7-1-19 – News This Past Week

Mission Possible: ICS Attacks On Buildings Are a Reality
In the 1996 thriller, Mission Impossible I, Ethan Hunt hacks the HVAC system of a building to breach its security controls and carry out his mission. Well, the future has arrived
https://www.securityweek.com/mission-possible-ics-attacks-buildings-are-reality

What is Critical Infrastructure and How Should We Protect It?
We hear a lot these days about critical infrastructure, and the importance of protecting it. But what exactly is “critical infrastructure,” what are the greatest threats to it, and what are the best ways to protect it from those threats?
https://www.tenable.com/blog/what-is-critical-infrastructure-and-how-should-we-protect-it

NIST Issues IoT Risk Guidelines
A new report offers the first step toward understanding and managing IoT cybersecurity risks
https://www.darkreading.com/iot/nist-issues-iot-risk-guidelines/d/d-id/1335080

Interoperability and security remain critical factors in any smart city deployment
Over half of respondents expect to see widespread smart city deployments in 10 or more years, while a third predict 5-10 years. Just 15 per cent expect it in less than 5 years

Interoperability and security remain critical factors in any smart city deployment

Medtronic recalls vulnerable MiniMed insulin pumps
The potential risks are related to the wireless communication between Medtronic’s MiniMed insulin pumps and other devices such as blood glucose meters, continuous glucose monitoring systems, the remote controller and CareLink USB device used with these pumps

Medtronic recalls vulnerable MiniMed insulin pumps

Scumbags can program vulnerable MedTronic insulin pumps over the air to murder diabetics – insecure kit recalled
Health implant maker MedTronic is recalling some of its insulin pumps following the discovery of security vulnerabilities in the equipment that can be exploited over the air to hijack them
https://www.theregister.co.uk/2019/06/28/medtronic_insulin_pump_recall/

Industry Reactions to Nation-State Hacking of Global Telcos
The immediate purpose was to steal mobile phone call data records (CDR), and Cybereason believes the primary targets may be foreign intelligence agents, politicians, opposition candidates in an election, or even law enforcement officers. The long-term potential would be to destroy the telcos’ networks in an attack against critical infrastructure
https://www.securityweek.com/industry-reactions-nation-state-hacking-global-telcos

Posted in Uncategorized.