Cyber Security: Public-private survey finds cybercrime on the rise

The hackers are winning, according to a survey of 500 executives of U.S. businesses, law enforcement services and government agencies released Wednesday. Read the article here.

Cyber Security: Australian cyber attack has spread to the US

The Apple hackers targeting Australian users over the last few days have spread their operation abroad with the first accounts of attacks in the U.S. Reports started surfacing on Tuesday of a hacker calling himself 'Oleg Pliss' locking Australian Apple users out of their devices and then demanding a ransom of between US$50 and US$100 for the device to be unlocked. Click here to read the article.

Cyber Security: Weak passwords allow hackers in

Weak passwords are one of the primary reasons that allow hackers to compromise passwords, says a security expert. "People don't want to remember more than one password. It boils down to human nature - as long as you meet company policy, then you're okay," Andrew Kirkland, Trustwave regional director for Africa told News24. Read the article here.

Cyber Security: ICS-CERT Confirms Public Utility Compromised Recently

Attackers recently compromised a utility in the United States through an Internet-connected
system that gave the attackers access to the utility’s internal control system network. The
utility, which has not been named, had remote access enabled on some of its Internet-connected
hosts and the systems were only protected by simple passwords. Click here to read the article.

Cyber Security: ICS-CERT Vulnerability Summary for Week of May 19

Click the link below to view the summary of cyber security vulnerabilities for the week of May 19 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-146

Cyber Security: Your Smartphone's Camera Holds The Secret For Unbreakable Quantum Cryptography

Mathematicians concerned with cryptography need novel ways of generating random numbers in order to securely transmit data such as a credit card number or especially private email. But it's hard for computers to generate truly random numbers, as they simply follow whatever instructions you feed it. Read the article here.

Cyber Security: U.S. accuses China of hacking Westinghouse, US Steel

The U.S. accused Chinese military officials of hacking into several U.S. enterprises, including Westinghouse and U.S. Steel, to steal "significant" amounts of trade secrets and intellectual property in an indictment made public Monday. Read more here.

 

Cyber Security: Here's What Chinese Cyber Military Hackers Allegedly Stole From US Companies

A U.S. grand jury in Pennsylvania indicted five Chinese military officials on 31 counts involving cyber espionage, Attorney General Eric Holder said. Read the article here.

Cyber Security: Global crackdown on hackers nabs over 100

The FBI and police in several countries have arrested more than 100 people and conducted hundreds of searches in recent days in a global crackdown on hackers linked to the malicious software called Blackshades, two law enforcement officials told CNN. Click here to read the article.

 

Cyber Security: US eyeing charges in foreign cyber-espionage case

The United States is preparing to announce criminal charges against Chinese military officials in an international cyber-espionage case, a government official said. Read the article here.

Cyber Security: ICS-CERT Vulnerability Summary for Week of May 12

Click the link below to view the summary of cyber security vulnerabilities for the week of May 12 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-139

Cyber Security: Japan, U.S. to cooperate on defending critical cyber infrastructure

The United States and Japan agreed to strengthen cooperation on protecting critical Internet infrastructure from rampant cyber attacks, according to sources familiar with the discussions.
The talks addressed how to protect critical infrastructure such as electric grids from cyber attacks, how to better define issues regarding cyberspace under international law and how to increase developing countries' resistance to hacking. Click here to read the article.

Cyber Security: 300% growth in enterprise attacks across UK and Ireland

At Infosecurity Europe 2014, FireEye announced the release of its Regional Advanced Threat Report for the United Kingdom and Ireland (UKI). Detailing malicious activities captured by the FireEye Security Platform throughout 2013, the report found that an average of over 70 new infections occurred within enterprises every day and that 12 major UKI verticals were impacted by advanced persistent threat (APT) attacks. For a link to the report and to read the article, click here.

