A record number of cyber incidents impacted Britain’s critical drinking water supplies this year without being publicly disclosed, according to information obtained by Recorded Future News.
The exact nature of these incidents is unclear, and they may include operational failures as well as attacks. Under British cybersecurity laws — known as the NIS Regulations — critical infrastructure companies are required to report “significant incidents” to the government within three days or face a fine of up to £17 million ($21 million).
A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world.
(6 Months later CZAT 7 Server is offline or changed to another ip address , this post was written 6 months ago, published today 9/2/2024)
I’m a big fan of trains, i like them, but never tough that someday i would take over train traction power substation located in Poland from my home in Costa Rica.
I’m not a train expert/engineer and i had no idea how the train management works , I’m a cyber security professional doing research in the internet about OT Industrial equipment exposed potentially vulnerable or misconfigured.
Everything explained here is just what i learned reading official documentation from the Elester-pkp website . https://elester-pkp.com.pl/
Data centres in the UK are to be classified as critical national infrastructure, joining the emergency services, finance and healthcare systems, and energy and water supplies.
It means they would get extra government support during a major incident, such as a cyber attack, an IT outage or extreme weather, in order to minimise disruption.
The French government said it would seek “a national solution” to protect Atos, a debt-burdened company that serves nuclear programs and the military.
Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware.
"Structured as a ransomware-as-a-service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government said.
Authorities have declined to comment on the reported ransomware attack ten days on Serbia's public energy company EPS.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.
HSE, Slovenia's largest power utility, has been targetted by a cyberattack that started on Wednesday night and escalated on Friday night. In-house and external experts are working to resolve the situation. The supply of electricity is not jeopardised.