Cyber Research

Cyber News

Cyber Info


 July, 2016







 In this issue



*         Industrial Control Systems and the Threat of Cyber Attack

*         European Commission signs agreement with industry on cybersecurity and steps up efforts to tackle cyber-threats

*         The Value of a Hacked Company

*         FDIC was hacked by China, and CIO covered it up

*         Latest Cyber Security News


about the Cyber Security News update

The Cyber News Update is an activity of the Cyber Research Center - Industrial Control Systems and intended to reach out to all Cyber Security Professionals interested in industrial / critical infrastructure threats, protection & resilience. For more information visit the CRC-ICS website at www.crc-ics.net or www.cyber-research-center.net


Industrial Control Systems and the Threat of Cyber Attack

July 19, 2016

Hacking and cyberattacks are familiar terms to most people who use a computer in their work or personal life. Many people have suffered the vexations that can be caused by a malicious virus.

But computing power is also essential to the daily operation of much wider critical infrastructure – transport and communication networks, healthcare services and all forms industry. The systems involved are also increasingly liable to attack whether for criminal gain, political hostility or malicious vandalism.

Devices and associated communications that constitute Industrial Control Systems (ICS) are particularly susceptible to such attacks. For one thing, unlike office-based systems, which often consist of only a few software programs from a single vendor running on standardized hardware, ICS often comprises multiple types of software and hardware elements. Moreover, they may incorporate both modern and legacy elements – even occasionally operating systems as antiquated as MS-DOS - and similarly both customized and off-the-shelf components.

That characterization of challenges faced by ICS is provided by Andrey Suvorov, head of critical infrastructure protection business development for Kaspersky Lab, the Russian company probably best known for its computer security products for the desktop environment.

Moscow-based Suvorov says that the company identified infrastructure protection as a significant area of activity four years ago and has been working to develop appropriate products and services, some in cooperation with providers of relevant industrial technology and users. In April 2016 Kaspersky launched a package of software and support services which it calls KICS (Kaspersky Industrial CyberSecurity).


But Suvorov emphasises that feedback from industrial companies has made Kaspersky aware of a fundamental requirement for any set of products. One requirement is that products must be entirely “passive” in relation to the operations they protect and not interfere with them in any way. He also says protection must be active at all three of the levels of ICS: overall supervisory control and data acquisition (SCADA) software, networking, and the programmable logic controllers (PLCs) installed on the actual hardware involved. He says that protection at just one or two of those levels is insufficient and indeed potentially dangerously “illusory.”

(Read "Preventing a Cybersecurity Nightmare.")

Suvorov also says that the scale and complexity of ensuring ICS cyber-security means that by itself the industrial equivalent of the firewall and anti-virus software packages found in personal computing are inadequate.

“We can easily install a solution to provide basic protection such as on a new device in an industrial network or for a new type of communication between two nodes in that network,” he says. But in an ICS environment, there are also “specific issues which are related to the industry, the individual plant and even particular processes at that plant.”

Industrial Fraud

Take, for instance, the hypothetical example of a terminal for offloading oil from a tanker vessel into some other form of storage. This, Suvorov says, indicates just the sort of scenario in which a cyber attack might take place. For example, an attempt might be made to compromise the control software for a pump in order to produce a disparity between the real and apparent volume of oil offloaded. Kaspersky's research has at least a handful of cases where attempts have been made “to use a SCADA environment for industrial fraud.” The goal, therefore, is “not to destroy an IT infrastructure but to exploit deep knowledge of it to steal a physical asset.”

(Read "NIST Updates Systems Security Engineering Guidelines.")

Nor is there any shortage of real such incidents. One cited by Kaspersky's founder and CEO Eugene Kaspersky was the hacking of a computer system at the port of Antwerp in Belgium. That event allowed the selective unloading of containers that were being used to smuggle illegal narcotics. Criminals, he said in April, certainly do “recognize the power of cyber.” An intriguing point about such criminality, he added, is that unlike a more conventional form of robbery, the victims “may not even be aware of what has happened.”

Another complicating factor is the increasing connectivity of ICS networks to other IT systems that may be external and that possibly are connected over the Internet, for instance to provide “board level” management information in real-time. But, as Suvorov says, such a configuration may compromise the isolation of ICS installations from wider networks. And isolation has generally been a fundamental design criteria.

Moreover, the individual elements that make up ICS installations were “designed without a deep assessment of real threats.” As such almost all current PLCs “have at least a couple of vulnerabilities that can be exploited by attackers.”

