Topic: critical infrastructure
-
How a Small English Town Joined the Global AI Arms Race
A proposal to build a major data center on farmland near Potters Bar has sparked intense local opposition, highlighting a national conflict between technological development and community preservation. The UK government's policy shift, creating a "grey belt" classification and labeling data cente...
Read More » -
Conpet Confirms Data Breach in Cyberattack on Romanian Pipeline
Conpet S.A., Romania's state-owned pipeline operator, suffered a data breach from a Qilin ransomware gang cyberattack, but its physical oil and gas transport operations were not disrupted. The attackers claim to have stolen nearly a terabyte of data, leaking a sample of sensitive internal documen...
Read More » -
NCSC Warns of Severe Cyber-Attacks on Critical Infrastructure
The UK's National Cyber Security Centre (NCSC) has issued an urgent warning to critical national infrastructure providers, citing severe and disruptive cyber-attacks as a present danger, following incidents like those against energy networks in Poland. These sophisticated threats aim to cause hig...
Read More » -
Singapore Foils Chinese Hackers' Telco Network Attack
A sophisticated cyberattack by the state-linked group UNC3886 against Singapore's major telecom providers was neutralized in a year-long, classified national operation, the largest of its kind in the country. The hackers used a zero-day exploit and rootkits to gain stealthy access for intelligenc...
Read More » -
Poland's Energy Grid Breached Via Exposed VPN
In late 2025, a Russia-aligned cyber group targeted Poland's critical infrastructure, exploiting a common vulnerability in internet-exposed Fortinet VPN devices without multi-factor authentication to gain initial access for destructive operations. The attacks primarily focused on renewable energy...
Read More » -
CISA's New Insider Threat Guidance: How to Protect Your Organization
New guidance reframes insider risk as a core organizational challenge, requiring a proactive and collaborative approach that integrates security, HR, legal, and operations into dedicated teams. A recommended four-stage cycle (plan, organize, execute, maintain) helps organizations build mature pro...
Read More » -
Poland Thwarts Cyberattack on Energy Grid
Polish authorities successfully prevented a sophisticated cyberattack on the country's energy infrastructure in late December, which used a new data-wiping malware called DynoWiper. The attack is attributed with medium confidence to the Russia-aligned Sandworm APT, a group linked to Russian milit...
Read More » -
Claroty Secures $150M to Boost Critical Infrastructure Cybersecurity
Claroty secured $150 million in Series F funding, led by Golub Growth, to accelerate global growth and develop a unified platform for protecting critical cyber-physical systems like power grids and water facilities. The need for such protection is urgent, as cyber threats like ransomware increasi...
Read More » -
EU Moves to Block High-Risk Foreign Tech Over Cybersecurity
The European Commission has proposed new mandatory cybersecurity legislation to replace voluntary guidelines, requiring the removal of high-risk foreign suppliers from critical telecom networks to address security vulnerabilities. The rules, which avoid naming specific companies but target concer...
Read More » -
UK Warns of Ongoing Russian Hacktivist Cyber Attacks
The UK's NCSC warns that Russian-aligned hacktivist groups are persistently targeting critical infrastructure and government with disruptive DDoS attacks, causing significant operational and financial harm. A key group, NoName057(16), uses a crowdsourced "DDoSia" platform to launch distributed at...
Read More » -
New Global Rules to Protect Industrial Networks Unveiled
A new international framework led by US, UK, and global agencies establishes security principles to protect operational technology (OT) environments, addressing risks from connecting industrial systems to enterprise networks. The framework advocates for proactively embedding security into OT netw...
Read More » -
How Rakuten Viber Secures Privacy While Fighting Abuse
Security for global messaging platforms is a critical human responsibility, as they serve as essential lifelines during crises; this demands prioritizing availability, integrity, and resilience with life-or-death consequences, not just as technical metrics. End-to-end encryption necessitates prot...
Read More » -
Parliament Seeks Security Experts to Bolster Cyber Resilience
A UK parliamentary committee is actively seeking expert evidence to refine the proposed Cyber Security and Resilience Bill, a major legislative update for critical infrastructure protection. The bill expands regulatory scope to include new entities like managed service providers, mandates stricte...
