McCrary Institute for Cyber & Critical Infrastructure Security’s Post

Cybersecurity is a continuous challenge.

This is a good example of why your OT cyber security needs a strong managment system around it. https://lnkd.in/eP9Mf6U8 #CyberSecurity #CyberBrews

Sellafield fined nearly £400k for cybersecurity failings! When your nuclear site gets hit with a fine this big, you know it’s not just a “turn it off and on again” situation. As cyber threats evolve, even the most critical infrastructures aren’t immune to lapses. Has the urgency of cyber resilience kept pace with these growing risks, or is this just the tip of the iceberg? With such high stakes, maybe it’s time for every business to ask: Are we really prepared for the next cyber attack? https://lnkd.in/eJ6QmXfz #CyberSecurity #DataBreach #NuclearSecurity #CyberResilience #RiskManagement

Stuxnet, The Malware That Propagates To Air-Gapped Networks: Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA) systems used in industrial facilities. By exploiting multiple vulnerabilities, including zero-days, it breached air-gapped networks (isolated systems) and disrupted Iranian nuclear centrifuges controlled by Siemens Step7 software.  It exposed the limitations of traditional security and highlighted the evolving cyber threat landscape, […] The post Stuxnet, The Malware That Propagates To Air-Gapped Networks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

In January 2003, the Slammer #worm — also known as #Sapphire , made its debut on the internet stage. According to Risi Data, this worm exploited a #vulnerability in Microsoft’s SQL Server 2000 and took advantage of the systems running on unpatched Windows-based machines. It created a buffer overflow and sent itself to random IP addresses, increasing its rate of propagation exponentially. It didn’t take long for the worm to infect multiple hosts, causing widespread network congestion and bringing internet traffic down. Special thanks to our OT researcher Divita for bringing this to our attention. By learning from this #incident and applying the lessons derived from it, organizations can better protect their systems and ensure the safety and security of their operations. With the increasing interconnectivity of systems and the growing sophistication of cyber threats, it is imperative for organizations to continually evaluate and enhance their cybersecurity measures to stay ahead of potential risks. #zerogray #ICS #cybersecurity #industrialcontrolsystem #otsecurity #alliancepro #cassata #jharicky

🚨 Cyber Security Insight: Lessons from Stuxnet 🚨 One of my favorite cyber warfare stories is the Stuxnet attack, a masterclass in simple implementation, sophisticated engineering, and high impact. This digital weapon delayed Iran's uranium enrichment and nuclear weapon capabilities for years, demonstrating the power and precision of cyber attacks. As Australia faces sophisticated threats to its critical infrastructure, the lessons from Stuxnet, nearly 20 years on, are more relevant than ever. Our reliance on data and internet access makes robust cybersecurity crucial. 👉 Read this fascinating account about Stuxnet: The World's First Digital Weapon

In recent months, cybersecurity experts have been on high alert monitoring Iranian state-backed hackers, especially following the onset of the war in Gaza last October. These threat actors, linked with Iran's support of Hamas, have intensified cyberattacks against Israel and its allies, showcasing a relentless onslaught across various digital fronts. The scope of these cyberattacks is extensive, involving massive data leaks, breaches into government systems, unauthorized access to Israeli security cameras, amplified disinformation campaigns, and targeting of industrial control systems globally. Checkpoint, a notable player in cybersecurity, has delved into the documents released by these hackers. Although the contents—primarily emails, names, and vendor information—appear non-sensitive at a glance, they pose potential threats for orchestrated future attacks like phishing. It's crucial to note, as highlighted by Checkpoint's analysis, that there is no evidence suggesting these hackers have gained control over any critical operational systems of the facilities they targeted. This distinction is vital for understanding the current impact and potential future threats posed by these cyber activities. If you're navigating the complexities of digital security across various domains—be it phishing, web applications, infrastructure, or cloud services—and seeking insights or support, I invite you to connect, follow, or reach out to me directly on LinkedIn. I'm here to assist in any way possible. 🔗 For an in-depth exploration of this cybersecurity event, check out the full article on Recorded Future : https://lnkd.in/d8rr3bps

🚨 𝗔 “𝗪𝗮𝘁𝗲𝗿𝘀𝗵𝗲𝗱 𝗠𝗼𝗺𝗲𝗻𝘁” 𝗳𝗼𝗿 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗼𝗳 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗡𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 Recent revelations from the UK’s nuclear facility at Sellafield are a stark reminder of the critical importance of robust cybersecurity measures.  This article from 𝘛𝘩𝘦 𝘎𝘶𝘢𝘳𝘥𝘪𝘢𝘯 reveals that 75% of the site’s computer servers were vulnerable to cyber-attacks — putting national security at risk due to outdated systems and inadequate cybersecurity measures. The case may set new legal and operational standards to protect sensitive information and maintain the safety of critical infrastructure. 🔐 #CyberSecurity #CriticalInfrastructure #NationalSecurity 

Happening tomorrow! If you haven't already, register for the webinar presented by Idaho National Laboratory to learn more about National Nuclear Security Administration (NNSA)'s #Cyber Informed Engineering resources for the Advanced and #SMR Industry. #NuclearSecurity

We recently held a Cyber Awareness training session for our staff and a few of our suppliers. What we learned was both intriguing and rather scary. Cyber-attacks come in many different forms, and they can be large-scale, aimed at corporations, utilities, and government. At the same time, small and medium-scale attacks target you, your family, and perhaps your business. Find out more in the article below. #Cybersecurity #Cyberawareness #Quorum #Engineering https://lnkd.in/dzuJGbNZ