It appears increasingly likely that the explosion at Iran’s Natanz nuclear facility was sabotage, and not a cyberattack (EurAsian Times has a summary of the emerging consensus). The connections, if any, between the Natanz incident and damage recently worked elsewhere in Iran remain unclear, Haaretz notes, but it does seem that Iran’s nuclear program figures on some adversary’s target list.
The US Cybersecurity and Infrastructure Security Agency (CISA) yesterday released its strategy document, Securing Industrial Control Systems: A Unified Initiative.
At a speech before the Hudson Institute yesterday, US FBI Director Wray denounced Chinese intelligence operations as, according to Axios, serving Beijing’s ambitions to become the world’s dominant power. CNBC’s coverage of the speech concentrated on Director Wray’s account of Chinese industrial espionage.
Vice reports that police in Zwickau, Saxony, seized the server used by DDoSecrets, aspiring successor to WikiLeaks. DDoSecrets doesn’t know why the server was taken, but assumes the seizure was due to the group’s BlueLeaks program of doxing US police departments.
Bloomberg Law reports that Mexico’s central bank sustained but successfully parried a cyberattack yesterday. Banco de México said that the denial-of-service attempt lasted about half an hour and caused brief, intermittent outages before it was finally stopped, and service returned to normal.
EDP Renewables North America, a renewable energy subsidiary of Energias de Portugal, has disclosed a databreach. The company characterizes it as unauthorized intrusion into its networks, but says it believes no customer data were compromised. SecurityWeek calls the incident a Ragnar Locker ransomware infection.