Read More » -
UK Unveils Major Plan to Fortify Public Sector Cybersecurity
The UK government is investing over £210 million in a new cybersecurity initiative, establishing a central Government Cyber Unit and mandating minimum security standards to protect essential public services. The strategy includes a public-private Software Security Ambassador Scheme and follows ne...
Read More » -
China Ramps Up Cyberattacks Targeting Taiwan
Taiwan faced over 960 million cyber intrusion attempts in 2025, a 6% annual increase, primarily targeting critical infrastructure like energy, emergency services, and hospitals, with attacks attributed to China-based actors. The energy sector saw a tenfold surge in attacks, while emergency and he...
Read More » -
Gentlemen Ransomware Strikes Romanian Energy Provider
A ransomware attack on Romania's Oltenia Energy Complex, a major power supplier, disrupted its IT systems during the holiday period but did not compromise the national energy grid's stability. The attack is attributed to the Gentlemen ransomware group, which uses specific tactics like unique file...
Read More » -
NIST, MITRE Launch $20M AI Centers for Manufacturing and Cybersecurity
NIST is investing $20 million to establish two AI research hubs, managed by MITRE, to strengthen U.S. technological leadership in manufacturing and cybersecurity. The centers aim to boost domestic manufacturing competitiveness and secure critical infrastructure by developing new technology evalua...
Read More » -
Romanian Water Authority Hit by Major Ransomware Attack
A ransomware attack disrupted administrative systems at Romania's national water authority, but crucial operational technology controlling physical water infrastructure like dams remained unaffected and functional. The attackers used the legitimate Windows BitLocker feature to encrypt files, leav...
Read More » -
Africa-Wide Cybercrime Sweep: 574 Arrests, $3M Recovered
Operation Sentinel, a coordinated international law enforcement effort across 19 African countries, resulted in 574 arrests and the recovery of $3 million, targeting major cybercrimes like business email compromise and ransomware. The operation caused significant technical disruptions by taking d...
Read More » -
Denmark Accuses Russia of Cyberattack on Water Supply
Danish intelligence has formally attributed cyberattacks on critical infrastructure to the Russian state, identifying groups Z-Pentest and NoName057(16) as instruments of a hybrid warfare campaign against Western nations. The attacks, including a destructive strike on a water utility and disrupti...
Read More » -
SonicWall SMA1000 Zero-Day Exploited in Active Attacks
SonicWall has issued an urgent alert for SMA1000 appliance users to apply a critical update, as active attacks exploit a new medium-severity local privilege escalation flaw (CVE-2025-40602) chained with a previously patched critical bug to achieve remote code execution with root privileges. The v...
Read More » -
Russian GRU Hackers Target Western Firms via Edge Devices
A Russian military intelligence (GRU) campaign has shifted from exploiting software vulnerabilities to targeting misconfigured customer-owned network edge devices, like routers and VPN gateways, to stealthily infiltrate Western critical infrastructure. This tactical change, documented by Amazon T...
Read More » -
US Critical Infrastructure Hit by Pro-Russia Cyberattacks
Pro-Russia hacktivist groups are exploiting weak security to breach U.S. critical infrastructure, causing real disruptions in sectors like water and energy, as detailed in a joint advisory from CISA, the FBI, and the NSA. These loosely organized groups, such as Cyber Army of Russia Reborn, use ba...
Read More » -
Ukrainian Hacker Accused of Aiding Russian Cyberattacks
A Ukrainian national, Victoria Eduardovna Dubranova, has been extradited to the U.S. and charged for allegedly working with Russian state-backed hacktivist groups to target American critical infrastructure, including water systems and election infrastructure. The indictment details that the group...
Read More » -
Secure Energy Operations: Password & Continuity Management
Energy infrastructure faces a unique cybersecurity challenge: it must enforce strong authentication to prevent catastrophic physical disruptions, while ensuring 24/7 operational continuity where strict policies can be dangerous. The sector is under increasing threat from sophisticated attacks, an...
