The cyber safety review board is similar to the FAA’s National Transportation Safety Board, except that they are investigating Cybersecurity crashes (breaches) rather than airplane or container ship crashes. The board is new. It was created by Executive Order 14028 in 2021. They only convene when requested to by the Secretary of Homeland Security and, […]
Continue reading → [DISPLAY_ACURAX_ICONS]At least 68 cyberattacks last year caused physical consequences to operational technology (OT) networks at more than 500 locations worldwide. Damage from these attacks ranged up to $100 millon. OT attacks are attacks on the systems that run businesses like manufacturing, transportation and the cities themselves. If you think about all of the computers that […]
Continue reading → [DISPLAY_ACURAX_ICONS]If you are a defense contractor – prime, sub or vendor to one of these and you were hoping that CMMC was going to go away, I don’t think that is going to happen – at least not on this president’s watch. Even if the party in power changes in January, I don’t much will […]
Continue reading → [DISPLAY_ACURAX_ICONS]Mozilla Drops Onerep After CEO Admits to Running People-Search Networks Either Mozilla didn’t run much of a background check or Onerep’s CEO is great at hiding his other businesses. Mozilla hired him to provide identity protection services, but it turns out that he runs dozens of sites that provide dirt on people. Not exactly compatible […]
Continue reading → [DISPLAY_ACURAX_ICONS]Up until now, the longest undetected hacking operation that I was aware of was at Nortel Networks. It lasted 12 years and resulted in the company shutting down in bankruptcy and sold for scrap. This one beats that one. The DoJ unsealed indictments today for 7 Chinese nationals (note to these folks: do not travel […]
Continue reading → [DISPLAY_ACURAX_ICONS]If that headline doesn’t keep you up at night, I don’t know what will. The Government Accountability Office (GAO) says they have have found inefficiencies in CISA’s information sharing practices, in particular with critical infrastructure stakeholders. They also say that CISA is understaffed for handling OT incidents. Just to make sure everyone is on the […]
Continue reading → [DISPLAY_ACURAX_ICONS]