By Evan Pounder As we continue to develop more advanced and effective approaches to combat attacks made by threat actors,…
By Ben Taylor Incident Overview On 05 Feb, unidentified cyber actors accessed the supervisory control and data acquisition (SCADA) system…
The Nerd Out! Security Panel Discussion podcast episodes are recurring discussions among our team and our valued guests as we explore the all-hazards…
By Evan Pounder With barley a moment’s notice, on December 25th, telecommunication, credit card machines, emergency services, and flights in…
Welcome back to Gate 15’s Risk Roundtable podcast and our first recording of 2021 now available on Anchor, Apple, Spotify, as well as…
By Andy Jabbour Part of effective risk management is understanding not only the threats and risks we are facing today…
Covering a security incident in Argentina, on 06 September, Lawrence Abrams (BleepingComputer) wrote, “Argentina’s official immigration agency, Dirección Nacional de…
In a blog post on 08 Aug, security researchers at SenintelLabs (@LabsSentinel; the Threat Intelligence and Malware Analysis team for…
In a blog post on 28 Jul, security researchers at Claroty shared that they have “discovered remote code execution vulnerabilities affecting virtual private network (VPN) implementations primarily used to provide remote access to operational technology (OT) networks. These dedicated remote access solutions are mainly focused on the industrial control system (ICS) industry… Exploiting these vulnerabilities can give an attacker direct access to the field devices and cause some physical damage.”
At Gate 15, we spend a lot of time discussing Blended Threats. A Blended Threat is a natural, accidental, or purposeful physical or cyber danger that has or indicates the potential to have crossover impacts and harm life, information, operations, the environment, and/or property.
In a post on 9 July 2020, the team at Pen Test Partners wrote “Hacking smart devices to convince dementia sufferers to overdose,” stating, that they had recently discovered a flaw “that was a little different: it was aimed at the elderly, particularly those with dementia or other cognitive impairments.”
Illustrating how rapidly and dangerously this can play out in our world today, Sarah Coble reported, that the life of Jessica Hatch, a Houston business owner, was “threatened after cyber-criminals hacked into her company’s social media account and posted racist messages.
So much can change in a month. Last month we touched on COVID-19, and in this episode we dig more into questions about preparedness and the resulting cyber scams associated with it. Then we transition to other cyber issues, specifically Business Email Compromise and phishing.
03 February 2020 Our newest podcast is available now! Dave Pounder, Gate 15’s Director for Threat and Risk Analysis, and…
As 2019 turns into 2020, technologies and threats that impact daily operations and data security persist in blended and complex ways. The convergence of both physical and cyber domains increase the productivity and value of businesses and critical infrastructure at large, but introduce new and evolving risks that can harm assets and individuals when the line between IT and physical risks are no longer crystal clear.
As enterprises and security minded organizations keep contending with the physical and cyber components of security, the merging of both physical and cyber realms necessitates a similar security approach to strengthen and maintain the foundations of our critical infrastructure.
In this update on threats that are neither entirely comprised of physical or cyber parts, known as blended and complex threats, we explore their complexities and consequences as they become relevant to the security and resiliency of our critical infrastructure
A webinar for the RE-ISAC by Trend Micro’s Numaan Huq and Stephen Hilt, and a panel discussion including Numaan, Stephen and Gate 15’s Jennifer Walker.
By Omar Tisza As cyber-adversaries become sophisticated in their attacks against critical infrastructure, we see the level of sophistication between…
By Omar Tisza In our quest to continue exploring salient examples of complex and blended threats, we have complied a…
By Omar Tisza Cyber threats are increasingly gaining the full attention of industry and–most recently–government as the Department of…
Over the course of this year, our team has shared a number of posts regarding blended and complex threats. As…
“If you don’t immediately stop the clearing of the Hambach Forest, we will attack your servers and bring down your…
“Cyberattacks have always been, well, cyber. Their immediate effects were on our data, our digital information, and our devices…until they…
A new report from the Cyber Threat Alliance (CTA) highlights one type of blended threat that organizations should be aware…
In this blog, we’ve written a few times about the idea of “Blended Threats,” and some of the ways the…
By Brett Zupan There is a tremendous amount of information that analysts, security and risk leaders, executives, and others…
In a recent post introducing the preparedness efforts that the National Health Information Sharing and Analysis Center (NH-ISAC) is taking to…
By Brett Zupan and Andy Jabbour Across critical infrastructure, organizations must continually reassess their risks based on an ever-changing…
By Andy Jabbour This is an update to the original post, “Terminology for $500. What Are Blended Attacks?” 26 May…