Threat Analysis Reports
The NJCCIC assesses with high confidence that the water sector in New Jersey and across the globe, will remain an attractive target for a range of cyberattacks designed to disrupt daily operations, steal sensitive data, promote violence toward the community, and encrypt critical operational data. New Jersey State Health Assessment ...
The NJCCIC assesses with high confidence the cyber threat and overall risk to the healthcare and public health sector is high and increasing. Many critical infrastructure sectors have fallen under increasing cyberattacks as bad actors find new ways to monetize data and its uses. One such sector effected by this ...
The NJCCIC assesses with high confidence that educational institutions across the globe will remain attractive targets for a range of cyber-attacks designed to disrupt daily operations, steal sensitive data, instill fear in the community, and hold critical operational data for ransom. Across America, the educational sector is experiencing a significant ...
The NJCCIC assesses with high confidence that the maritime sector, including ports, vessels, and shipping companies across the globe, will remain an attractive target for a range of cyberattacks designed to disrupt daily operations, steal sensitive data, incite distrust and promote violence toward the community, and encrypt critical operational data. ...
The NJCCIC assesses with high confidence the cyber risk to the oil and gas industry is high and the energy sector at large is a priority target for nation-state threat actors, cybercriminals, and hacktivists. Each threat actor has a defined motivation and purpose for conducting cyberattacks. Nation-states often carry out ...
Reports of cyberattacks targeting the food and agriculture sector increased in mid-2021, highlighting vulnerabilities across the attack surface and potential for significant operational disruptions. At the onset of harvest season, Crystal Valley and NEW Cooperative were among recent victims of ransomware attacks, which will most likely increase in frequency, negatively ...
TLP: WHITE | The NJCCIC assesses with high confidence that software supply chain vendors are at risk from local and foreign threat actors infiltrating strong security systems of organizations through the exploitation of an established and trusted distribution channel. General software update attacks can lead to supplementary targeted campaigns of ...
TLP: WHITE | The NJCCIC assesses with high confidence that the maritime sector, to include ports, vessels, and shipping companies across the globe, will remain an attractive target for a range of cyber-attacks designed to disrupt daily operations, steal sensitive data, instill fear in the community, and hold critical operational ...
TLP: WHITE | The NJCCIC assesses with high confidence that educational institutions across the globe will remain attractive targets for a range of cyber-attacks designed to disrupt daily operations, steal sensitive data, instill fear in the community, and hold critical operational data for ransom. Summary In October 2017, the US ...
TLP: WHITE | The NJCCIC assesses with high confidence that organizations with insecure remote access configurations, including remote desktop protocol (RDP), Telnet, and SSH ports, on internet-facing servers are at an increased risk of network compromise, potentially resulting in data theft or network-wide ransomware infections. Summary Since late 2016, the ...
TLP: WHITE | The NJCCIC assesses with high confidence that capable threat actors—both politically-motivated state actors and their proxies, as well as profit-driven criminals—will increasingly leverage supply chain compromises to conduct network intrusions and attacks. These incidents could result in the exfiltration, manipulation, or destruction of data and disruption to ...
TLP: WHITE | The NJCCIC assesses with high confidence that many organizations, in both the public and private sectors, continue to operate web applications (apps) and servers that are vulnerable to exploitation or attacks that could result in unauthorized access, disruption of services, theft of customer information, or manipulation of ...
TLP: WHITE | The NJCCIC assesses with high confidence that fileless and “non-malware” intrusion tactics pose high risk to organizations, both public and private, and will be increasingly employed by capable threat actors intent on stealing data or establishing persistence on networks to support ongoing espionage objectives or to enable ...
TLP: WHITE | The NJCCIC assesses with high confidence that organizations with insecure remote desktop protocol (RDP) configurations on their networks are at risk of infection with CrySiS ransomware and other variants that opportunistically seek out networks with poorly authenticated RDP access. Summary Since the beginning of 2017, 64 percent ...
TLP: WHITE | The NJCCIC assesses with high confidence that ransomware extortion incidents will likely result in greater operational disruptions, permanent data loss, and higher financial payouts in 2017, as profit-motivated cybercriminals increasingly seek higher profile targets—with more critical data and time-sensitive operations—raising the likelihood of larger ransom payments. Summary ...
