IoT

ICIT Publication – Rise of the Machines: The Dyn Attack Was Just a Practice Run

As the adversarial threat landscape continues to hyper-evolve, America’s treasure troves of public and private data, IP, and critical infrastructure continues to be pilfered, annihilated, and disrupted.  The Mirai IoT botnet has inspired a renaissance in adversarial interest in DDoS botnet innovation based on the lack of fundamental security-by-design in the Internet and in IoT .. read more

ICIT Brief: Combatting the Ransomware Blitzkrieg with Endpoint Security

Ransomware, the weaponization of encryption, has struck fear and confusion into the hearts of PC users and critical infrastructure communities alike. While it is impossible for organizations to prevent malware from infecting their networks, those who deploy a multi-layered security strategy and teach proper cybersecurity hygiene to their employees have a strong chance of defending against these .. read more

The ICIT Ransomware Report: 2016 Will Be the Year Ransomware Holds America Hostage

Institute note: during our non-public soft distribution, we discovered that an incorrect, pre-edited version of this document was distributed. We have since corrected this error.  Our Ransomware Report is available for download below. 2016 is the year ransomware will wreak havoc on America’s critical infrastructure community. The resurgence of these attacks is driven by a growing attack surface .. read more

ICIT Analysis: FDA Guidance on Medical Device Cyber Security

This Institute for Critical Infrastructure Technology blog post, entitled “Assessing the FDA’s Cybersecurity Guidelines for Medical Device Manufacturers: Why Subtle “Suggestions” May Not Be Enough” is an objective analysis of the recent Food and Drug Administration (FDA) “Draft Guidance for Industry and Food and Drug Administration Staff.” The guidance advises medical device manufacturers to address .. read more

ICIT Brief: Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient .. read more

ICIT Senate Briefing: Hacking Hospitals

            On November 19, the Institute for Critical Infrastructure Technology conducted a briefing at the U.S. Senate entitled “Hacking Hospitals” to address the growing threats facing healthcare organizations. During this briefing, senior Senate staffers and attendees from agencies including the Departments of Veterans Affairs, State, Homeland Security, Health and Human .. read more

ICIT Hill Event: “Hacking Hospitals” Briefing @ Senate

“Hacking Hospitals”  The national surge in the number of internet enabled medical devices, electronic health record management systems, mHealth and health information sharing initiatives has increased the attack surface at healthcare organizations and contributed significantly to the increase in successful data breaches at hospitals and insurance companies over the last several years.  Given the current .. read more

Brief: Keeping Smart Cities Smart – Preempting Emerging Cyber Attacks in U.S. Cities

The Institute for Critical Infrastructure Technology, working closely with IOActive and other Fellows, has published its latest legislative briefing titled “Keeping Smart Cities Smart: Preempting Emerging Cyber Attacks in U.S. Cities“.   As more and more U.S. cities adopt ‘smart’ technologies,  America finds its urban centers  increasingly at risk for cyber-attacks which could bring entire .. read more

NIST Issues Revisions to ICS Security Guide; ICIT launches Initiative to Support

The National Institute of Standards and Technology (NIST) issued its second revision to its Guide to Industrial Control Systems (ICS) Security, a major source of guidance for critical infrastructure sectors which own and operate computer controlled industrial equipment. Many of the changes are driven by the internet connectivity of ICS machines and devices, or “Internet of Things”, .. read more