Read More » -
Smart Grids Face Rising Cyber Threats as They Modernize
The shift to decentralized smart grids dramatically expands the cybersecurity attack surface, as millions of distributed devices like EV chargers and solar inverters each become a potential entry point, demanding security built into every layer. Key vulnerabilities include compromised device firm...
Read More » -
CISA Alerts: Chinese "BrickStorm" Malware Targets VMware Servers
A sophisticated Chinese-linked malware campaign called "Brickstorm" is targeting VMware vSphere servers, using hidden virtual machines to steal credentials and compromise networks, as detailed by U.S. and Canadian cybersecurity agencies. The malware employs advanced evasion techniques like encryp...
Read More » -
US & Australia Release AI Security Guidelines for Infrastructure
U.S. and Australian cybersecurity agencies have released joint guidelines to help critical infrastructure operators securely integrate AI tools, like machine learning models, into operational technology systems while managing new risks. The framework emphasizes key principles, including conductin...
Read More » -
Forward Edge-AI Secures Patent for Quantum-Safe Data Diode
Forward Edge-AI has patented and deployed its Isidore Quantum One-Way Data Diode, a key step in international collaboration for quantum-resistant cyber defense. The system uniquely enables true one-way data flow while supporting post-quantum encryption, closing a critical security gap against fut...
Read More » -
State-Sponsored Cyber-Attacks: A Top Fear for Businesses
State-sponsored cyber-attacks are a top fear for cybersecurity professionals, with many citing a lack of preparedness for such threats linked to geopolitical conflict as a primary concern. Over a third of surveyed professionals feel their governments provide insufficient support, and the risk ext...
Read More » -
Fake Windows Update Spreads Malware, Salesforce Breach Exposed
Attackers are using sophisticated social engineering, like fake Windows Update screens, to deliver malware, while a significant breach at Salesforce highlights ongoing supply chain vulnerabilities. The expansion of IoT networks and AI tools introduces novel privacy and security risks, such as dat...
Read More » -
UK Cyber Resilience Bill: Key Provisions Unveiled
The UK is introducing the Cyber Security and Resilience Bill in response to a 130% surge in significant cyber incidents, aiming to strengthen national digital defenses and protect essential services. The bill expands regulatory scope by classifying data centers, managed service providers, and oth...
Read More » -
Rising Cyber Threats Fuel Push for Economic Security Bill
A UK parliamentary committee report warns that the country's economic security is at risk due to vulnerabilities from foreign dependencies and inadequate defenses against threats like economic warfare. Cybersecurity is identified as a major concern, with the report emphasizing the need for strong...
Read More » -
AI Meltdown: Reshaping Enterprise Expectations
The enterprise AI industry lacks a major failure to drive maturity, as past incidents haven't spurred structural changes due to difficulty proving AI's direct role and reliance on disclaimers to avoid responsibility. A market adjustment is expected as AI hype meets reality, shifting corporate pri...
Read More » -
US Banks Rush to Assess Data Theft After Hackers Breach Fintech Firm
A cybersecurity breach at financial technology provider SitusAMC has compromised sensitive corporate data, including accounting records and legal agreements, affecting major banks like JPMorgan Chase and Citigroup. The attack, discovered on November 12, has been contained with no ransomware used,...
Read More » -
Cisco Warns: Aging Tech Poses Major AI Security Risk
Aging digital infrastructure poses a growing security threat, as outdated systems like routers and network storage often lack patches and support, leaving them vulnerable to exploitation by AI-enhanced attackers. Cisco's "Resilient Infrastructure" initiative addresses this by alerting customers t...
Read More » -
UK's New Cyber Bill to Fortify Critical Services
The UK government has introduced the Cyber Security and Resilience Bill to modernize cybersecurity laws and enhance national defenses against growing cyber threats, updating the 2018 NIS Regulations. The legislation expands regulatory scope to include managed service providers, data centers, digi...
Read More » -
Russian Hackers Unleash Destructive Wiper Attacks on Ukraine
Russian state-linked hackers, Sandworm, have launched wiper malware attacks on Ukrainian sectors including government, energy, logistics, and the grain industry, as part of a broader digital offensive alongside military actions. The targeting of Ukraine's grain sector is particularly strategic, a...
