New Jersey (PRWEB) August 02, 2018
Webinar to Include Full Attack Details, Indicators of Compromise
Top 500 healthcare and critical infrastructure cybersecurity solution provider Sensato Cybersecurity, co-founder of the Medical Device Cybersecurity Task Force, will provide a threat intelligence briefing Tuesday, Aug. 7 at 3 p.m. Eastern about a new Russian cyberattack on critical U.S. infrastructure organizations.
To attend, email info(at)sensato.co for further details. Attendance is limited to those who have a critical need to understand and apply the information presented in this briefing.
Cybersecurity experts at Sensato have been briefed by the U.S. Department of Homeland Security and have conducted their own investigation of the threat. They will share their findings during the webinar, along with security recommendations and indicators of compromise related to this attack.
“We’ve known for a long time that critical infrastructure is vulnerable to cyberattack, and we’ve already seen evidence of breaches in the energy sector as well as the Orangeworm and SamSam infiltrations of the healthcare sector,” says Sensato CEO John Gomez. “What’s new and disconcerting here is that, while we don’t know the end game of this attack, we do know that this type of organized effort to catalogue systems and assets is usually conducted before a military action.”
- This attack uses the supply chain as the attack vector (partners, business associates, vendors, etc.), meaning that businesses outside of critical infrastructure are also at risk.
- The attackers have employed social engineering, open source intelligence, phishing, and core system services to bypass traditional security controls and systems, instead of relying on known vulnerabilities. This makes defending against this attack difficult and yields strong returns for the actors.
- The rationale for the attack is believed to be intelligence gathering. Victims of the attack have not reported exfiltration of data or impact to the normal operation of their systems, to date.
- The attack employs an APT (Advanced Persistent Threat) approach, which means that attackers may be operating in systems for an extended period of time without detection.
- Russian actors have successfully breached several hundred U.S-based public and private firms in the critical infrastructure sector (as defined by the DHS) over the past year, possibly longer.
“It’s not time to panic, but it’s important for all organizations, especially those that supply healthcare, energy, aviation, and other critical infrastructure entities to be aware of this attack and take the proper precautions,” says Gomez. “No organization is too small to be a target for this attack, since the attackers are using trusted suppliers and business partners to gain entry to the true targets in critical infrastructure.”
Recommendations and Indicators of Compromise:
Because the attackers are using the supply chain, business partners, and vendors to gain entry to the targeted organizations in critical infrastructure, all organizations should conduct thorough risk assessment. The briefing will review all indicators of compromise and best practices every organization should be following.
Sensato is top-500 cybersecurity innovator located in Red Bank, New Jersey. Founded in 2013, Sensato provides risk assessment, penetration testing, security operations, executive guidance, and software. CEO and founder John Gomez is an internationally-known cybersecurity expert, author, and speaker. Sensato’s programs, systems, services, training, and intelligence gathering are the product of designing the highest level of security for those who provide critical services that impact human health and safety: healthcare, medical, pharmacological, and related organizations; law enforcement, fire, and emergency services; clean water, power, and heat providers.