TLP: WHITE | The NJCCIC assesses with high confidence that botnets formed by compromised ‘internet-of-things’ (IoT) devices will almost certainly lead to more frequent, more disruptive distributed denial of service (DDoS) attacks, many of which will initially lack a clear motive behind the selection of targets. Summary While state-sponsored actors ...
TLP: WHITE | The NJCCIC assesses with high confidence the cyber threat and overall risk to the healthcare industry is high and increasing. In contrast to the large insurance breaches of 2015, assessed to be the work of Chinese threat actors conducting industrial espionage to support their largely state-run healthcare ...
TLP: WHITE | The NJCCIC assesses with high confidence the greatest threats to US critical infrastructure are unpatched vulnerabilities, customized malware with no known signatures, and the compromise of user credentials to facilitate remote exploitation of network tools such as Remote Desktop Protocol. Summary Standard antivirus solutions and passive defense ...
TLP: WHITE Summary The NJCCIC assesses with high confidence that financially motivated cyber threats targeting American consumers’ payment cards will remain high until the vast majority of point-of-sale (PoS) terminals in the United States are updated and certified to complete Europay, MasterCard, and Visa (EMV) transactions, as well as mobile ...
TLP: WHITE Summary The NJCCIC assesses with high confidence that a broad range of criminals, malicious hackers, and violent extremists will increasingly utilize the dark web—the underground Internet only accessible via special software that maintains the anonymity of users—to facilitate illicit activity, which will present threats to public safety as ...
TLP: WHITE Summary The NJCCIC assesses with high confidence that many businesses, schools, government agencies, and home users will remain at high risk of ransomware infections throughout 2016, as financially-motivated hackers continue to innovate and expand the targeting scope of their extortion campaigns. The most prevalent form of this profit-driven ...
TLP: WHITE Summary Intelligence agencies and cybersecurity researchers are investigating a power outage that occurred in Western Ukraine on December 23, specifically whether or not malware discovered on the targeted utility’s network played a direct role in impacting the electric grid. If malware is confirmed to have caused the outage, ...
TLP: WHITE Summary The NJCCIC assesses with high confidence that profit-motivated cyber extortion schemes such as ransomware and ransom-demanding distributed denial of service (DDoS) threats are likely to persist as effective and lucrative criminal tactics into 2016, with cumulative US losses likely to continue climbing into the hundreds of millions ...
TLP: WHITE Summary The NJCCIC assesses with moderate confidence that many websites remain at high risk of cross-site scripting (XSS), one of the most commonly exploited web application security vulnerabilities. XSS is a code injection tactic–similar to SQL injection –in which a hacker inputs malicious code into a legitimate web ...
TLP: WHITE Summary The NJCCIC assesses that organizations using Structured Query Language ( SQL ) for database management systems are at a high risk for SQL injection (SQLi) attacks unless the appropriate mitigation strategies are applied. SQL is the standard computer language used to conduct various functions such as querying ...
TLP: WHITE Summary On October 13, 2015 a New Jersey business discovered an infection of a point-of-sale (PoS) malware variant, detected by antivirus software as lanst.exe, one of many variants commonly known as Dexter. It remains definitively unclear how an employee laptop was initially exposed to the malware, though the ...
TLP: WHITE Summary Since first appearing around 2006, exploit kits (EK) have evolved into one the most prevalent web-based vectors for malware distribution and a threat facing nearly all internet users. An EK is a malicious toolkit designed to distribute different malware variants by exploiting common vulnerabilities found in outdated ...
TLP: WHITE Summary Point-of-Sale (PoS) malware breaches attracted wide media coverage throughout 2014 when at least thirteen major U.S. retailers suffered payment card data breaches, the largest affecting approximately 110 million customers. Although PoS incidents have largely remained out of the headlines thus far in 2015, payment card breaches have ...
TLP: WHITE Summary Critical infrastructure sites are increasingly vulnerable to cyberattack as the systems that run them become more accessible, interconnected, and reliant on cyberspace. The risks posed to Industrial Control System and Supervisory Control and Data Acquisition (ICS/SCADA) systems will continue to heighten as new and existing vulnerabilities are ...
TLP: WHITE Summary The NJCCIC assesses ransomware infections will continue to increase steadily and pose a threat to the public and private sector, as well as home users, as the technical barriers to conduct these cybercrime campaigns continue to drop and the return on investment for cybercriminals remains extremely high. ...
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.