Russia-linked threat actors allegedly seized control of a Norwegian hydroelectric dam and caused a torrent of water to gush out unnoticed for several hours.

That’s the claim from Norwegian Police Security Service (PST), which took the extraordinary step of attributing the cyberattack to Moscow.

In April, unidentified hackers opened up the floodgates and unleashed 500 litres (132 gallons) of water every second for four hours – the equivalent of about three Olympic swimming pools.

Beate Gangås, the head of PST, said: “Over the past year, we have seen a change in activity from pro-Russian cyber actors.

“The aim of this type of operation is to influence and to cause fear and chaos among the general population. Our Russian neighbour has become more dangerous.”

The Russian embassy in Oslo slammed the claims as “unfounded and politically motivated”.

It told Reuters: “It is obvious that the PST is unsuccessfully trying to substantiate the mythical threat of Russian sabotage against Norwegian infrastructure this year, which it itself invented.”

Continue reading on machine.news

PISCES’ latest expansion state is Hawai’i. We’re partnering with the State of Hawaii, Cyber Hawai’i, and University of Hawai’i to bring cyber monitoring to local governments, public utilities, and rural healthcare in the Aloha State. With the University of Hawai’i as our lead school, we’re looking to get the Analyst curriculum, SOC Operations class, and Operational Technology Monitoring classes pushed into community colleges around the state.

Hawai’i is a key military installation for the United States, and the lack of a cyber qualified work force there is a problem we intend to help solve. Hawai’i will use the state and local cybersecurity grant program to fund PISCES deployment across the state, as part of its all-of-state cybersecurity strategy and efforts to address the executive order of March 18, 2025: “Enhancing Efficiency Through State and Local Preparedness”.

Rural healthcare providers across the United States face an increasing cybersecurity crisis as they struggle with limited funding, shortages in cybersecurity and IT expertise, and unending threats from savvy and better-funded adversaries. With a significant source of revenue from Medicare reimbursements, these healthcare delivery organizations, operating on tenuous margins, find themselves at a particularly precarious disadvantage as they defend themselves against cyber criminals.

“Rural hospitals operate on such thin margins that cybersecurity controls are often the last thing they’re thinking about,” Mike Hamilton, field CISO at Lumifi Cyber said. “When you’re worried about keeping the doors open, investing in security infrastructure becomes a secondary concern,” Hamilton said. The margins also make it tough for these providers to find and keep cybersecurity talent. This talent gap leaves many facilities with outdated security practices and vulnerable systems.

Continue reading on nexusconnect.io

As uncertainty mounts about the level of cyber resources federal agencies will continue to offer healthcare entities and other critical infrastructure sectors during the current Trump administration, states will need to step up their support, said Mike Hamilton field CISO of cybersecurity firm Lumifi Cyber.

“With respect to the federal government, it is increasingly looking like we’re on our own,” Hamilton said in an interview with Information Security Media Group. “We are going to have to fill the gaps that are left by CISA.”

The reduction of the federal workforce across most agencies, including the Cybersecurity and Infrastructure Security Agency, is fueling questions about the sort of help cyber resource-stretched rural hospitals and other healthcare entities will still have available to tap into, he said (see: CISA Rehires Fired Employees, Immediately Puts Them on Leave).

During the Biden administration, for instance, CISA provided regional cybersecurity advisers, physical security experts and communications resources in communities across the country to assist local and low-resourced organizations with various activities, he said.

“The risk and resilience assessments and things like that – I don’t know if those are going to go forward,” he said. Same with uncertainty involving CISA’s public catalogue of exploited vulnerabilities.

“I think states are going to have to provide some kind of support there,” he said. “That could be in the form of establishing internships with all of the schools that are teaching cybersecurity and deploying interns out into rural healthcare to watch logs, look for signs of compromise. Things like that” (see: Are Efforts to Help Secure Rural Hospitals Doing Any Good?).

As of Friday, a CISA spokesperson in a statement to ISMG said the agency “continues to provide services and resources that help healthcare organizations improve their cybersecurity and build resilience.”

“In close collaboration with interagency and healthcare sector partners, we offer a range of services and tools on our Cybersecurity Toolkit for Healthcare and Public Health,” CISA said.

“In addition to guides and best practices, this toolkit includes enrollment in our free vulnerability scanning service and CISA regional team contact information for guidance and assistance,” CISA said.