Weak Protocols

Vulnerabilities appear to be getting worse not better – between 2010-2015 the number of identified ICS vulnerabilities rose from 19 to 189 with human machine interfaces and SCADA systems among the most vulnerable.In July 2016 Kaspersky released a report on worldwide ICS vulnerabilities based on its own research. Its findings underlined the sheer scale of the potential for mayhem. The research identified 188,019 “host” computing installations around the world that have ICS components. Nearly a third of these (57,417) are in the United States. Some 92% of these installations contain identifiable vulnerabilities most which are classified as “medium” risk. A small minority, however, is classed as “critical.”

(Read "Designing Security Features into Industrial Assets.")

Perhaps the most unsettling figure to emerge from the research, though, is that vulnerabilities appear to be getting worse not better – over the period 2010-2015 the number of identified ICS vulnerabilities increased from 19 to 189 with human machine interfaces (HMIs) and SCADA systems among the most vulnerable. By far the most consistent factor – in more than 170,000 cases – is “weak Internet connection protocols.”

In response, Kaspersky is opening of what it says will be the first in a series of dedicated education and training centers in ICS cyber-security for industrial engineers and managers. This initial Centre of Industrial Security Competences is in Innopolis in the Russian region of Tatarstan, some 40 miles from the local capital Kazan and aimed specifically at engineers and managers in the region's oil and gas industries. Indeed, Suvorov says that unless appropriate awareness and training is provided at three distinct levels within a company – business management, general IT and operational technology – security measures will not be effective. As such, one of the Centre’s activities will be be a strategy game in which participants can test their response to a cyber attack on a critical infrastructure installation.

Suvorov says that the initiative is not simply about the providing training for Kaspersky products but to get across a more fundamental message: “We have to make the people involved aware that their processes can be remotely accessed and compromised by someone using no more than a keyboard.”

Selfie Threat?

The Centre’s basic product offering will be a three-day training course aimed at educating participants on the full range of threats that a “connected world” can pose to industrial operations.

Some of those threats can be surprising. For example, something as seemingly innocent as the use of social networks by engineering personnel can provide an opportunity for malicious outsiders. Posting a photo of themselves in their work environment that shows display screens, for instance, may reveal to someone with the appropriate technical competence the SCADA software being used and other details that might help them hack into the system from outside.

What is certain is that the threat involved will not go away and will instead continue to evolve. Suvorov identifies two categories of future challenges. The first is “external” and derives from the “new behavior of attackers,” specifically the fact that they are now perceptibly shifting their attacks from financial targets such as banks to industrial operations. The second is “internal” and requires a change in the mindset of organizations so that they recognize the potential of what Suvorov terms “industrial cyber risk” to have real and deleterious consequences.

European Commission signs agreement with industry on cybersecurity and steps up efforts to tackle cyber-threats

July 5, 2016

The Commission today launches a new public-private partnership on cybersecurity that is expected to trigger €1.8 billion of investment by 2020. This is part of a series of new initiatives to better equip Europe against cyber-attacks and to strengthen the competitiveness of its cybersecurity sector.

According to a recent survey, at least 80% of European companies have experienced at least one cybersecurity incident over the last year and the number of security incidents across all industries worldwide rose by 38% in 2015. This damages European companies, whether they are big or small, and threats to undermine trust in the digital economy. As part of its Digital Single Market strategy the Commission wants to reinforce cooperation across borders, and between all actors and sectors active in cybersecurity, and to help develop innovative and secure technologies, products and services throughout the EU.

Andrus Ansip, Vice-President for the Digital Single Market, said: "Without trust and security, there can be no Digital Single Market. Europe has to be ready to tackle cyber-threats that are increasingly sophisticated and do not recognise borders. Today, we are proposing concrete measures to strengthen Europe's resilience against such attacks and secure the capacity needed for building and expanding our digital economy."

Günther H. Oettinger, Commissioner for the Digital Economy and Society, said: "Europe needs high quality, affordable and interoperable cybersecurity products and services. There is a major opportunity for our cybersecurity industry to compete in a fast-growing global market. We call on Member States and all cybersecurity bodies to strengthen cooperation and pool their knowledge, information and expertise to increase Europe's cyber resilience. The milestone partnership on cybersecurity signed today with the industry is a major step ."

