Cybersecurity Weekly: CISA 2022 compliance, Cyber pirates and Joker Malware
CISA details 2022 compliance requirements, cyber pirates draw concern for renewable energy and a malicious app in the Play Store. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. CISA compliance for 2022
The last several years have seen an ever-increasing number of cyber-attacks, and while the frequency of such attacks has increased, so too has the resulting damage. One needs only to look at CISA’s list of significant cyber incidents to appreciate the magnitude of the problem. In May of 2021, for example, a ransomware attack brought down the Colonial Pipeline, causing a serious fuel disruption for much of the United States.
2. Cyber pirates could hold the renewable revolution for ransom
A few years ago, researchers proved that wind turbines could be hacked and manipulated. Solar farms can also be taken hostage by hackers: one Dutch scientist found a way to hack the inverters of solar installations. With more wind parks and solar farms getting built amid the energy transition, these are turning into critical infrastructure that needs to be defended. But can it?
3. Over 500,000 Android users downloaded a new Joker Malware app from Play Store
A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users’ contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge.
4. How can AI be made more secure and trustworthy?
While we’re still debating whether and how long it will take to reach singularity and superintelligence, artificial intelligence is playing an increasingly important role in our everyday lives. Artificial intelligence – most commonly machine learning (ML) – is the process of training algorithms using data, instead of explicitly programming them.
5. The DHS is inviting hackers to break into its systems, but there are rules of engagement
The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks.