DHS: Physical Security a Concern in Johnson Controls Cyberattack

  /     /     /  
Publicated : 23/11/2024   Category : security


DHS: Physical Security a Concern in Johnson Controls Cyberattack


An internal memo cites DHS floor plans that could have been accessed in the breach.



In the latest development around the 
cyberattack impacting Johnson Controls International (JIC)
, officials at the Department of Homeland Security (DHS) are now reportedly concerned that the attack may have affected sensitive physical security information.
Johnson Controls serves as a government contractor, providing building automation services to facilities, such as HVAC, fire, and security equipment. Due to the nature of those services, officials at DHS are raising concerns about compromised information such as DHS floor plans. According to
 media reports, officials detailed in an internal memo
 that Johnson Controls holds classified/sensitive contracts for DHS that depict the physical security of many DHS facilities.
It is still unclear as to what information was accessed in the breach, which is believed to be a ransomware attack, but the memo stated that until further notice, we should assume that [the contractor] stores DHS floor plans and security information tied to contracts on their servers.
Concerns are more heightened due to
a potential government shutdown
, which could begin this coming Sunday, making the incident not only a security issue, but a time sensitive one. More than 80% of the Cybersecurity and Infrastructure Security Agency (CISA) workforce will be furloughed should this shutdown go into effect, and cyberattacks across the nations software supply chain would put critical infrastructure at risk.
There is absolutely a trend emerging in ransomware attacks with cybercriminals going deeper into their victims systems to deal a more crippling blow, noted John Gunn, CEO at Token, in an emailed statement, underscoring the harsh levels cybercriminals are willing to go to in their attacks, including those against government agencies.
This incident highlights the 
executive order President Biden issued in 2021
 for federal agencies to bolster their cybersecurity safeguards, and brings into question the security of 
third-party suppliers
 and contractors. 

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DHS: Physical Security a Concern in Johnson Controls Cyberattack