Critical Infrastructure News, Articles and Updates

NIS Directive comes into force to boost infrastructure cyber-security

The Security of Network Information Systems (NIS) Directive, which aims to ensure that critical infrastructure is protected from cyber-attacks and computer network failure, has come into force today with fines for non-compliance.

At least 432 UK businesses to be affected by NIS cyber-security regulation

Compliance with new NIS (network and information systems) regulations that come into force next month could cost large essential service providers around £278,000 each.

Luck prevents malware fatally damaging critical infrastructure - this time!

Triton malware joins Stuxnet, Havex / Dragonfly, Blackenergy2/3, and Industroyer / CrashOverridet specifically targeting industrial networks: Passive network monitoring with hybrid threat detection needs to be implemented now.

Critical infrastructure: Downtime is simply not an option.

Vulnerabilities in our critical infrastructure aren't only caused by failure to comply with security standards.A big part of the problem is that many of the key computer systems that run critical infrastructure are legacy not fit for purpose.

US DHS, FBI name Russia in DragonFly 2.0 attacks on critical infrastructure

"This type of attack (ie cyber-attacks by Russia on Western critical infrastructure) isn't anything new, and the real story here is that the US is choosing to acknowledge it (and in extreme detail),"

Implementing the Network & Information Security directive - be prepared

There is enough information now available from the NCSC to allow organisations to start identifying the gaps in their NIS directive approach and understand the risks these pose.

The dawn of industrial cyber security - not the dusk

Today the risk to industrials is digital. It comes through knowing specific technical protocols and manipulating them to control an asset. Or obfuscating digital machine readings, blinding operators to thresholds being exceeded.

SC Congress 2018: Should critical infrastructure be put on a war footing?

Cyber-attacks on critical infrastructure are now the biggest threat to humanity and more action and collaboration is needed to defeat nation state actors and terrorists threatening essential systems.

UK companies warned to boost cyber-security or face fines

Energy, transport, water and health firms could face penalties of up to £17 million if they do not have effective cyber-security measures and suffer service outages as a result, the UK government announced.

A high-impact cyber-attack on UK likely in the next 2 years

It is a matter of "When, not if" a major cyber-attack on the UK will happen says Ciaran Martin, head of the NCSC. This statement raises the prospect of huge disruptions to the British government and critical infrastructure.

The Kosciuszko Institute cyber-security forecasts for 2018

Expert members of the European Cyber-security Forum - CYBERSEC community representing the public and private sectors plus academia share their opinions on the top challenges we are going to face this year.

Covert warfare: How likely are attacks on the UK's critical infrastructure?

Attacks on critical national infrastructure are growing in number and sophistication. So how big is the UK's risk?

NCSC head blames Russia for cyber-attacks

The head of the UK GCHQ's National Cyber Security Centre (NCSC) on Wednesday accused Russia of staging attacks on critical infrastructure and other sectors within the past year.

One year since the Dyn attack: Have attitudes to DNS security changed?

Until their company has been attacked and suffered a tangible business loss, most organisations regard DNS as simply plumbing rather than critical infrastructure that requires proactive defence says Dr Malcolm Murphy.

Six key vulnerabilities identified within industrial control systems

Six key vulnerabilities have been identified within industrial control systems that adversaries can use to undermine critical infrastructure operations.

Can machine learning & AI protect critical infrastructure from cyber-attacks?

Moreno Carullo examines how machine learning and AI can be deployed to protect physical infrastructures from cyber-attack.

How security can be the linchpin of Industrial IoT evolution

Will Culbert delves into the Industrial Internet of Things, touching on how digital technology may define industrial control operations and maintenance almost as much as the physical engineering itself.

Attacks on critical infrastructure - a natural progression, or a symptom of poor security practices?

Cyber-attackers are increasingly targeting unsecured industrial environments. Jalal Bouhdada, looks at why the IIoT has led to critical infrastructure becoming a more lucrative opportunity for hackers.

Presidential commission calls for collaborative action to combat cyber-threats

Updated: The president's Commission on Enhancing National Cyber-security today released a 100-page report that called for greater cooperation between the government, the private sector, educational institutions and even individual Americans with the goal of protecting and defending the nation's critical cyber infrastructure.

Industrial Control Systems (ICS) and Cyber-Risks

Mark Carolan outlines why IT security managers should be worried about ICS in their Infrastructure

ISSE 2016: the boundaries of critical infrastructure

Jan Rochat, CTO of AET technologies, reminded an ISSE 2016 audience that the security boundaries of critical infrastructure are not quite as concrete at they seem

UN Atomic agency admits a cyber-attack 'disrupted' a nuclear power plant

A senior UN official has told press that a nuclear power plant was disrupted several years ago by a cyber-attack

IP Expo: The future of cyber security [video]

"Where bits and bytes meet flesh and blood" was the main area of concern for industry panelists, ranging from Critical Infrastructure - where strict controls may be impossed, to consumer IOT goods - where they can't.

State officials warn Congress: don't damage public confidence in election systems

An association of state officials has published an open letter that seeks to strengthen public confidence in the electoral process, in light of research that has raised questions about the security of voting machines.

Israeli parliament recommends creation of national cyber-authority

The Israeli Knesset waits on the passage of a bill which would see the amalgamation of Israel's cyber-defences into one central authority

Critical infrastructure in Europe exposed to hackers

Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers

[Updated] New EU directive requires critical infrastructure to improve cyber-security

The European Parliament has passed this morning the new network and information security (NIS) directive, placing minimum standards for cyber-security on critical infrastructure operators.

Cylance exposes 'Dust Storm' APT attack on Japanese infrastructure

Chinese suspected of APT attack on Japanese critical infrastructure.