industrialcyber.co
Open in
urlscan Pro
104.26.12.23
Public Scan
Submitted URL: https://go.network-perception.com/NjY5LUpOWi00NTgAAAGRucyTvUWKGpsZDH1IKA5ZWOp6nHShLM7ffIWfhAFI9BI4Nb4DH8Zm6fyb_ulS52F9IGqu3qE=
Effective URL: https://industrialcyber.co/critical-infrastructure/cyber-attacks-continue-to-hit-critical-infrastructure-exposing-vulnerabi...
Submission: On March 17 via manual from CA — Scanned from CA
Effective URL: https://industrialcyber.co/critical-infrastructure/cyber-attacks-continue-to-hit-critical-infrastructure-exposing-vulnerabi...
Submission: On March 17 via manual from CA — Scanned from CA
Form analysis 2 forms found in the DOM
GET https://industrialcyber.co/
<form role="search" method="get" class="searchform" action="https://industrialcyber.co/">
<input class="input input-search" type="text" value="" name="s" placeholder="Search">
<button class="searchform-button" type="submit" title="Search">
<svg class="style-svg replaced-svg svg-replaced-0" id="svg-replaced-0" fill="none" viewBox="0 0 12 12" height="12" width="12" xmlns="http://www.w3.org/2000/svg">
<g clip-path="url(#clip0)">
<path fill="white"
d="M11.8633 11.2036L8.93474 8.27504C9.66268 7.39966 10.1012 6.27558 10.1012 5.05078C10.1012 2.26577 7.83554 0 5.05065 0C2.26571 0 0 2.26577 0 5.05078C0 7.83561 2.26571 10.1012 5.05065 10.1012C6.27539 10.1012 7.39953 9.66269 8.27491 8.93474L11.2036 11.8633C11.2946 11.9545 11.4141 12 11.5334 12C11.6528 12 11.7723 11.9545 11.8634 11.8633C12.0456 11.6811 12.0456 11.3858 11.8633 11.2036ZM0.933106 5.05078C0.933106 2.78028 2.78022 0.933107 5.05065 0.933107C7.32102 0.933107 9.16808 2.78028 9.16808 5.05078C9.16808 7.32109 7.32102 9.16808 5.05065 9.16808C2.78022 9.16808 0.933106 7.32109 0.933106 5.05078Z">
</path>
</g>
<defs>
<clipPath id="clip0">
<rect fill="white" rx="5" height="12" width="12"></rect>
</clipPath>
</defs>
</svg> </button>
</form>GET https://industrialcyber.co/
<form role="search" method="get" class="searchform" action="https://industrialcyber.co/">
<input class="input input-search" type="text" value="" name="s" placeholder="Search">
<button class="searchform-button" type="submit" title="Search">
<svg class="style-svg replaced-svg svg-replaced-2" id="svg-replaced-2" fill="none" viewBox="0 0 12 12" height="12" width="12" xmlns="http://www.w3.org/2000/svg">
<g clip-path="url(#clip0)">
<path fill="white"
d="M11.8633 11.2036L8.93474 8.27504C9.66268 7.39966 10.1012 6.27558 10.1012 5.05078C10.1012 2.26577 7.83554 0 5.05065 0C2.26571 0 0 2.26577 0 5.05078C0 7.83561 2.26571 10.1012 5.05065 10.1012C6.27539 10.1012 7.39953 9.66269 8.27491 8.93474L11.2036 11.8633C11.2946 11.9545 11.4141 12 11.5334 12C11.6528 12 11.7723 11.9545 11.8634 11.8633C12.0456 11.6811 12.0456 11.3858 11.8633 11.2036ZM0.933106 5.05078C0.933106 2.78028 2.78022 0.933107 5.05065 0.933107C7.32102 0.933107 9.16808 2.78028 9.16808 5.05078C9.16808 7.32109 7.32102 9.16808 5.05065 9.16808C2.78022 9.16808 0.933106 7.32109 0.933106 5.05078Z">
</path>
</g>
<defs>
<clipPath id="clip0">
<rect fill="white" rx="5" height="12" width="12"></rect>
</clipPath>
</defs>
</svg> </button>
</form>Text Content
Register Login * Topic Channels * IT/OT Collaboration * Malware, Phishing & Ransomware * Transportation * Management & Strategy * Risk & Compliance * Supply Chain Security * Zero Trust for OT * Features * Vendor Directory * Resources * Buyer’s Guide 2023 * Gov. & Regulations * Guides & frameworks * All Resources * Events * Team * Editors & SMEs * Industry Experts * Contribute * Hall of Fame * Sinclair Koelemij * Megan Samford * Joe Weiss * Eric Byres * Robert Lee * Contact HomeAttacks and VulnerabilitiesCyber attacks continue to hit critical infrastructure, exposing vulnerabilities in oil, water, healthcare sectors Attacks and Vulnerabilities Control device security Critical infrastructure Industrial Cyber Attacks Malware, Phishing & Ransomware Medical Mining, Oil & Gas News Threat Landscape Utilities: Energy & Power, Water, Waste Vulnerabilities CYBER ATTACKS CONTINUE TO HIT CRITICAL INFRASTRUCTURE, EXPOSING VULNERABILITIES IN OIL, WATER, HEALTHCARE SECTORS February 14, 2024 Recent cyber attacks targeting critical infrastructure facilities have resulted in significant data breaches, impacting operations at a Canadian oil pipeline company, a U.K.