In this audio interview with Information Security Media Group (follow link above photo for audio), Hamilton also discussed:

• How funding cuts to Medicaid and other federal programs may impact rural healthcare providers;
• Other low-cost programs and offerings to help rural healthcare entities boost their cybersecurity posture;
• Evolving regulatory issues in the healthcare cybersecurity space to watch closely.

Hamilton has more than 30 years of experience in technology and management. He previously was the co-founder and CISO of security firm Critical Insight and is also the former CISO for the City of Seattle. He is also the former vice chair of the Department of Homeland Security’s State, Local, Tribal, and Territorial Government Coordinating Council.

Mike Hamilton understands that being a CISO, or chief information security officer, is a Sisyphean task.

For more than 30 years, the former CISO of Seattle and current field CISO at Lumifi Cybersecurity, a company that manages cybersecurity for organizations, has helped small non-profits to the world’s largest companies defend against malicious hackers.

Hamilton spent years as a cybersecurity consultant for VeriSign Global Security, where he worked with Fortune 500 companies. His life, like that of many consultants, consisted of commuting through airports, hotels, rental cars, and restaurants. Then, his daughter was born and “dad’s not going to work on an airplane anymore,” he said. So, in 2006 Hamilton took a pay cut and became involved in protecting critical infrastructure as Seattle’s CISO.

“When I got there, everything changed,” Hamilton said. “I’m now working for an organization that keeps people alive. You knock over a waste treatment plant and, three days later, you have a public health emergency.”

Before getting into security consulting, Hamilton worked at some of the first companies that sold remote network security monitoring. With that background, his realization that few in state and local government kept a close eye on their networks set off an alarm.

Giving students experience

Helped by a mentor who knew federal government grants well, Hamilton was able to start a project that provided free network monitoring to state, local, tribal, and territorial governments.

The program, the Public Infrastructure Security Cyber Education System, uses trained students to monitor the networks of smaller communities that otherwise couldn’t afford to protect their technology, and report vulnerabilities or attacks on them. The program, known as PISCES, focused on critical infrastructure, or systems that keep the power, water, and other vital services operating.

The students in the program get much-needed operational experience that is often missing in the typical cybersecurity curriculum. PISCES was a big success and continues to train the next generation of cybersecurity workers at 20 states colleges and universities.

Hamilton is set on getting the next generation up to speed because they need to be ready for the increasing tempo of operational impacts from attacks. After a long career in cybersecurity, he also believes that a college education simply isn’t enough.

After Seattle, Hamilton continued his focus on the protection of vital systems and co-founded the cybersecurity firm Critical Insight in 2015. The company manages cybersecurity services like network monitoring and response if an incident occurs, complying with the litany of federal and state regulations, and testing networks for vulnerabilities. Hamilton spent nearly a decade as the CISO of Critical Insight before it was acquired last year by Lumifi Cybersecurity for an undisclosed amount.

Lumifi Cybersecurity serves some of the most vulnerable industries like water and wastewater, counties and small governments, education facilities, manufacturing, and rural hospitals.

Although Hamilton may have changed the direction of his career, his time as Seattle’s CISO is “not a job I ever want again.” It’s not just because of the burnout, which is already an expected part of the job, or the psychological trauma, or the fear of getting sued. CISO’s are fighting battles without a way to end the war.

“You’re not going to ‘win’ this thing. All you can do is minimize impact,” Hamilton said.

The industry is undergoing a much needed switch—one not nearly fast enough Hamilton argues—from focusing on trying to prevent all unauthorized access to company networks to minimizing impact when a breach does occur. Because some breaches, at least, are nearly impossible to stop.

Ultimately, the dizzying number of cybersecurity products are failing to stop a growing number of successful cyberattacks hitting organizations each year. The lack of success can be seen from major events. Just last year, there was the Change Healthcare breach that resulted in 190 million Americans sensitive health care data while ransomware attacks are frequently evading detection tools.

Reducing impact requires more than prevention, Hamilton said. Cybersecurity defenders should instead think of solutions rather than just Band-Aids. Removing network access completely where it is not needed instead of bolting on a cybersecurity product and hoping it will detect malicious code is one example of re-thinking policies around cybersecurity, Hamilton said.

Research firm Cybersecurity Ventures predicts cybercrime will cost more than $10 trillion in 2025. The estimate includes stolen money, extortions like ransomware attacks, intellectual property theft, fraud, recovery efforts, but not the cost of defense. New hacker organizations are operating less like small-time criminals and more like small empires with huge revenue streams that rival the economies of small countries.

“That’s the GDP of a country,” Hamilton said. “That’s who you are up against.”