced legislation backed by the White House charging the federal government with initiating a process to systematically block foreign technology from reaching the domestic market when the tech poses a national security threat.
Germany may belatedly ban Chinese-built telecommunications gear from its 5G networks on national security grounds as the country's Federal Office for Information Security, the BSI, conducts a review. The majority of 5G radio access network equipment in German networks comes from Chinese vendors.
Police in Germany and Ukraine detained two suspected core members of a ransomware criminal group with a track record of attacking hospitals and emergency services. Seized electronics may lead to additional arrests of members of the group, who are accused of spreading DoppelPaymer ransomware.
Cybersecurity will take its place alongside chemical contaminant removal as an element the U.S. Environmental Protection Agency says public water systems must mitigate. "Cyberattacks that are targeting water systems are real and a significant threat," said an EPA official.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
A Chinese law requiring mandatory disclosure to the government of vulnerability reports appears to be paying dividends for state-connected hacking. "The Chinese government is up-leveling their capabilities," says Adam Meyers, senior vice president of intelligence at CrowdStrike.