-based water company, and a hospital that is entering its third week of limited communication with patients after its network was hit with a cyberattack. These incidents reveal how sophisticated cybercriminals exploit weaknesses in security systems to disrupt services, steal sensitive information, or demand ransom. Clearing these attacks causes immediate operational setbacks that expose the potential for long-term damage to public trust and safety. Such incidents serve as a stark reminder of the urgency to safeguard critical infrastructure against cyber threats, highlighting the need to bolster cybersecurity defenses and ensure public safety and confidence. The ALPHV/BlackCat ransomware group is allegedly behind a cyberattack on Canada’s Trans-Northern Pipelines, during which they reportedly extracted 190 GB of data from the oil distribution firm. Furthermore, Southern Water has alerted its customers that data related to 5 to 10 percent of its customer base was compromised in a cyber attack. Meanwhile, the Lurie Children’s Hospital is entering its third week of limited communication with patients after its network was hit with a cyberattack. Confirming Wednesday that its internal network was breached in November 2023, Trans-Northern Pipelines (TNPI) said that it’s now investigating claims of data theft made by the ALPHV/BlackCat ransomware gang. The latest move comes as ALPHV added Trans-Northern to its blackmail site on Tuesday and said that ‘all important information in the amount of 190GB was stolen. All files are public, Good luck.’ “Trans-Northern Pipelines Inc. experienced a cybersecurity incident in November 2023 impacting a limited number of internal computer systems,” Lisa Dornan, TNPI Communications Team Lead told BleepingComputer. “We have worked with third-party, cybersecurity experts, and the incident was quickly contained. We continue to safely operate our pipeline systems. We are aware of posts on the dark web claiming to contain company information, and we are investigating those claims.” Trans-Northern operates regulated pipelines to transport refined petroleum products such as gasoline, diesel, aviation, and heating fuel, used by Canadian businesses and consumers every day. These pipelines connect refineries in Edmonton to Calgary, including the Calgary International Airport; and refineries in Nanticoke, Ontario, and Montreal to the Greater Toronto Area (GTA), with lateral pipelines to Ottawa as well as to Pearson International Airport and Pierre-Elliot Trudeau International Airport. The attack on the oil pipeline company serves as a reminder to the critical infrastructure sector of the May 2021 ransomware cyber attack on Colonial Pipeline, which impacted computerized equipment managing the pipeline. At the time, Colonial Pipeline halted all pipeline operations to contain the attack. Overseen by the U.S. FBI (Federal Bureau of Investigation), the company paid the amount that was asked by the hacker group (75 bitcoin or US$4.4 million) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state. In December, the U.S. Department of Justice made a significant announcement on Tuesday regarding its disruption campaign against the Blackcat ransomware group, also known as ALPHV or Noberus. The group has demonstrated a high level of proficiency in targeting and compromising over 1,000 computer networks, resulting in significant global repercussions. Particularly concerning is their deliberate focus on infiltrating networks that support critical infrastructure within the U.S. In its update this week, Southern Water announced Monday that “data from a limited part of Southern Water’s server estate had been stolen and was at risk following an illegal intrusion into our IT systems. This arose from our ongoing investigation into suspicious activity, as detailed in our statement on 23 January 2024.” It added that “Based on our forensic investigations so far, which are ongoing, we are notifying in the order of 5 to 10 percent of our customer base to let them know that their personal data has been impacted. We are also notifying all of our current employees and some former employees.” Additionally, these notifications include security advice, as well as guidance on recommended precautionary steps and details of the support we are offering them. “This support includes enhanced Experian credit monitoring, free of charge, for the next 12 months. The service provides active monitoring which can detect and help prevent fraudulent misuse of personal information.” Southern Water also disclosed that “We continue to work with our expert technical advisers to confirm whose data is at risk. Our initial assessment is that this is the case for some of our customers and current and former employees.” The Lurie Children’s Hospital’s website continues to be down Wednesday morning, as even non-Lurie health providers that use its network are dealing with limited access to patients’ medical history, lab results, and other crucial information needed for care decisions, WBEZ reports. There have also been reports that the FBI is investigating a cyberattack on Lurie Children’s Hospital that still has the Chicago provider’s systems offline and elective surgeries and procedures canceled until further notice. While the hospital has not revealed the type or nature of the attack, which occurred on January 31, it did confirm that a ‘known criminal threat actor’ breached its network. On Tuesday, industrial cybersecurity company Dragos disclosed that it has been tracking activity by the Voltzite threat group, which overlaps with Volt Typhoon, since early 2023. The group has been observed performing reconnaissance and enumeration of multiple U.S.