HackDig : Dig high-quality web security articles for hackers

A Quick Guide to Using the ONG-C2M2 Model

The Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2) can help oil and natural gas (ONG) organizations evaluate their cybersecurity programs and make improvements. These tools allow owners and operators in the electricity and ONG sectors to assess their cybersecurity capabilities. Additionally, the tool can inform individuals o
Publish At:2020-07-15 08:59 | Read:445 | Comments:0 | Tags:Energy & Utility Cybersecurity Energy and Utilities Energy I

Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT

The traditional threat landscape comprised of conventional IT assets is difficult enough to protect, detect and respond to, but the landscape seems to be quickly expanding beyond traditional IT. Those new domains are operational technology (OT), the internet of things (IoT) and the internet of medical things (IoMT). Devices from non-traditional IT environmen
Publish At:2020-03-04 13:39 | Read:981 | Comments:0 | Tags:Endpoint Energy & Utility Healthcare Threat Intelligence NIS

Addressing the Clear and Present Danger of an Electrical Power Grid Breach

Power grids are a tantalizing targets for sophisticated attackers. In the U.S., every major economic sector relies heavily on electricity. That dependence includes the military as well. Given the rising threat levels, it isn’t surprising that there are calls for the Department of Defense to ends its reliance on the power grid for key military installat
Publish At:2017-10-31 05:50 | Read:3512 | Comments:0 | Tags:Energy & Utility Risk Management Access Management Energy an

Vulnerabilities Across Verticals: Overcoming Industry-Specific Security Challenges

Every chief information security officer (CISO) faces ongoing threats to his or her company’s assets. While some threats apply to every industry, IT security specialists in the health care, financial services, and energy and utilities sectors need to pay more attention to industry-specific security risks. Although these threats are most prevalent in th
Publish At:2017-09-26 09:56 | Read:3751 | Comments:0 | Tags:Banking & Financial Services CISO Energy & Utility Health Ca

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:4027 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

IBM Experts Weigh In on the Value of an Industry-Focused Approach to Security

To more closely align with the way clients think about security, IBM Security is focused on providing an open security immune system that enables organizations to integrate and leverage the investments they have already made within their specific industry. Experts Discuss the Benefits of an Industry-Focused Security Strategy We consulted six experts from the
Publish At:2017-08-30 20:10 | Read:6092 | Comments:0 | Tags:Industries Automotive Industry Cloud Cloud Security Energy a

Employee Education Is the Key to Enhanced Protection for Energy Companies

It’s a surprise to no one that computer systems need enhanced protection to reduce their susceptibility to cyberattacks, as recent events such as the WannaCry and NotPetya attacks have shown us. These infestations proved that government operations and critical infrastructures are as much at risk as corporate systems. Of particular concern are energy
Publish At:2017-07-21 15:25 | Read:3502 | Comments:0 | Tags:Energy & Utility Chief Information Security Officer (CISO) E

Addressing Security Gaps in the Energy Industry

Every industry has its own unique challenges related to information security. Financial services organizations bear the burden of preventing fraud. Manufacturing businesses have to protect their intellectual property and ensure that manufacturing processes remain resilient to attack. Meanwhile, health care organizations must keep sensitive personal informat
Publish At:2017-06-14 01:00 | Read:4299 | Comments:0 | Tags:Energy & Utility Energy and Utilities Energy Industry Indust

Drilling for Answers: Cyberattacks on the Rise in the Oil and Gas Industry

Often when we hear buzzwords like botnet, malware and spear phishing (among many, many others), we tend to associate them with certain industries — retail, health care, banking. However, in a world driven by the constant effects of newer and better technology, all industries are being affected. Specifically, the oil and gas industry has seen an increase in c
Publish At:2017-06-08 16:05 | Read:3863 | Comments:0 | Tags:Cognitive Energy & Utility Cognitive Security Cybersecurity

Personalizing Energy Security With Robust Analytics

I’m both fascinated and excited by the rise of the prosumer — a proactive energy consumer who uses smart devices to manage consumption, add renewables to the mix and look for personalized services from his or her utility — especially within the context of energy security. Recent security concerns surrounding WannaCry ransomware are all the more relev
Publish At:2017-05-26 08:00 | Read:4203 | Comments:0 | Tags:Cognitive Energy & Utility Security Intelligence & Analytics

Severe vulnerability in GE Multilin SR poses a serious threat to Power Grid

Security experts discovered a critical vulnerability in GE Multilin SR that poses a serious threat to the power grid worldwide. A team of researchers from New York University has found a serious vulnerability in some of GE Multilin SR protection relays that poses a serious threat to power grid. The experts will provide further details about the vulnerability
Publish At:2017-04-28 15:05 | Read:5688 | Comments:0 | Tags:Breaking News Hacking energy industry GE Multilin SR power g

Lesson Learned From Stuxnet

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The cybercriminals behind the attack developed the infamous worm to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows
Publish At:2017-03-10 12:10 | Read:3955 | Comments:0 | Tags:Energy and Utility Infrastructure Protection Energy Industry

Attacks Targeting Industrial Control Systems (ICS) Up 110 Percent

Since IBM X-Force published its report, “Security Attacks on Industrial Control Systems,” last year, we have observed a startling increase in the number of attacks against these systems. Attacks Against Industrial Control Systems Increasing According to IBM Managed Security Services (MSS) data, attacks targeting industrial control systems (ICS) i
Publish At:2016-12-27 17:15 | Read:5451 | Comments:0 | Tags:Infrastructure Protection X-Force Research Energy and Utilit

The US DoE has awarded $34 million projects to secure the power grid

The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of power grid from cyber attacks. A cyber attack against a critical infrastructure is an event that government doesn’t exclude, for this reason, one of the pillars of their cyber strategy is the adoption of countermeasures to improve their resilience to c
Publish At:2016-08-22 16:15 | Read:5837 | Comments:0 | Tags:Breaking News Security APT cyber security energy industry Ha

Two flaws in Siemens SICAM PAS impact the energy industry

Researchers discovered two flaws in the Siemens SICAM PAS widely used in the energy industry. One of the vulnerabilities is still unpatched. Security experts from Positive Technologies that have reviewed the Siemens SICAM PAS (Power Automation System) solution have discovered two information disclosure vulnerabilities (CVE-2016-5848 and CVE-2016-5849) that c
Publish At:2016-07-02 14:30 | Read:4205 | Comments:0 | Tags:Breaking News Hacking Security CVE-2016-5848 CVE-2016-5849 c