Could critical infrastructure attacks be making a comeback? Or did these invisible threats never leave in the first place? Extensive research reveals that as many as four threat actors many have been involved in creating Stuxnet, the sophisticated computer worm that demolished Iran’s nuclear infrastructure in 2007. In light of recent discoveries about similarities in malware samples, cyberespionage appears to be a growing threat that can hide for years before its discovered.
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