-based electric companies since early 2023, and since then has targeted emergency management services, telecommunications, satellite services, and the defense industrial base. Last week, the U.S. CISA (Cybersecurity and Infrastructure Security Agency) released a report detailing some of the techniques, tools, and infrastructure used by Voltzite over the previous year. Anna Ribeiro Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT. Previous FEATURES Next Dealing with OT asset monitoring and discovery to enhance cybersecurity across industrial, OT systems Empowering women in ICS cybersecurity, promoting diversity and inclusion remains in focus as S4x24 takes off Exploring changing terrain of OT/ICS cybersecurity issues, regulatory adherence, new threats Growing convergence of geopolitics and cyber warfare continue to threaten OT and ICS environments in 2024 US Congressional hearings on cybersecurity highlight urgency to protect critical infrastructure, OT from cyber threats Previous NEWS Next MITRE-Harris poll reveals US public’s concerns over critical infrastructure and perceived risks March 15, 2024 Mitsubishi Electric, Nozomi to expand OT security business for enhanced system security and availability March 15, 2024 EU Parliament approves Cyber Resilience Act, as MEPs adopt plans to boost security of digital products March 14, 2024 US Federal Budget for FY 2025 boosts cybersecurity investments amid escalating threats March 14, 2024 Nozomi secures $100M investment to boost defense against cyber threats to global critical infrastructure March 13, 2024 Claroty launches advanced anomaly threat detection for Medigate to boost healthcare cybersecurity standards March 13, 2024 Rockwell Automation names Stephen Ford chief information security officer March 13, 2024 ODNI’s 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability March 13, 2024 Australia’s CISC releases updated cybersecurity guidance for Systems of National Significance March 13, 2024 Previous RESOURCES Next MITRE-Harris Poll Public Perceptions on Securing Critical Infrastructure Download Enhanced Cyber Security Obligations – Incident Response Planning (Australia) Download Enhanced Cyber Security Obligations – Cyber Security Exercise (Australia) Download Cybersecurity Improvements Needed in Addressing Risks to Operational Technology (GAO) Download Advancing Zero Trust Maturity Throughout the Network and Environment Pillar (NSA) Download Strategy for Cyber-Physical Resilience – Report to the President Download The NIST Cybersecurity Framework (CSF) 2.0 Download Cybersecurity and resiliency of Europe’s communications infrastructures and networks Download A COMPLIMENTARY GUIDE TO THE WHO`S WHO IN INDUSTRIAL CYBERSECURITY TECH & SOLUTIONS Free Download Previous RELATED Next MITRE-Harris poll reveals US public’s concerns over critical infrastructure and perceived risks Mitsubishi Electric, Nozomi to expand OT security business for enhanced system security and availability Comprehensive Guide to Integrated Operations (Part 3) EU Parliament approves Cyber Resilience Act, as MEPs adopt plans to boost security of digital products US Federal Budget for FY 2025 boosts cybersecurity investments amid escalating threats Nozomi secures $100M investment to boost defense against cyber threats to global critical infrastructure Claroty launches advanced anomaly threat detection for Medigate to boost healthcare cybersecurity standards Rockwell Automation names Stephen Ford chief information security officer ODNI’s 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability Australia’s CISC releases updated cybersecurity guidance for Systems of National Significance JOIN THE INDUSTRIAL CYBER COMMUNITY Get the latest breaking OT/ICS news, access the resources and participate in our ICS Forum. Register * Contact Us * Editorial * Advertising * Technology & Solutions * Industries * Vendors * News * Management & Strategy Follow Us Copyright © 2024 Industrial Cyber All rights reserved | Terms and Conditions Privacy Policy | Cookie Policy This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie SettingsACCEPT Privacy & Cookies Policy Close PRIVACY OVERVIEW This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience. Necessary Necessary Always Enabled Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously. CookieDurationDescriptioncookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. Functional Functional Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features. Performance Performance Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors. Analytics Analytics Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc. Advertisement Advertisement Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads. Others Others Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet. SAVE & ACCEPT Powered by