Today's action plan includes the launch of the first European public private partnership on cybersecurity. The EU will invest €450 millionin this partnership, under its research and innovation programme Horizon 2020. Cybersecurity market players, represented by the European Cyber Security Organisation (ECSO), are expected to invest three times more. This partnership will also include members from national, regional and local public administrations, research centres and academia. The aim of the partnership is to foster cooperation at early stages of the research and innovation process and to build cybersecurity solutions for various sectors, such as energy, health, transport and finance. Commissioner Oettinger today signs the partnership with the ECSO in Strasbourg (photos and videos to be available at around 12.00 CET).

The Commission also sets out different measures to tackle the fragmentation of the EU cybersecurity market. Currently an ICT company might need to undergo different certification processes to sell its products and services in several Member States. The Commission will therefore look into a possible European certification framework for ICT security products.

A myriad of innovative European SMEs have emerged in niche markets (e.g. cryptography) and in well-established markets with new business models (e.g. antivirus software), but they are often unable to scale up their operations. The Commission wants to ease access to finance for smaller businesses working in the field of cybersecurity and will explore different options under the EU investment plan.

The Network and Information Security Directive, which is expected to be adopted by the European Parliament tomorrow, already creates a network of Computer Security Incident Response Teams across the EU in order to rapidly react to cyber threats and incidents. It also establishes a ‘Cooperation Group’ between Member States, to support and facilitate strategic cooperation as well as the exchange of information, and to develop trust and confidence. The Commission today calls on Member States to make the most of these new mechanisms and to strengthen coordination when and where possible. The Commission will propose how to enhance cross-border cooperation in case of a major cyber-incident. Given the speed with which the cybersecurity landscape is evolving, the Commission will also bring forward its evaluation of the European Union Agency for Network and Information Security (ENISA).This evaluation will assess whether ENISA's mandate and capabilities remain adequate to achieve its mission of supporting EU Member States in boosting their own cyber resilience. The Commission also examines how to strengthen and streamline cybersecurity cooperation across different sectors of the economy, including in cybersecurity training and education.


Read more at http://europa.eu/rapid/press-release_IP-16-2321_en.htm

The Value of a Hacked Company

July 4, 2016.

Most organizations only grow in security maturity the hard way — that is, from the intense learning that takes place in the wake of a costly data breach. That may be because so few company leaders really grasp the centrality of computer and network security to the organization’s overall goals and productivity, and fewer still have taken an honest inventory of what may be at stake in the event that these assets are compromised.

If you’re unsure how much of your organization’s strategic assets may be intimately tied up with all this technology stuff, ask yourself what would be of special worth to a network intruder. Here’s a look at some of the key corporate assets that may be of interest and value to modern bad guys.

This isn’t meant to be an exhaustive list; I’m sure we can all think of other examples, and perhaps if I receive enough suggestions from readers I’ll update this graphic. But the point is that whatever paltry monetary value the cybercrime underground may assign to these stolen assets individually, they’re each likely worth far more to the victimized company — if indeed a price can be placed on them at all.

In years past, most traditional, financially-oriented cybercrime was opportunistic: That is, the bad guys tended to focus on getting in quickly, grabbing all the data that they knew how to easily monetize, and then perhaps leaving behind malware on the hacked systems that abused them for spam distribution.

These days, an opportunistic, mass-mailed malware infection can quickly and easily morph into a much more serious and sustained problem for the victim organization (just ask Target). This is partly because many of the criminals who run large spam crime machines responsible for pumping out the latest malware threats have grown more adept at mining and harvesting stolen data.

That data mining process involves harvesting and stealthily testing interesting and potentially useful usernames and passwords stolen from victim systems. Today’s more clueful cybercrooks understand that if they can identify compromised systems inside organizations that may be sought-after targets of organized cybercrime groups, those groups might be willing to pay handsomely for such ready-made access.

It’s also never been easier for disgruntled employees to sell access to their employer’s systems or data, thanks to the proliferation of open and anonymous cybercrime forums on the Dark Web that serve as a bustling marketplace for such commerce. In addition, the past few years have seen the emergence of several very secretive crime forums wherein members routinely solicited bids regarding names of people at targeted corporations that could serve as insiders, as well as lists of people who might be susceptible to being recruited or extorted.

The sad truth is that far too many organizations spend only what they have to on security, which is often to meet some kind of compliance obligation such as HIPAA to protect healthcare records, or PCI certification to be able to handle credit card data, for example. However, real and effective security is about going beyond compliance — by focusing on rapidly detecting and responding to intrusions, and constantly doing that gap analysis to identify and shore up your organization’s weak spots before the bad guys can exploit them.