Read More » -
Google Warns of Rising Cyber-Physical Attacks in Europe
Google Cloud Security forecasts a major increase in cyber-physical attacks on Europe's critical infrastructure by 2026, targeting sectors like energy, transportation, and digital systems, which threatens public safety and economic stability. State-sponsored cyber espionage from countries such as ...
Read More » -
Building Cyber Defenses: How Nations Secure Their Digital Borders
Cyberspace is now recognized as the fifth domain of warfare, with nations integrating cyber operations into military and intelligence activities, yet accurately attributing attacks remains a major challenge. Active cyber defense strategies, such as threat hunting, are essential for resilience, en...
Read More » Australia's Cyber Crisis: A Call to Action for Businesses
Australian businesses face sophisticated cyber campaigns aimed at crippling economic stability and critical national functions, moving beyond simple data theft to cause national paralysis. The conflict in Ukraine demonstrated that cyber warfare is synchronized with military operations, targeting ...
Read More »-
Is Solar Power Overwhelming the Grid?
Insecure domestic solar power systems pose a new threat to national electricity grids, as vulnerable control devices could be manipulated to cause synchronized power disruptions, according to a recent report. Common IoT devices like smart cameras are being exploited for privacy invasions, enablin...
Read More » -
Secure Your Exchange Server: CISA & NSA Best Practices
A new cybersecurity framework from CISA and the NSA provides detailed steps to protect Microsoft Exchange Server installations from sophisticated threats, focusing on hybrid and on-premises environments. Key recommendations include restricting administrative access, enforcing multi-factor authent...
Read More » -
Conti Ransomware Suspect Extradited to Face Court
Oleksii Lytvynenko has been extradited from Ireland to the U.S. for his alleged role in the Conti ransomware group, accused of hacking systems and extorting ransom payments. The Conti ransomware targeted over 1,000 entities globally, causing at least $150 million in damages and posing a significa...
Read More » -
State Hackers Infiltrated Telecom Giant Ribbon for Months
Ribbon Communications disclosed that state-sponsored hackers had unauthorized access to its systems for nearly a year, starting in December 2024, and has since removed them with law enforcement involvement. The breach affected a customer base including Fortune 500 companies and government departm...
Read More » -
PMT Security and DroneShield Unite to Protect Australia's Critical Infrastructure
PMT Security and DroneShield have formed a strategic alliance to enhance protection for Australia's critical infrastructure and government facilities against unauthorized drones by integrating advanced counter-drone capabilities. The partnership addresses rising security threats from drones, such...
Read More » -
Bitdefender & NETGEAR: Rising Home Cybersecurity Threats
Modern homes face nearly triple the daily cybersecurity attacks compared to last year, with households averaging 22 connected devices and enduring about 29 attacks daily. Entertainment devices like streaming systems, smart TVs, and IP cameras are the most vulnerable, often unpatched and accountin...
Read More » -
DigiCert Unveils First RADAR Threat Intelligence Brief
DigiCert's inaugural RADAR Threat Intelligence Brief reveals an unprecedented escalation in DDoS attacks, with two incidents reaching peaks of 2.4 and 3.7 terabits per second, signaling a shift where internet infrastructure becomes both weapon and battleground. The report identifies key trends in...
Read More » -
DroneShield Launches RfPatrol Plugin for TAK Ecosystem
DroneShield has launched a new plugin for the TAK ecosystem, enabling RfPatrol Mk2 users to integrate drone detection data directly into the CivTAK platform for enhanced situational awareness. The plugin provides real-time alerts and overlays detection data with other sensor inputs on the CivTAK ...
Read More » -
AWS Outage Exposes Widespread Risk of Provider Dependency
A major AWS outage originating from the US-EAST-1 region caused widespread internet disruptions, rendering popular services like Signal, Snapchat, and Amazon's Alexa inaccessible for an extended period. The root cause was identified as an internal DNS failure within AWS infrastructure, highlighti...
Read More »