Jenny Radcliffe on People Hacking
Glenn Ware on Threat Management
Sanjay Subramanian: Information Siloes Exacerbate Threats
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more
The Biden-Harris Administration is redoubling its efforts to improve cybersecurity for the nation’s water systems. In March, the EPA and the White House issued a dire warning to state governors alerting them of the need to...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more
North Carolina Power Outage Points to Homeland Security Long-Documented Threats to US Power Grid - “Moore County blackouts serve as reminder that nation’s electricity infrastructure could be vulnerable targets for domestic...more
Last year Colonial Pipeline halted one of the United States’ largest pipeline systems due to a ransomware attack. Within days a state of emergency was declared in 17 states. A few days later the pipeline resumed service, and...more
The U.S. government has steadily increased its warnings about malicious cyber activity by Russia and other sophisticated persistent adversaries. Following several warnings from the Federal Bureau of Investigation (FBI) and...more
On Monday, March 21, 2022, the White House issued a statement warning of "evolving intelligence" that the Russian government may launch cyberattacks aimed at the United States in response to sanctions arising from Russia's...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
U.S. officials this week warned government agencies, cybersecurity personnel, and operators of critical infrastructure that Russia might launch cyber-attacks against Ukrainian and U.S. networks at the same time it launches...more
On October 21, 2021, the Financial Stability Oversight Council (“FSOC”), established in 2010 by the Dodd-Frank Wall Street Reform and Consumer Protection Act to respond to emerging threats to the stability of the U.S....more
The Department of Homeland Security (DHS) recently announced a new Security Directive requiring companies in the pipeline sector “to better identify, protect against, and respond to” cyber threats. Among other things, the...more
The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more
The Biden Administration is zeroing in on cybersecurity. In the wake of a high-profile wave of cyberattacks, including the SolarWinds supply chain attack and the more recent Colonial Pipeline ransomware attack, President...more
On May 12, President Biden issued Executive Order 14028 focused on improving the nation’s cybersecurity posture. The order follows the recent cyberattack on one of the nation’s largest pipelines, Colonial Pipeline, in which...more
In the immediate aftermath of the May 7, 2021 Colonial Pipeline ransomware attack, the focus, naturally, is on the rush to get the pipeline back on line after identifying and patching any vulnerabilities that caused the...more
Recently, the largest gasoline pipeline in the United States fell victim to a ransomware attack that caused the pipeline to go offline for several days. In addition to causing gas shortages across the Southeastern United...more
Colonial Pipeline, a company that transports more than 100 million gallons of gasoline and other fuel daily across 14 states from Houston to New York Harbor, shut down the pipeline last Friday after discovering ransomware on...more
On May 12, 2021, President Biden signed an Executive Order which is aimed at improving the nation’s cybersecurity and protecting federal government networks. The Executive Order has been in the works for some time, but the...more
Disruptionware attacks have become increasingly more common over the last few months. Just last month, I wrote about a dangerous disruptionware attack against a Florida Water Treatment Center that could have been a mass...more
This post is a follow up from our recent discussion of the cyberattack that took the 5,500-mile Colonial Pipeline offline last week and the growing threat ransomware poses to our nation’s energy system. On May 10, 2021, a...more
On October 6, 2020, the Department of Homeland Security (“DHS”) released a 2020 Homeland Threat Assessment (“HTA”). According to Acting Secretary Chad F. Wolf, the “first of its kind report” identifies the primary threats...more
A cyberattack on a single gas compression facility resulted in the shutdown of a natural gas pipeline for two days, according to a recent alert from the US Department of Homeland Security’s Cybersecurity and Infrastructure...more
The U.S. Government Accountability Office (GAO) has published a report examining efforts by the Transportation Security Administration (TSA) and aviation stakeholders at U.S. airports to address “insider threat,” or the risk...more