Those weak spots very well may be your users, by the way. A number of security professionals I know and respect claim that security awareness training for employees doesn’t move the needle much. These naysayers note that there will always be employees who will click on suspicious links and open email attachments no matter how much training they receive. While this is generally true, at least such security training and evaluation offers the employer a better sense of which employees may need more heavy monitoring on the job and perhaps even additional computer and network restrictions.

If you help run an organization, consider whether the leadership is investing enough to secure everything that’s riding on top of all that technology powering your mission: Chances are there’s a great deal more at stake than you realize.

Organizational leaders in search of a clue about how to increase both their security maturity and the resiliency of all their precious technology stuff could do far worse than to start with the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST), the federal agency that works with industry to develop and apply technology, measurements, and standards. This primer (PDF) from PWC does a good job of explaining why the NIST Framework may be worth a closer look.


More Info http://krebsonsecurity.com/2016/07/the-value-of-a-hacked-company/


FDIC was hacked by China, and CIO covered it up

July 14, 2016.

Problems uncovered after employees walk off job with thousands of SSNs on flash drives.


A report published by the House Committee on Science, Space and Technology today found that hackers purported to be from China had compromised computers at the Federal Deposit Insurance Corporation repeatedly between 2010 and 2013. Backdoor malware was installed on 12 workstations and 10 servers by attackers—including the workstations of the chairman, chief of staff, and general counsel of the FDIC. But the incidents were never reported to the US Computer Emergency Response Team (US-CERT) or other authorities and were only brought to light after an Inspector General investigation into another serious data breach at the FDIC in October of 2015.

The FDIC failed at the time of the "advanced persistent threat" attacks to report the incidents. Then-inspector general at the FDIC, Jon Rymer, lambasted FDIC officials for failing to follow their own policies on breach reporting. Further investigation into those breaches led the committee to conclude that former FDIC CIO Russ Pittman misled auditors about the extent of those breaches and told employees not to talk about the breaches by a foreign government so as not to ruin FDIC Chairman Martin Gruenberg's chances of confirmation.

The cascade of bad news began with an FDIC Office of the Inspector General (OIG) investigation into the October "Florida incident." On October 23, 2015, a member of the Federal Deposit Insurance Corporation's Information Security and Privacy Staff (ISPS) discovered evidence in the FDIC's data loss prevention system of a significant breach of sensitive data—more than 1,200 documents, including Social Security numbers from bank data for more than 44,000 individuals and 30,715 banks, were copied to a USB drive by a former employee of FDIC's Risk Management Supervision field office in Gainesville, Florida. The employee had copied the files prior to leaving his position at the FDIC. Despite intercepting the employee, the actual data was not recovered from him until March 25, 2016. The former employee provided a sworn statement that he had not disseminated the information, and the matter was dropped.

However, Gruenberg told Science, Space and Technology Committee Chairman Rep. Lamar Smith (R-Texas) in a February letter about the breach that only about 10,000 "individuals and entities" were affected by the leak and that the former employee was cooperative. That claim was contradicted by the FDIC's Office of the Inspector General after it used that breach for an audit of the FDIC's security processes—indicating that the actual number was several times larger and that there were other breaches that had not been reported. One of those was a similar breach in September when a disgruntled employee in New York left with a USB drive containing the SSNs of approximately 30,000 people. That breach had been glossed over by the FDIC's CIO, Lawrence Gross, and had only been mentioned in an annual Federal of Information Security Management Act (FISMA) report, despite its classification as a "major" breach. This was in addition to a similar, reported breach in February when another departing employee in Texas "inadvertently and without malicious intent" downloaded 44,000 records.

Then in May, the FDIC "retroactively reported five additional major breaches" to the committee, according to the report. Only after a Congressional hearing on those breaches did the FDIC offer credit monitoring services to the more than 160,000 individuals whose personal information was included in the data leaked.

The committee's report accuses Gross—who took over in 2015 after former FDIC CIO Barry West disappeared on "administrative leave" in June of last year for unknown reasons—of creating a "toxic workplace" for FDIC's IT team and of sabotaging efforts to improve the agency's security footing. Nearly 50 percent of FDIC employees can use portable storage devices such as USB drives or portable disk drives, and the only thing assuring the FDIC that data was not being disseminated by former employees are signed affidavits. Gross is also the driving force behind an initiative to purchase 3,000 laptops for FDIC employees, arguing that laptops are more secure than desktops.

