Security News Cyberattackers Target Nuclear Waste Company via LinkedIn

[vtqhtr413]

Content source

https://www.darkreading.com/ics-ot-security/cyberattackers-target-nuclear-waste-company-via-linkedin

Maybe there are some things that shouldn't be connected to the internet?

Last week, a group of hackers targeted Radioactive Waste Management (RWM), a UK government-owned company behind the country's multibllion-dollar Geological Disposal Facility (GDF) nuclear waste-storage project, using social engineering and LinkedIn.

RWM merged last year with two other companies to create Nuclear Waste Services (NWS), which also administers the Low Level Waste Repository in Cumbria, UK. Corhyn Parr, NWS's chief executive, noted that the attackers have been capitalizing on the business changes stemming from that merger to try to dupe targets into falling for social engineering gambits, largely through LinkedIn. So far, though, none of the attempts have had any "material effect," he added.

Cyberattackers Target Nuclear Waste Company via LinkedIn

The hackers were unsuccessful in their attempts, but this is not the first time the company has experienced this kind of attack.

www.darkreading.com

Security News - Idaho National Nuclear Lab targeted in major data breach

https://www.darkreading.com/ics-ot/idaho-national-nuclear-lab-targeted-in-major-data-breach The Idaho National Laboratory (INL), one of the 17 national labs in the US Department of Energy complex, suffered a major data breach on Nov. 19, leaking a host of information, including employee...

malwaretips.com

Discussion Thread - ‘Privacy Nightmare on Wheels’: Every Car Brand Reviewed By Mozilla

https://foundation.mozilla.org/en/blog/privacy-nightmare-on-wheels-every-car-brand-reviewed-by-mozilla-including-ford-volkswagen-and-toyota-flunks-privacy-test/ https://foundation.mozilla.org/en/privacynotincluded/categories/cars/ :eek:

malwaretips.com

 

[Stopspying]

There have been a series of cyber attacks on the nuclear waste facilities at Sellafield in Cumbria, UK, 'authorities' have denied that some occurred, others seem to have been sat on and attempts made to cover them up. It is an ongoing situation, working out what the truth is when a government, commercial businesses, nuclear waste and hacking are involved isn't an easy task. More dangerous grades of nuclear waste are stored there than just that at the Low Level Waste Repository.

Sellafield nuclear site hacked by groups linked to Russia and China

Exclusive: Malware may still be present and potential effects have been covered up by staff, investigation reveals

www.theguardian.com

Sellafield: Europe’s most toxic nuclear site - Sellafield: Europe’s most toxic nuclear site – podcast

LinkedIn has had numerous security problems, both for those who share their data on it and as a source for information that can be used at entry points into so many organisations. So many senior suits seem to lack the common sense that is needed to avoid sharing too much and not being duped, I've seen them getting high-level security awareness training, yet the annual financial results rank higher for many of them than the fact that there won't be any results when they hand the keys over to hackers like this. I should point out that not all suits are like this, any pay grade can be duped.

 

[vtqhtr413]

Recent research identifying nearly 100,000 exposed industrial control systems (ICS) around the world should serve as a critical wake-up call to national government policymakers responsible for ensuring national security, public health, and safety within their borders. These systems, fundamental to our critical infrastructure, underpin essential services that sustain modern society… and they should not be publicly exposed on the Internet! Industrial control system exposure is not just a technical concern; it’s a profound national security and business continuity issue. What can policymakers do to reduce cyber risks associated with these systems?

Industrial control systems are core to the world’s critical infrastructure. These systems range from sensors that relay vital data, to actuators and switches managing industrial machinery. They control building management systems, monitor fuel levels in commercial tanks, and oversee much of the infrastructure essential to daily life. The control and manipulation of these systems by malicious actors could potentially lead to serious consequences, making their protection a matter of urgent national and economic importance.

3 Steps Government Policymakers Can Take to Reduce Critical Infrastructure Cyber Attacks | Bitsight

Here's what policymakers can do to reduce cyber risks associated with exposed industrial control systems.

www.bitsight.com

 

[Stopspying]

3 Steps Government Policymakers Can Take to Reduce Critical Infrastructure Cyber Attacks | Bitsight

Here's what policymakers can do to reduce cyber risks associated with exposed industrial control systems.

www.bitsight.com

You'd think that Stuxnet might have been the needed wake up call. Things like national electric grids have long been targets for nation-state attackers, with some known hits and many more hushed up infiltrations. These are prime targets, look at what happened in eastern Europe just prior to Russia invading Ukraine. Have we seen a rush to protect the crucial infrastructures of our home countries since then?! There are steps taken, but the bigger ones that are needed are not going to win lots of votes when manufactured cost of living crises are priorities for many of the population.

 

[Dave Russo]

Governments(corporation)= major corruption(sometimes) where they will (sacrifice there own people) (blame someone else) to justify circumstance for $$$,I would suspect even Av companies to invest in a virus to help keep the doe rolling, what gets me is how a nuclear facility wouldn't. have the best security you can get? Thanks for the article

vtqhtr413​