CISA, NSA warn of threat to ICS. Garmin incident may be ransomware. Blackbaud hack spreads. Sino-American cyber tension. – The CyberWireJuly 25, 2020
A joint warning from CISA and NSA points out a heightened cyber threat to the industrial Internet-of-things. Recent months, the agencies say, have seen significantly increased attention paid to “internet-accessible operational technology (OT) assets” as “cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure.” Operators of such systems should be ready, CISA and NSA say, to protect themselves during a “time of crisis.”
The agencies don’t name names in their warning, but the media have. WIRED, in a representative piece, calls out Fancy Bear, Russia’s GRU, as the cyber actor snuffling at US critical infrastructure.
Garmin took its servers offline yesterday for a multiday period of maintenance. The company called it an “outage” that affected GarminConnect and its customer call centers, but ZDNet reports that Garmin employees who’ve tweeted about the incident are calling it a ransomware attack.
The consequences of the Blackbaud hack have spread to more educational institutions in the UK, Canada, and the US. WION News gives the following list of known victims: University of York, Oxford Brookes University, Loughborough University, University of Leeds, University of London, University of Reading, University College (Oxford), Ambrose University in Alberta (Canada), Human Rights Watch, YoungMinds, Rhode Island School of Design in the US and the University of Exeter.
China orders the US consulate in Chengdu shuttered, Reuters reports, in response to the US closure of China’s Houston consulate.
Concerns mount over the risk of data exposure through Chinese-manufactured DJI drones, CyberScoop and others write.