Russian hackers targeted US energy assets, officials say

From: The Hill



From there, Russian hackers were able to move “laterally” to other networks to collect information related to Industrial Control Systems (ICS), computer systems used to operate critical infrastructure.

The agencies released a joint alert on the intrusion campaign shortly after the Trump administration imposed new sanctions on Russia for its malign cyber activity, including last year’s global “notPetya” malware attack and its interference in the 2016 presidential election.

Read Complete Article


Pompeo-Tillerson switcheroo has cybersecurity ramifications

From: Politico


With help from Martin Matishak and Li Zhou

Christopher Painter, the former State Department cybersecurity coordinator, told POLITICO it could mean good things for cyber at Foggy Bottom. “I don’t think the cyber issue was ever a passion for Tillerson; I don’t think this was ever a personal priority for him,” Painter said. “My sense — and all of this is speculative because it’s hard to predict — my sense is that Pompeo because of his background in the CIA and others will have a better appreciation of the security parts of the portfolio.” But Michael Sulmeyer, cybersecurity project director at Harvard Kennedy School’s Belfer Center, said the new secretary will have his hands full with North Korea diplomacy, trade tariffs, the Iran nuclear deal and more. “There’s so much on the agenda for the current and incoming secretary of State,” he told MC. “I frankly just hope that cybersecurity makes it on the agenda at some point.”

NIST requests nominations for federal advisory boards on privacy, smart grid

From: Inside Cybersecurity

The National Institute of Standards and Technology is seeking nominations for new members of various federal boards, including the Information Security and Privacy Advisory Board, NIST announced today.

In Federal Register notice, NIST listed the eight federal advisory boards with openings, which also include the NIST Smart Grid Committee, and the Visiting Committee on Advanced Technology.

Read Complete Article [paywall]


US Power Company Fined $2.7 Million Over Data Exposure

From: GovInfoSecurity

Grid Regulator Says Company Left Critical Data Exposed for 70 Days

An unnamed U.S. power company has agreed to a record settlement after it was accused of leaving sensitive data exposed online for 70 days in a violation of energy sector cybersecurity regulations.


“The data was exposed publicly on the internet for 70 days. The usernames of the database were also exposed, which included cryptographic information of those usernames and passwords,” according to the notice. “Exposure of the username and cryptographic information could aid a malicious attacker in using this information to decode the passwords.”

YouTube, the Great Radicalizer

Editor’s Note: See, Maybe Google Doesn’t Think of Promoting Tobacco to Kids as Evil.

From: Slashdot

Zeynep Tufekci, writing for the New York Times:

Before long, I was being directed to videos of a leftish conspiratorial cast, including arguments about the existence of secret government agencies and allegations that the United States government was behind the attacks of Sept. 11. As with the Trump videos, YouTube was recommending content that was more and more extreme than the mainstream political fare I had started with. Intrigued, I experimented with nonpolitical topics. The same basic pattern emerged. Videos about vegetarianism led to videos about veganism. Videos about jogging led to videos about running ultramarathons. It seems as if you are never “hard core” enough for YouTube’s recommendation algorithm. It promotes, recommends and disseminates videos in a manner that appears to constantly up the stakes. Given its billion or so users, YouTube may be one of the most powerful radicalizing instruments of the 21st century.