Critical Infrastructure

Joint Alert Warns Advanced Hackers Have Developed Tool Targeting Industrial Control Systems

The design of the tool, which allows full system access to certain operational technology in environments such as power plants and water treatment facilities, can also be used by less sophisticated attackers.

FCC Chair Claims Cybersecurity Role Congress Crafted for CISA

The commission is joining the fray in a budding turf fight at the Cybersecurity and Infrastructure Security Agency that also involves sector risk management agencies like the Department of Energy.

Partisan Rift Stalls Efforts to Secure Critical Infrastructure from Cyberattack

U.S. Cybersecurity Policy heads back to square one as a public-private bargain that emerged from the Congressionally mandated Solarium Commission breaks down.

Why the White House is Focused on Community-Level Water Cybersecurity

A hack on municipal water and wastewater systems could have devastating consequences on an essential resource.

White House Warns of Potential Russian Cyberattack Based on New Intel

Officials, distressed by the continued lack of cybersecurity basics implemented in the private sector, issued “a call to action.”

Outgoing Official Pushes for CISA Shift from Risk Advisor to Risk Reducer

After almost a decade and a series of massive intrusion campaigns, government and industry may finally be ready to have the crucial talk about cybersecurity metrics they’ve been avoiding.

NIST Refreshing Voluntary Cybersecurity Framework Amid Push for Mandates

The agency is soliciting comments to update a core document that lets entities pick and choose which technical standards they want to apply to their systems based on their own risk assessment.

Nuclear Regulators Want Machines to Monitor Cyberattacks on Power Plants

This isn’t the NRC’s first ask about machine learning and artificial intelligence.

Nearly 100 Utility Companies Now Participate in Cyber Sensor Initiative

The White House effort to secure industrial control systems from cyberattack requires nothing of the private sector. 

FBI: Ransomware Attackers Have Code to Halt Critical Infrastructure

Monitoring remote access technology will be especially important for limiting the reach of malicious actors, allied cybersecurity agencies said in a report on trends they’ve observed over the last year in a booming ransomware industry.

EPA Leading White House Effort to Secure the Water Sector Against Cyberattacks

This is the third in a series of 100-day sprints to shore up industrial control systems used in critical infrastructure.

Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE

An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.

Energy Launches New Program To Overhaul the U.S. Electrical Grid

Pursuant to President Biden’s sustainable energy plans, the Department of Energy launched a new initiative to restore the country’s electrical grid through expanded access and more resilient systems.

The Implications of Publicly Disclosing Cyberattacks

Officials must weigh the benefits and risks on a case-by-case basis.

Labor Seeks Members For Telecom Working Group Focused on 5G

The agency is seeking qualified members for its Telecommunications Interagency Working Group, part of the Infrastructure Act passed in November.

DHS Redefines ‘Cybersecurity Incident’ in Directives for Surface Transportation

The new definition allows industry more flexibility to decide what should trigger reporting mandates for the sector.

Commerce Proposes Third Party Audits as Criteria in Supply Chain Rule for Software

The Government Accountability Office says CISA should also update its approach to communications sector reliability by securing the supply chain for information and communications technology.