By harnessing the capabilities of AI to detect, mitigate, and recover from ransomware attacks, organizations can fortify their cyber resilience, safeguarding critical infrastructure and the essential services they provide to society.
According to a new joint warning published by the CISA, NSA and FBI, exploits by the Chinese hackers have been going on for at least five years in some victim critical infrastructure environments.
A grave warning from FBI director Christopher Wray: Chinese hackers can be expected to continue to infiltrate critical infrastructure, and similar activity is likely proceeding successfully.
A botnet used by a state-backed Chinese hacking group has lost at least some of its capacity, according to security officials that spoke to Reuters anonymously. The Volt Typhoon group has been targeting US critical infrastructure since at least mid-2021.
CISA has released a roadmap establishing four overarching broad goals, with five more specific lines of effort that appear to indicate concrete immediate priorities. Defensive AI cybersecurity measures and plans for critical infrastructure adoption are repeating themes.
Microsoft reports a long-term campaign by Chinese hackers that has burrowed into a number of different aspects of US critical infrastructure, with the eventual goal being the creation of a system of widespread disruption that could be 'switched on' during another global crisis or a conflict between the two nations.
There is the need for additional cyber defenses of growing 5G networks – and we should expect to see increasing policy pressure around the vetting process for hardware and software that are crucial to these upgraded networks. This is raising the importance of supply chain risk management for the telecommunications industry.
CISA notified 93 critical infrastructure organizations of the presence of a vulnerability that could lead to ransomware attacks, and plans to scale up the program and provide more warnings in the coming months.
Recent ransomware attacks by identified Russian organized cybercrime groups like Vice Society and Ryuk have shed light on the critical need for companies to revamp security protocols, particularly within critical infrastructures such as healthcare, energy, and public services.
Much of the new cybersecurity strategy addresses critical infrastructure companies, which were already in the administration's crosshairs, but software creators are also facing the prospect of a much greater degree of liability than in the past.