Once again, Adobe is urging its users to update their software, this time to plug 23 security vulnerabilities found in Adobe Reader and Acrobat. Though Adobe generally releases security updates on a quarterly cycle, this particular update was rushed because at least one of these vulnerabilities was actively exploited by hackers.… Read more
Nearly half of those who work in critical infrastructure systems worldwide expect their company to be targeted by a computer attack over the next year, a new survey has found.
About one-third of the respondents say their company is "extremely" prepared to deal with it, according to the survey (PDF) released today by security company Symantec.
Another 36 percent to 41 percent (depending on the type of attack) say their company is "somewhat" prepared to deal with attacks that range from attempted theft and modification or destruction of data to shutting down computer networks and manipulating … Read more
While not a very sexy topic in realm of politics or green tech news, electrical grid infrastructure is a critical, maybe the critical, component that could make or break a successful U.S. switch to using more renewable energy sources.
Perhaps that's why the Department of Energy announced Tuesday it's giving $8.5 million to four electric grid projects in the final stages of completion.
As part of the Solar Energy Grid Integration Systems (SEGIS) program, from which the money comes, the DOE funds will be matched by private funds from contractors for four chosen projects.
Including the … Read more
A worm that targets critical infrastructure companies doesn't just steal data, it leaves a back door that could be used to remotely and secretly control plant operations, a Symantec researcher said on Thursday.
The Stuxnet worm infected industrial control system companies around the world, particularly in Iran and India but also companies in the U.S. energy industry, Liam O'Murchu, manager of operations for Symantec Security Response, told CNET. He declined to say how may companies may have been infected or to identify any of them.
"This is quite a serious development in the threat landscape," … Read more
The security world is aflutter over new malware that has been spreading via USB devices and is programmed to steal data from systems running specific software used in utilities and industrial manufacturing plants.
There are a lot of moving parts to this story so we've decided to break them down and tell you what is happening and how it impacts you.
What is the malware exactly? The attack involves several components: a worm that spreads via USB drives and exploits a previously unknown vulnerability in Windows and a Trojan backdoor that looks to see if an infected machine is … Read more
When Joe Weiss goes to cybersecurity conferences, he rubs elbows with world dignitaries, law enforcement officials, and large corporations, but usually he's the lone representative from the industrial critical infrastructures.
He's been beating the security drumbeat for the utility industry and the others for at least 10 years, as previously isolated control systems at electrical and nuclear plants, electric substations, oil refineries, and water distribution centers are being modernized with direct connections to other systems and to the public Internet. The introduction of the smart grid is pushing old-school industrial control managers off a technological cliff and increasing … Read more
At the same time YouTube has helped law enforcement from all over the world nab criminals, the video-sharing site has also helped authorities weed out cops who use excessive force.
Perhaps one of the better-known cases involves Patrick Pogan, a former New York City police officer who was seen in a much-watched YouTube video body-slamming a bicyclist in 2008. Pogan is accused of assault and filing a false police report and his trial got underway on Monday, according to a story in The New York Times.
The 24-year-old Pogan, who has resigned from NYPD, faces up to four years in … Read more
Critical infrastructure networks around the world are subject to repeated cyberattacks from foreign governments and other high-level adversaries that can be damaging and costly, according to a report McAfee released Thursday.
Attacks that lead to down time can cost more than $6 million per day, and more than $8 million at oil and gas companies, the report, "In the Crossfire--Critical Infrastructure in the Age of Cyberwar," found.
Meanwhile, respondents said they worry about attacks on critical infrastructure in their countries coming from the U.S. and China more than any other potential aggressors.
For the report, which was … Read more
I both envy and worry about young people who are growing up in the age of the Internet.
I envy them for their lifelong access to a media that's diversified enough to bring them news, information, and opinion from an enormous number of sources.
There's something to be said for having access to thousands of media outlets. Unlike those of us who grew up in the 1950s, 60s and 70s, young people who smartly use the Internet to consume news today don't have to worry about everything being filtered by a small, elite, and typically white male … Read more
As yet, Twitter is likely not on anyone's list of the top 10 most-critical applications. But has the U.S. government given Twitter a big push toward critical application status? This week the U.S. Department of State told Twitter it could not shut down for system maintenance because it had become a lifeline for thousands of protesters in Iran.
That should change the way IT vendors (particularly infrastructure vendors) view social-networking sites such as Twitter, Facebook, YouTube, etc.
Generally speaking, social-networking sites offer no guarantees to users. You post your content, you take your chances. And, while there … Read more