Read more: http://arstechnica.com/security/2016/07/fdic-was-hacked-by-china-and-cio-covered-it-up/



Latest Cyber Security News

Individuals at Risk

Cyber Update

Microsoft Update Doesn’t Quite Fix Decades-Old Printer Bug in Windows; Will Warn Users Who Can Say No: Printers. They can be the bane of every home office or small business, but not just when they jam or run out of paper or toner. They can also spread malware to systems connected to them. PCMagazine, July 14, 2016

Adobe, Microsoft Patch Critical Security Bugs: Adobe has pushed out a critical update to plug at least 52 security holes in its widely-used Flash Player browser plugin, and another update to patch holes in Adobe Reader. Separately, Microsoft released 11 security updates to fix vulnerabilities more than 40 flaws in Windows and related software. KrebsOnSecurity, July 13, 2016

Cyber Warning

Pokemon Go – Unofficial versions contain Trojans that silently click on porn ads you don’t even see: Security firms have repeated warnings that unofficial versions of Pokemon Go are likely tainted with spyware or trojans. TheRegister, July 15, 2016

Pokemon GO’ Malware Latest News & Update: Avoid Pirated Versions and Wait For Official Game Release: News headlines have been filled with “Pokemon Go” related bits but mostly for all the wrong reasons. With the game released only to the Australia, New Zealand and the U.S., gamers from other regions have resorted to alternative but risky measures by trying to get hold of a copy from unofficial sites. GAMEnGuide, July 15, 2016

Cyber Defense

Two-factor authentication (2FA): why you should care: Online security can feel a bit like an arms race sometimes, and it may seem like there’s always something new to keep track of. But many of the more tried-and-true security principles and methods have been around for a while, they just take a while to become more mainstream. NakedSecurity, June 27, 2016

Information Security Management in the Organization

Information Security Governance

What SMBs Need To Know About Security But Are Afraid To Ask: A comprehensive set of new payment protection resources from the PCI Security Standards Council aims to help small- and medium-sized businesses make security a priority. DarkReading, July 14, 2016

The Value of a Hacked Company: Most organizations only grow in security maturity the hard way — that is, from the intense learning that takes place in the wake of a costly data breach. That may be because so few company leaders really grasp the centrality of computer and network security to the organization’s overall goals and productivity, and fewer still have taken an honest inventory of what may be at stake in the event that these assets are compromised. KrebsOnSecurity, July 14, 2016

The Information Security Leader, Part 2: Two Distinct Roles of a CISO: In the original “Star Trek” television series, second officer and chief engineer Montgomery “Scotty” Scott was invaluable to the mission of the Starship Enterprise — not only down in the engine room getting his hands dirty, but also up on the bridge as a senior officer supporting Captain Kirk. SecurityIntellegence, July 12, 2016

Cyber Defense

Gartner: Cybersecurity control a concern for digital businesses: Digitization requires big changes to companies’ strategic processes, and security is no different: In a recent report, Gartner predicts that 60% of digital businesses will experience major service failures by 2020 due to the inefficacy of their IT security teams to handle digital risks. SearchCompliance, July 15, 2016

Key Measures to Prevent, Recover from Ransomware: Ransomware is, of course, malicious software that can do terrible harm your company. Biz Coach Terry Corbell Cites Citadel’s Kimberly Pease. The Biz Coach, July 10, 2016

Cyber Update

CISCO PATCHES DOS FLAW IN NCS 6000 ROUTERS: Cisco Systems today released patches for two products, including one for a vulnerability rated a high criticality in Cisco IOS XR for the Cisco Network Convergence System series routers. ThreatPost, July 14, 2016

Crypto flaw made it easy for attackers to snoop on Juniper customers: As if people didn’t already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers’ virtual private networks. ars technica, July 14, 2016

Cyber Security in Society

Cyber Crime

More Than $2 Million Stolen by Hackers in Taiwan ATM Heist: Three people, including a Russian national, stole 70 million Taiwan dollars ($A2.9 million) from 34 ATMs in Taiwan at the weekend. TechWorm, July 15, 2016

Cybercrime Overtakes Traditional Crime in UK: In a notable sign of the times, cybercrime has now surpassed all other forms of crime in the United Kingdom, the nation’s National Crime Agency (NCA) warned in a new report. It remains unclear how closely the rest of the world tracks the U.K.’s experience, but the report reminds readers that the problem is likely far worse than the numbers suggest, noting that cybercrime is vastly under-reported by victims. KrebsOnSecurity, July 15, 2016

