Bi-Weekly CyberSecurity Recap May 2019

Curated bi-weekly cybersecurity news summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

Cybersecurity, the Gatekeeper to Value

For the past three decades, the BAS industry has been steadily marching toward convergence with IT. One challenge many BAS companies have faced is how to maintain and grow their business in the midst of this process.

We need to make BAS secure, and do this to the level now taken for granted by the IT community. We are already using many IT technologies and best practices. Now we have to take the next step in the cybersecurity area.

The Cybersecurity 202: Here are the 55 things the U.S. government most needs to protect against cyberattacks

The Department of Homeland Security has released a list of 55 things the government most needs to protect from digital attacks. 

The government believes that a cyberattack on any of these government or private sector services or functions could have a “debilitating effect” on national security, the U.S. economy or public health. 

On the list, provided first to The Cybersecurity 202, are some obvious things -- such as supplying water or generating electricity. But the list also delves into some broader categories, including preserving Constitutional rights, protecting sensitive information, and enforcing the law. The list includes everything from providing internet access to supporting community health and conducting elections. 

Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn

The Triton malware attack was far from the first time that hackers have attempted to target the networks of an industrial facility, but it was the first time that malware designed to attack safety systems was ever seen in the wild.

The malware was designed to manipulate Schneider Electric's Triconex Safety Instrumented System (SIS) controllers – emergency shutdown systems – and was uncovered on the network at a critical infrastructure operator in the Middle East.

The Cybersecurity 202: A cyberattack just disrupted grid operations in the U.S. But it could have been far worse

A recently disclosed hack at an electric utility in the western United States crosses a disturbing new line.

It’s the first time a digital attack is known to have interfered with electrical grid operations in the United States. And it was due to a relatively basic hack, raising the specter of what might happen if a sophisticated bad actor chose to launch a far more powerful attack, say, with the intent of shutting off electricity for millions of people.

The disruption, which took place March 5, was caused by a denial of a service incident.

Why real-estate businesses need to defend against these cybersecurity threats

BEC scams, ransomware, and malware are some of the cybersecurity threats that cybercriminals use against real-estate agencies. Here's security advice, including scam prevention tips from the FBI.

Massive data breach exposes ages, addresses, income on 80 million U.S. families

It is scary enough that a team of Israeli security researchers discovered a massive unprotected database with the full names, ages, income brackets and marital status on more than 80 million U.S. households.

It may be just as scary that the researchers can’t identify the owner of this database, which is hosted by a Microsoft cloud server and includes a cache of 24GB of data, a potential goldmine for cybercriminals.

How To Address Looming IoT Security Concerns

As the internet of things (IoT) quickly finds its way into businesses everywhere, concerns about IoT devices' performance and security have become big barriers obstructing the adoption of transformative systems.

For companies to experience the benefits of IoT and capitalize on the potentially massive gains in promised productivity, a new approach to assuring peak performance and solid security is no longer optional.

Also in Cimetrics News