Cyber Security: Schneider Electric accelerates its transformation

As growth in key segments of its U.S. customer base expands, Schneider Electric sees itself as growing and changing after the acquisition of Invensys in 2013.

The acquisition of Invensys gave Schneider Electric a strong and complementary portfolio of products in the oil and gas sector. What was less discussed at the time, but an area Laurent Vernerey, the new president and CEO of Schneider Electric’s North American operations, thinks is just as crucial, is a competency in cybersecurity management.

“Compliance is a key question,” he said “We’re seeing a lot more questions about cybersecurity. That picture has changed significantly. (Invensys) had assembled a team of cybersecurity experts, and they bring a legacy of what’s happening at the compliance level.

Click here to read the article.

Cyber Security: The Global Cyber Advisor Newsletter - April 2014 Vol. 31

Welcome to the latest Global Cyber Advisor Newsletter,

We are all about change right now. While organizationally we find ourselves with new and exciting opportunities,  I want to share that my team is taking on a Global challenge and creating a team to help all regions unite, to deliver strong cyber solutions, and to support our valued regional and international clients with consistent solutions from region to region and site to site.   I look forward to assisting in the development of regional delivery teams and supporting them with the tools and experience we have gained in our practice over the last 13 years.   We have methods and tools developed to help our global organization take a major leap forward.   Look for further information in the coming months.

Continuously Secure: We continue to prove to the industry that we stay vigilant and help our customers develop their Cyber Strategies and secure their process environments. We have staff to help our clients on a global basis to assess, design, implement and manage their Cyber posture. We have developed suites of products with complementary consulting, which are unmatched in the industry.   

This month's Consultant's Corner contribution covers “Monitoring Your networks” by Cyber Consultant Curt Christian.

                                                                                            
The Critical Infrastructure and Security Practice has the skills and the resources to help our clients no matter what industry.    We are structured to help with their entire cyber security program.   We have essentially the industry’s largest vendor-based cyber security team that assists our clients secure their entire process environment.    We understand that cyber security extends beyond a single system and our valued clients need assistance and advice in how to secure their entire plant infrastructure.   Cyber security is so much more than product features,  firewalls, and anti-virus software. 

If you’ve missed our previous editions, you can find them at this location:   http://iom.invensys.com/EN/Pages/CyberSecurity-Newsletters.aspx

Click here to open the April 2014 newsletter.

Cyber Security: ICS-CERT Vulnerability Summary for Week of May 5

Click the link below to view the summary of cyber security vulnerabilities for the week of May 5 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-132

Cyber Security: Protect accounts with 2-step verification

Browsers are supposed to keep passwords and other sensitive data safe, but a technical flaw in a widely used padlock security technology allows hackers to grab the information anyway. Click here to read the article.

Cyber Security: Cost of cyber attacks on British companies rises

The financial damage to British companies from cyber security breaches has doubled in the past year, according to a government-commissioned survey released last month.

Though the number of companies hit by information security breaches was down on the previous 12 months, the survey found that the severity and impact of attacks has increased.

Click here to read more.

Cyber Security: The European Parliament votes through cyber security legislation

In February 2013, the European Commission released a draft Network and Information Security Directive.

In addition to provisions aimed at member state governments, the draft directive applied to a wide range of companies within the definition of market operator. Market operators included private companies in the energy, transport, financial services and health sectors and also included ‘enablers of key internet services’, such as providers of e-commerce platforms, social networks, cloud computing services, application stores, internet payment gateways (e.g. WorldPay) and search engines.

Read the rest of the Wragge & Co briefing here.

Cyber Security: ICS-CERT Vulnerability Summary for Week of April 28

Click the link below to view the summary of cyber security vulnerabilities for the week of April 28 as collected and reported by ICS-CERT.

http://www.us-cert.gov/ncas/bulletins/SB14-125

Cyber Security: Microsoft rushes to fix Internet Explorer browser after attacks; no fix for XP users

Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some United States companies. Read the article here.