Skip Navigation

Critical Infrastructure News

Following the National Defense Authorization Act (NDAA) 2019 Section 889 and the ban of cameras and components made by certain Chinese companies, the Federal Communications Commission (FCC) has proposed a rule to ban products from Chinese electronics companies. 

FCC Acting Chairwoman Jessica Rosenworcel said, “We are taking direct action to exclude untrusted equipment and vendors from communications networks.” 

According to the FCC, the proposed rule aims to guard against potential threats to the supply chain of equipment and services within the U.S. and seeks to protect communications networks. In addition to the proposal to ban Chinese-owned security equipment, the “Notice of Proposed Rulemaking and Notice of Inquiry” seeks comment on possible changes to the competitive bidding rules for auctions to protect national security. 

Specifically, the FCC is seeking comment on prohibiting all future authorizations of communications equipment that has been determined to pose an unacceptable risk to U.S. national security, as identified on the Covered List published by the Public Safety and Homeland Security Bureau.  The list includes telecommunication and video technologies from the following: Huawei Technologies Company, ZTE Corporation, Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, and Dahua Technology Company.

Read More: Security Mag

The United States and international partners are blaming China with “high confidence” for the cyber campaign exploiting zero-day vulnerabilities in Microsoft Exchange reported by the company in March and announced new joint measures to “strengthen our collective cyber resilience and security cooperation,” a senior administration official told reporters late Sunday.

“We’ve raised our concerns about both the Microsoft incident and the PRC’s broader malicious cyber activity with senior PRC government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace,” the official said. “The U.S. and our allies and partners are not ruling out further actions to hold the PRC accountable.”

The official said that the investigation behind the attribution “really gave us new insights on the MSS’s work and on the kind of aggressive behavior that we’re seeing coming out of China.” The “breadth of compromises, tens of thousands of systems around the world” also delayed attribution for the Microsoft Exchange hack until now.

Read more: HS Today

Thanks to our ever increasing reliance on the Internet, the amount of data online is skyrocketing. The global data volume is expected to grow sixfold from 2018 to 2025. It might seem like that information is swirling in the cloudy sky, but it’s stored in physical data centers.

Landon Marston, an assistant professor at Virginia Tech, recently noticed news articles addressing the growing energy requirements of the data center industry. As an expert in water resources engineering, he wondered how those energy requirements translated into water consumption. “We know data centers use a lot of energy, and energy uses a lot of water. So how much water is being used?” said Marston. “We suspected that there could be large impacts at a very local scale, but there hadn’t really been a spatially detailed analysis looking at the environmental impact of data centers.”

In a study recently published in Environmental Research Letters, Marston and colleagues attempted to map how and where data centers consume energy and water in the United States. The results showed that it takes a large amount of water to support the cloud and that the water often comes from water-stressed basins.

Read more: Eos

Thousands of government, news and social media websites across the globe were coming back online Tuesday after getting hit by a widespread hour-long outage linked to U.S.-based cloud company Fastly Inc.

High traffic sites including Reddit, Amazon, CNN, Paypal, Spotify, Al Jazeera Media Network and the New York Times went down, according to outage tracking website Downdetector.com. They came back up after outages that ranged from a few minutes to around an hour.

"Our global network is coming back online," Fastly said.

One of the world's most widely-used cloud-based content delivery network providers, the company earlier reported a disruption from a "service configuration" and did not explain.

"Incidents like this underline the fragility of the internet and its dependence on a patchwork of fragmented technology. Ironically, this also underlines its inherent strength and how quickly it can recover," Ben Wood, chief analyst at CCS Insight said.

"The fact that an outage like this can grab headlines around the world shows how rare it is."

Read more at Reuters

The U.S. National Security Agency (NSA) last week released a cybersecurity advisory focusing on the security of operational technology (OT) systems, particularly in terms of connectivity to IT systems.

The NSA’s advisory, titled “Stop Malicious Cyber Activity Against Connected Operational Technology,” is specifically addressed to the Department of Defense, national security system (NSS) and defense industrial base organizations, but the recommendations can be useful to any industrial company.

The advisory shares recommendations for evaluating risks and improving the securing of connections between IT systems — these can often serve as an entry point into industrial networks — and OT systems.

Read more: Security Week