10-23-17 – News This Past Week

Energy Regulator Acts to Improve Power Grid Security
With growing concern over nation-state cyber attacks comes an increasing need to secure the critical infrastructure. In the Quadrennial Energy Review published in January 2017, the U.S. Energy Department wrote, “Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency.” The reliability of the electric system underpins virtually every sector of the modern U.S. economy, it warned.
http://www.securityweek.com/energy-regulator-acts-improve-power-grid-security

U.S. warns public about attacks on energy, industrial firms
The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.
https://www.reuters.com/article/us-usa-cyber-energy/u-s-warns-public-about-attacks-on-energy-industrial-firms-idUSKBN1CQ0IN

US-CERT study predicts machine learning, transport systems to become security risks
The institute’s CERT Coordination Centre (CERT/CC) sees machine learning as a potential security quagmire, since it expects aggressive adoption in the medium term, but use-cases are legion, making it difficult to observe from a security point of view. In its survey, published this month, the team stated
https://www.theregister.co.uk/2017/10/19/cert_cc_threat_survey/

Passengers Have a Lot to Say About Self-Driving Cars – We Should Listen
Society’s fear of driverless cars is somewhat baffling to me. Given that car crashes attributable to human error cause more than 1 million vehicle deaths every year1, it’s those human-driven cars people should be afraid of. Yet all of us today get behind the wheel and simply trust that the cars coming toward them in the opposite lane will stay where they’re supposed to. From my point of view, unless those are self-driving cars, we should all be terrified.

Passengers Have a Lot to Say About Self-Driving Cars – We Should Listen

IoT Cybersecurity: What’s Plan B?
But the situation is critical. The Internet is dangerous — and the IoT gives it not just eyes and ears, but also hands and feet. Security vulnerabilities, exploits, and attacks that once affected only bits and bytes now affect flesh and blood.
https://www.schneier.com/blog/archives/2017/10/iot_cybersecuri.html

WHY THE KRACK WI-FI MESS WILL TAKE DECADES TO CLEAN UP
“For the general sphere of IoT devices, like security cameras, we’re not just underwater,” says Kevin Fu, a computer scientist at the University of Michigan who focuses on medical device security. “We’re under quicksand under water.”
https://www.wired.com/story/krack-wi-fi-iot-security-broken/

Steps to Improve Critical Infrastructure and ICS Network Security
Hopefully you’ve read those articles with an open mind and taken away from them what I’ve intended – a sense of urgency, a realization that these networks must be a top priority in your security strategy, and a motivation to convince your organization to act. If you haven’t read these articles, I invite you do so today.
http://www.securityweek.com/steps-improve-critical-infrastructure-and-ics-network-security

IoT Deployment Security Top Concern for Enterprises
A new survey shows that 63% of respondents are worried about the impact of the Internet of Things on corporate security technologies and processes.
https://www.darkreading.com/attacks-breaches/iot-deployment-security-top-concern-for-enterprises/d/d-id/1330172

Posted in Uncategorized.