The FBI is set to report that ransomware was the most pervasive cybersecurity threat to US critical infrastructure during the year of 2024. As Reuters reports, complaints of ransomware attacks against critical sectors have jumped 9% over the previous year. The annual report from the FBI's Internet Crime Complaint Center (IC3) will reveal that the likes of manufacturing, healthcare, government...

Ransomware has evolved from a distant “I hope it doesn’t happen to us” threat to an insidious, worldwide crisis. Among the sectors most affected is manufacturing, which has found itself more and more in attackers’ crosshairs. Manufacturing has long viewed itself as immune to digital crime, but ransomware attackers have belied this belief. Industrial operations rely heavily on Industrial Internet...

The energy sector has become a prime target for cyberattacks, with successful breaches posing severe risks to national security, economic stability, and public safety. Luckily, the industry is standing up and taking notice, with two-thirds of energy professionals (65%) now saying their leadership now sees cybersecurity as the greatest risk to their business. This was one of the findings from the...

Critical infrastructure organizations bear an enormous responsibility. The assets, systems, and networks they manage are crucial to the functioning of a healthy society. They provide water, energy, transportation, healthcare, telecommunications, and more—should they fail, they would bring entire countries to their knees.The vast importance of Critical National Infrastructure (CNI) makes it a prime...

The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Criminals often exploit known unpatched vulnerabilities to penetrate Industrial Control Systems (ICS) environments and disrupt critical operations. Although patch management seems like the obvious...

The manufacturing sector has long been a favorite target for ransomware actors. However, the true scale of the issue has only recently become apparent: research published in Infosecurity Magazine last December revealed that ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. But why is the manufacturing sector so vulnerable? And what can...

Electricity transmission and distribution are popular topics at the moment, especially as they pertain to utilities infrastructure security. These essential pillars of modern society are undergoing rapid digital transformation, with increased connectivity and technological sophistication harboring large-scale cybersecurity challenges.Electrical critical infrastructure is prone to a plethora of...

Modern factories are increasingly relying on Industrial Internet of Things (IIoT) solutions. This shift is beneficial in many regards, including higher efficiency and transparency, but it also introduces unique cybersecurity concerns. Better vulnerability management for IIoT systems is essential if companies hope to make the most of this technology.The White House’s 2024 cybersecurity report named...

The cyber threat to critical infrastructure has never been greater. The growing sophistication of cybercriminals, deteriorating geopolitical relations, and the convergence of operational technology (OT) and information technology (IT) have created unprecedented risks for critical infrastructure organizations. Fortunately, resources are available to help these organizations protect themselves.In...

The Transportation Security Administration (TSA) has proposed new rules requiring those under its jurisdiction to follow specific cyber risk management (CRM) requirements, report cybersecurity incidents in a certain timeframe, and address physical security concerns.This is positive news for the transportation industry, as hundreds of attacks have been leveled against the sector. These attacks have...

As we enter 2025, the frequency and sophistication of cyberattacks on critical national infrastructure (CNI) in the US are rising at an alarming rate. These attacks target the foundational systems that support everything from energy and water to transportation and communications, and the consequences are far-reaching and potentially catastrophic. They impact not just the operations of these...

London is one of the smartest and most interconnected cities in the world. Digital infrastructure plays a role in almost every facet of society, streamlining public transport, improving healthcare provision, boosting sustainability, and more.However, this reliance on technology has left London’s critical national infrastructure (CNI) perilously vulnerable to digital attacks. As geopolitical...

Cybersecurity threats to manufacturing and process plants come from a wide range of attack vectors, including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors, and new smart devices. Internet of Things (IoT) technologies offer greater connectivity and endless applications, but...

The industrial Internet of Things (IIoT) is growing rapidly. While that’s good news for businesses in terms of productivity and cost savings, these devices carry unique cybersecurity risks that demand attention. Amid such rising concerns, IIoT threat detection is a must.Why Organizations Need IIoT Threat DetectionIIoT endpoints are inherently risky because of the potential for lateral movement....

In recent years, the security of the United States' critical infrastructure has become a pressing concern, particularly in the oil and gas sector, due to its pivotal role in the nation's economy and energy supply. Recognizing this, the Transportation Security Administration (TSA) implements several new directives in July each year aimed at enhancing the security and resilience of vital energy...

Cybersecurity's role in geopolitics is growing more significant by the day. In a world of increasingly sophisticated cyber threats, governments worldwide are recognizing the impact digital attacks can have on national security, trade, and infrastructure.This has never been more evident than with the recent introduction of the Protecting Investments in Our Ports Act by U.S. Senators John Cornyn (R...

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that malicious hackers continue to be capable of compromising industrial control systems (ICS) and other operational technology (OT) using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly.In an advisory posted on CISA's website yesterday, the agency said that internet...

Artificial intelligence (AI) has emerged as a promising solution to modernize power grids. The technology, alongside other upgrades like Internet of Things (IoT) connectivity, could make energy infrastructure more reliable and sustainable. However, AI power grids also pose significant cybersecurity risks.Attacks against critical infrastructure are becoming more common. As energy authorities ramp...

The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state of emergency in seventeen states. Putin’s war in Ukraine has disrupted natural gas supplies across Europe. And now, it seems, it is the electricity providers’...

Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative, and faster than ever. So, understanding attackers' tactics is crucial. The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker...