blog-slider.jpg

KnowBe4

Security Awareness Training Blog


Keeping You Informed. Keeping You Aware.

Five things to know about Russian cyber attacks on the energy grid

Five things to know about Russian cyber attacks on the energy grid

Morgan Chalfant at The Hill wrote: "Trump administration officials on Thursday accused the Russian government of staging a multi-year cyberattack campaign against the energy grid and other elements of critical infrastructure in the United States.

The alert from the Department of Homeland Security and the FBI coincided with the administration’s decision to unveil new sanctions on Russia for 2016 election meddling and other cyber activities — developments that are sure to ramp up tensions between the U.S. and Moscow.  

Here are five things to know about Russian cyberattacks against U.S. infrastructure. 

Putin Wins Election: Six More Years Of Criminal Cyber Attacks On The West

Putin Wins Election: Six More Years Of Criminal Cyber Attacks On The West

Russian President Vladimir Putin won re-election by a wide margin Sunday, strengthening his hand amid an escalating confrontation with the West.

Having been 18 years in power, Putin has secured an additional six-year term at a time of sharply deteriorating relations with Western adversaries, who accuse him of a variety of cyber crimes including targeting American critical infrastructure. 

A Cyber Attack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try:

A Cyber Attack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try:

Last summer, a petrochemical plant in Saudi Arabia was the target of a cyber attack that investigators believe was designed to sabotage the plant's operations and cause an explosion. Iran is probably behind it.

It's official: Russia is targeting critical American infrastructure with 'malicious cyber attacks'

It's official: Russia is targeting critical American infrastructure with 'malicious cyber attacks'

TNW just wrote: "Russian cyber operatives are attacking critical American infrastructure such as energy grids, nuclear facilities, aviation systems, and water processing plants, according to the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS). The report details numerous attempts, since at least March of 2016, where Russian cyber operatives targeted government entities and multiple US critical infrastructure sectors.

The Massive Cyber Attacks Slated For 2018 Will Make You WannaCry

The Massive Cyber Attacks Slated For 2018 Will Make You WannaCry

If you think 2017 was bad, hold on for dear life because 2018 is going to be the worst yet when it comes to cyber attacks, with new and better coordinated attacks looming large.

Why? Three forces are going to be combined by the bad guys:

  1. The massive amount of stolen personally identifiable information from breaches will be harnessed through commercial-strength merge/purge/append processes with social-media info into a rich, granular dataset ready for spear-phishing with stunning precision using social engineering tactics.
  2. Machine learning has become a well-honed science. Online advertisers and political campaigns have become very good at applying data analytics to large data sets. The bad guys are using this very same technology now to target your end-users using all the data breach "take", including Equifax.
  3. Botnets continue to proliferate, which allow bad actors to bypass your filters using hundreds of thousands of personal computers.
Complex regulations and sophisticated cyber attacks inflate non-compliance costs

Complex regulations and sophisticated cyber attacks inflate non-compliance costs

The cost of non-compliance has significantly increased over the past few years, and the issue could grow more serious. 90 percent of organizations believe that compliance with the GDPR would be difficult to achieve, according to a new study conducted by the Ponemon Institute.

GDPR is considered by respondents to be the most challenging among other data compliance regulations such as Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Federal Information Security Management Act (FISMA).

Non-compliance costs 2.71 times the cost of maintaining or meeting compliance requirements.

Here are some highlights:

Which of Your Employees Are Most Likely to Expose Your Company to a Cyber Attack?

Which of Your Employees Are Most Likely to Expose Your Company to a Cyber Attack?

Kon Leong at Harvard Business Review wrote an excellent article about the problem of employees exposing your organization to cyberthreats through human error. Here is a short qoute:

EU to Declare Cyber-Attacks “Act of War”. USA likely to follow

EU to Declare Cyber-Attacks “Act of War”. USA likely to follow

"European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war.

The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances."

The framework on a joint EU diplomatic response to malicious cyber activities would seem to raise the stakes significantly on state-sponsored attacks, especially those focused on critical infrastructure.

Subscribe To Our Blog

Phish Your Users

Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews