Critical Infrastructure
New UK laws to strengthen critical infrastructure cyber defenses
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual damages of nearly £15 billion ($19.6 billion). The Cyber Security and Resilience Bill, introduced in the UK Parliament on November 12, builds upon the existing Network and Information Systems (NIS) Regulations 2018 and represents […]
Canada says hacktivists breached water and energy facilities
The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. The authorities issued the warning to raise awareness of the elevated malicious activity targeting internet-exposed Industrial Control Systems (ICS) and the need […]
UK to ban public sector orgs from paying ransomware gangs
The United Kingdom’s government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. The list of entities that would have to follow the new proposed legislation includes local councils, schools, and the publicly funded National Health Service (NHS). “Ransomware is estimated to cost the UK economy millions of […]
U.S. warns of Iranian cyber threats on critical infrastructure
U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. CISA says there are no indications of an ongoing campaign but urges critical infrastructure organizations and other potential targets to monitor their defense due to the current unrest in the Middle East and cyber […]
Czechia blames China for Ministry of Foreign Affairs cyberattack
The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country’s Ministry of Foreign Affairs and critical infrastructure organizations. “The malicious activity, which lasted from 2022 and affected an institution designated as Czech critical infrastructure, was perpetrated by the cyberespionage actor APT31 that is publicly associated with the Ministry of State […]
Nova Scotia Power confirms hackers stole customer data in cyberattack
Nova Scotia Power confirms it suffered a data breach after threat actors stole sensitive customer data in a cybersecurity incident discovered last month. Nova Scotia Power, a subsidiary of Emera Inc., is a significant utility in Canada. It serves over 500,000 residential, commercial, and industrial customers in Nova Scotia, holding 95% of the market share. […]
CISA warns of hackers targeting critical oil infrastructure
CISA warned critical infrastructure organizations of “unsophisticated” threat actors actively targeting the U.S. oil and natural gas sectors. While these attacks use very basic tactics to compromise their targets’ industrial control systems (ICS) and operational technology (OT) equipment, CISA also cautioned that they could still lead to significant impact, including physical damage and disruptions. “CISA is increasingly aware of unsophisticated […]
CISA: Medusa ransomware hit over 300 critical infrastructure orgs
CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. This was revealed in a joint advisory issued today in coordination with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “As of February 2025, Medusa developers and affiliates […]
Southern Water says Black Basta ransomware attack cost £4.5M in expenses
United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024. Southern Water is a private utility company in southern England, providing water services to 2.7 million customers and wastewater services to over 4.7 million customers across Kent, Sussex, Hampshire, and the […]
CISA and FBI: Ghost ransomware breached orgs in 70 countries
CISA and FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. Other industries impacted include healthcare, government, education, technology, manufacturing, and numerous small and medium-sized businesses. “Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software […]