Omni Hotels was hit by point-of-sale malware: Omni Hotels & Resorts has reported that point-of-sale systems at some of its properties were hit by malware targeting payment card information. Computerworld, July 11, 2016

Cyber Underworld

For Sale on Dark Web: Source Code Allegedly Stolen From Large Healthcare Software Developer: “The Dark Overlord,” a hacker who has been attempting to sell batches of personal and medical records supposedly stolen from U.S. healthcare organizations, is claiming a new victim: a large healthcare software developer (see Here’s How a Hacker Extorts a Clinic). BankInfoSecurity, July 14, 2016

DIRT CHEAP STAMPADO RANSOMWARE SELLS ON DARK WEB FOR $39: Dirt cheap ransomware selling for as little as $39 on the dark web has security experts concerned the low price coupled with its potency could trigger a wave of new infections. ThreatPost, July 14, 2016

Cyber Law

Microsoft wins landmark appeal over seizure of foreign emails: A federal appeals court on Thursday said the U.S. government cannot force Microsoft Corp and other companies to turn over customer emails stored on servers outside the United States. Reuters, July 14, 2016

Europe’s New Privacy Shield to Replace Safe Harbor; Will US Mass Surveillance Practices Derail It?: Businesses on both sides of the Atlantic have been breathing a sigh of relief over the July 12 launch of the EU-U.S. data transfer agreement known as the Privacy Shield. BankInfoSecurity, July 13, 2016

Cyber Gov

China suspected in FDIC breach; Agency CIO accused of covering it up amidst systemic mismanagement. A report published by the House Committee on Science, Space and Technology today found that hackers purported to be from China had compromised computers at the Federal Deposit Insurance Corporation repeatedly between 2010 and 2013. Backdoor malware was installed on 12 workstations and 10 servers by attackers—including the workstations of the chairman, chief of staff, and general counsel of the FDIC. But the incidents were never reported to the US Computer Emergency Response Team (US-CERT) or other authorities and were only brought to light after an Inspector General investigation into another serious data breach at the FDIC in October of 2015. ars technica, July 13, 2016

Cyber Politics

Cybersecurity Not Stand-Alone Issue in Trump v. Clinton: July 14 —Donald Trump and Hillary Clinton are unlikely to make cybersecurity a centerpiece of their campaigns and probably won’t mention the issue during the party conventions. Bloomberg, July 14, 2016

Financial Cyber Security

Card fraud now hits nearly one third of consumers worldwide: Imagine folded, chopped, and mutilated plastic up to the sky: that’s the pile being generated by cardholder fraud these days. NakedSecurity, July 15, 2016


OCR Enforcement Action Against Business Associate for HIPAA Security Violations Includes $650,000 Payment: Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 1 the Department of Health & Human Services, Office for Civil Rights (OCR), announced June 30 that it has entered into its first resolution agreement with a HIPAA Business Associate – sending a clear message that OCR is holding Business Associates accountable and expects these entities to understand and comply with their HIPAA obligations. NationalReview, July 13, 2016

HHS: Healthcare groups must report all ransomware attacks: The Federal Health and Human Services Department (HHS) issued guidelines this week that could require hospitals and doctor offices to notify HHS if they are victimized by a ransomware attack. SCMagazine, July 14, 2016

Cyber Research

ACADEMICS BUILD EARLY-WARNING RANSOMWARE DETECTION SYSTEM: While most of the discussion around ransomware is rightly so about the unabated stampede of new strains and variations on existing samples, relatively little discourse focuses on detection beyond antivirus and intrusion prevention systems. ThreatPost, July 14, 2016

Cyber Miscellany

Why You Should Believe in the Digital Afterlife: A professor of neuroscience says it will one day be possible to live on in a computer after death. The Atlantic, July 14, 2016







Cyber ReseArch

Cyber News

Cyber info


The content of this CRC-ICS Cyber News Update is provided for information purposes only. No claim is made as to the accuracy or authenticity of the content of this news update or incorporated into it by reference. No responsibility is taken for any information or services which may appear on any linked websites. The information provided is for individual expert use only.



Founded in 2015, the Cyber Research Center - Industrial Control Systems is a not for profit research & information sharing research center working on the future state of Physical & Cyber Protection and Resilience. CRC-ICS goals are to inform industries / critical infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be prepared to deal with these cyber threats.



Cyber Research Center - Industrial Control Systems. 2016

www.crc-ics.net or www.cyber-research-center.net