The increased physical connectivity of digital assets has expanded the attack surface and added complexity for engineers in industrial environments, says Dragos CEO Robert Lee. More industrial automation and new systems have made it tougher for plant operators to conduct root cause analysis.
Valuations are down, some companies have left the market altogether, and some even have announced deep rounds of layoffs. Yet, Alberto Yépez of Forgepoint Capital retains optimism for the cybersecurity marketplace in 2023 and says now is the ideal time to be ramping up investments in innovation.
Microsoft blamed an internal network configuration change for outages that disrupted access to Microsoft 365 services, including Microsoft Teams and Outlook, for users around the world. The change has been rolled back and additional infrastructure added to speed restoration, it says.
Anytime critical infrastructure gets disrupted, the first question inevitably seems to be: Was a cyberattack to blame? So it went Wednesday when the Federal Aviation Administration announced a "ground stop," prohibiting all U.S. flights from taking off, due to an overnight system failure.
Malaysian Communications and Digital Minister Fahmi Fadzil has ordered an inquiry into an alleged massive data breach that reportedly involves data of Maybank, Astro and the Election Commission. The alleged breach reportedly affects 13 million citizens.
Many healthcare sector organizations would raise their security maturity levels if more CISOs and their teams approached security with business enablement as the objective, says Taylor Lehmann, director for the office of the CISO at Google Cloud.
One of Europe's busiest ports is added to the list of LockBit ransomware victims. The hacking group targeted Portugal's Port of Lisbon on Christmas Day, giving the facility a deadline of Jan.18 to pay a ransom of $1.5 million in exchange for deletion of their data.
California hospital operator Scripps Health has agreed to pay $3.57 million in "minimum cash settlements" of $100 per victim, plus some additional types of expenses, to settle a class-action lawsuit filed by victims of a 2021 data breach perpetrated by ransomware-wielding attackers.
State-backed Russian hacking groups are continuing to focus less on Ukrainian military targets and much more on civilian infrastructure, Ukrainian cybersecurity officials report. Since the start of the year, Ukraine's Computer Emergency Response Team has tracked more than 2,100 major hack attacks.
One of the primary healthcare systems in the northwestern Italian city of Alessandria has been listed as a recent victim of the Ragnar Locker ransomware group, which has leaked stolen data and appears to be continuing to try and extort the organization.
In the latest update, four ISMG editors discuss important issues of 2022, including: CISO Marene Allison's unique career path; Ukrainian government cybersecurity official Victor Zhora on lessons learned from countering cyberattacks; and insights from CEO Nikesh Arora of Palo Alto Networks.
A cybercrime forum this week listed for sale what a seller purports to be 30 million passenger records for users of India's railways. The Indian Ministry of Railways denies that the Indian Railway Catering and Tourism Corp, is the source of any data breach, but says it's investigating.
Global Cyber Alliance CEO Philip Reitinger shares updates on the alliance's Internet Integrity and Capacity & Resilience programs, which tackle key challenges of internet infrastructure, privacy and safety. Success is measured by the number of partners and "who is using the platform," he says.
Many healthcare organizations struggle to recover from ransomware attacks, putting clinical procedures and patient safety in jeopardy during the process, says Steve Cagle, CEO of privacy/consulting firm Clearwater. "They need to think about how the technology is supporting the business," he says.
Construction and engineering firm Sargent & Lundy is informing more than 6,900 individuals that attackers stole their Social Security numbers through an Oct. 15 cyber incident. The firm has engineered 958 power plant units and more than 6,200 circuit miles of power delivery systems.