Helsinki’s domestic security service, the Supo, has identified China (and specifically APT31, also known as Zirconium or Judgment Panda) as responsible for cyberespionage that compromised Finland’s parliament, the AP reports. The intrusion was detected last October.
The US Government Accountability Office (GAO) yesterday released a study that highlighted vulnerabilities in the US power distribution system. Many of the risks the GAO describes derive from utilities’ increased permission of remote access and connection of control systems to business systems. A bill intended to enhance cybersecurity for industrial control systems advanced in the US House this week, the Hill reports. The measure would assign responsibility for ICS security to CISA.
Draft NIST SP 1800-22 Mobile Device Security: Bring Your Own Device (BYOD) is out, and open for comment until May 3rd, 2021.
CISA has released CHIRP, the CISA Hunt and Incident Response Program forensics collection tool the agency developed to help organizations find indicators of compromise CISA has associated with SolarWinds and the Microsoft 365/Azure environments.
CISA has also issued four more ICS Advisories, for Rockwell Automation…
