Collaborate Disseminate
The watchdog report finds that CISA has “insufficient” staff to handle simultaneous attacks that impact OT systems.
The post CISA needs better workforce planning to handle operational technology risks, GAO says appeared first on CyberScoop.
National security officials have been sounding the alarm over a China-linked hacking group that’s been targeting critical infrastructure.
The post Biden executive order gives Coast Guard added authority over maritime cyber threats appeared first on CyberScoop.
Continue reading Biden executive order gives Coast Guard added authority over maritime cyber threats
The Government Accountability Office finds that agencies overseeing key critical infrastructure sectors don’t know whether protections against ransomware have been implemented.
The post GAO: Federal agencies lack insight on ransomware protections for critical infrastructure appeared first on CyberScoop.
The incident reporting legislation, long in the works, also comes with nearly $2.6 billion for the agency for fiscal 2022.
The post Major cyber incident reporting requirement, CISA budget hike on precipice of becoming law appeared first on CyberScoop.
This past March, the world watched as the container ship Ever Given clumsily blocked a major artery in the global supply chain – leading to a six-day blockage of the world’s most important shipping corridor, the Suez Canal. The disruption held up an estimated $9 billion of trade per day. Today, the Port of Los Angeles and the Port of Long Beach are experiencing disruptions leading to a record number of ships waiting off the coast of California. These disruptions have permeated throughout the supply chains for goods that Americans rely on from computers and chips to cars and clothing. The lesson is clear: The maritime industry is full of chokepoints which, if manipulated, can cause cascading economic impacts that affect Americans. While these recent disruptions were not caused by hacks or bad actors in cyberspace, they demonstrate the vulnerable chokepoints in the global marketplace. We aren’t dealing in hypotheticals, either – […]
The post A rising tide lifts all boats in maritime cybersecurity appeared first on CyberScoop.
Continue reading A rising tide lifts all boats in maritime cybersecurity
Cybersecurity experts from the U.S. military and the private sector have spent recent weeks working with two American cities to test their ability to respond during a simulated cyberattack layered with several simulated physical disruptions. The virtual exercise, which has feigned malware and ransomware attacks against targets in Charleston, S.C., and Savannah, Ga., over the last several weeks, is aimed at testing participants’ ability to defend against digital threats while simultaneously facing an array of emergency scenarios in the physical realm. While grappling with seeming malicious software attacks, participants also have needed to deal with a fictional cargo ship accident, a flood and the failure of 911 systems. The U.S. Army, alongside private sector and municipal partners, is wrapping up the exercise, known as Jack Voltaic 3.0, this week. By assessing municipal and commercial responses to such blended crises, officials aim to understand and mitigate any shortfalls in response that could impact the U.S. military’s ability to deploy out of […]
The post US Army combines fake hacks, natural disaster simulation to test municipal responses appeared first on CyberScoop.
Hackers used Ryuk ransomware to infiltrate computer networks at a marine transportation facility, causing an outage of roughly 30 hours, the U.S. Coast Guard said in a recent security advisory. The incident resulted in the disruption of “the entire corporate IT network,” and difficulties for camera and physical access controls, among other tasks, according to the advisory. The facility shut down its primary operations for 30 hours while incident responders reacted to the situation. “Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,” the bulletin stated. “The virus burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.” This bulletin came five months after the Coast Guard encouraged mariners to focus […]
The post Coast Guard says Ryuk ransomware hit systems that monitor cargo transfers at maritime facility appeared first on CyberScoop.
The U.S. Coast Guard has issued a safety alert encouraging mariners to follow basic cybersecurity protocols after a ship bound for the East Coast experienced a “significant cyber incident” in February. The Coast Guard said the deep draft ship was traveling to the Port of New York and New Jersey from international waters earlier this year when it experienced an incident affecting its shipboard network. An interagency team of specialists responded, finding that “malware significantly degraded the functionality of the onboard computer system,” though the boat’s essential controls were not affected, the Coast Guard said Monday. The shipboard network had been used to conduct official business, like updating electronic charts, managing cargo information and communicating with onshore resources. The warning comes as maritime traffic has become a prominent venue for ongoing tensions between Iran and Saudi Arabia and its allies, including the United States. In March, the FBI privately notified industry of cyberthreats to U.S. […]
The post After ‘significant’ malware attack, U.S. Coast Guard issues maritime security advisory appeared first on CyberScoop.
STARTTLS, which is used to secure the email handled by many organizations, isn’t perfect, but it can be useful Continue reading Why isn’t US military email protected by standard encryption tech?