Author: Neil Walker

Collaborative action of the CIP Coordination Center (ISF-P Action) and SecureGas H2020 project

Industry News, Power/Energy/Oil & Gas sector

KEMEA, The Center for Security Studies in Greece, being the national contact point for Critical Infrastructure Protection (according to Directive 2008/114), participates in the European project SecureGas (https://www.securegas-project.eu), which aims to strengthen resilience and security in the EU's Natural Gas networks. As part of the project, methodologies, guidelines and technological solutions aimed at processing information, assessing the risk associated with their natural and cyber threats, at early detection and warning, are being developed, adapted and integrated, with the aim of supporting the decision-making of CI operators and strengthening the resilience of gas infrastructure. The above are developed in the context of three Business Cases, with different needs and characteristics that cover all phases of the gas supply chain. The results of SecureGas will enhance the resilience of the EU's natural gas infrastructure by providing systematic control over the security of the latter, through a platform in the form of a service (Platform as a Service), and through the publication of relevant Directives and good practices.

KEMEA, in the context of utilizing its research activity and its role as a National Contact Point of CIP, implements the interconnection of the pilot CIP Coordination Center developed within the ISF-P Action with the NG infrastructures of the Greek case study (EDAA and DEPA) participating in the SecureGas project. For this purpose, at first level, geospatial information and data for the assets of these infrastructures have been introduced in the Geographic Information Systems platform of the Coordination Center. For some of the elements of the Infrastructures that were introduced, 3D models and orthophoto maps were created (with the help of terrestrial and aerial shots by UAVs), in support of realistic emergency scenarios. The Geographic Information Systems platform of the Coordination Center allows the display and processing of the above products / models in a customized mapping environment, and in combination with other relevant geographic layers of thematic data.

Meanwhile, following physical and online meetings and exchanges, the interconnection / interoperability of the INCIDENT REPORTING (IR) application of the Coordination Center was agreed with the developing tool of SecureGas (RISK AWARE INFORMATION TO THE POPULATION). The latter regards the assessment and communication of information upon incidents risk to the competent crisis management bodies, through which information is provided to the operators of other infrastructures and to the population. The IR application of the Coordination Center has been adapted to meet the requirements of SecureGas infrastructures, in order to function as a hub for the transmission of information related to critical events in NG infrastructures, from the operators of the latter to Emergency response Services and Authorities (e.g. Police, Fire Brigade, etc.).

In addition, the team of the Coordination Center is in collaboration with the technical partners and the Greek managers of SecureGas infrastructures, in order to create and integrate in the Knowledge Base of the RISK application of the Coordination Center, empirical knowledge rules for risk assessment of NG infrastructures.

The cooperation and synergy between the two projects is expected to significantly improve the scientific results and their technical deliverables and to establish a methodological and technological basis for relevant future actions also in other sectors of critical infrastructures.

The abovementioned possibilities were presented during an online seminar on security issues and projects organized by KEMEA for the research associates of the Center and was attended by fifty researchers.

Leave a comment

The telecoms industry landscape is changing. What remains for traditional operators?

Industry News, Telecomms sector

Gone are the days when national telecoms markets were primarily defined by former monopoly incumbent telcos together with a handful of mobile operators (MNOs). New types of players have been emerging for a while, leveraging opportunities provided by market liberalization, competitive regulatory frameworks and the relaxation of licensing regimes.

Internet service providers (ISPs), mobile virtual network operators (MVNOs) and international voice service providers have been trying to find their niche in the market – generally, however, in the shadow of giant MNOs. Furthermore, cable TV companies have been trying to reinvent themselves as broadband providers with multi-play offerings. For a while already, independent tower companies or 'towercos' have also been emerging as an increasingly important element in the telecom industry landscape.

Forces of change

Lately, and accelerated by COVID-19 in recent months, several forces have converged to reshape the industry in a much more profound manner.

For quite some time now, the uninspiring financial states of telcos, with stagnating or even contracting revenues, are being further hit by the pandemic. Following a survey of global telecom executives, Delta Partners predicted that the pandemic may lead to operators’ annual revenues decreasing by up to 10 per cent.

Government pressures for CAPEX spending to expand broadband (including gigabit connectivity) and secure national leadership in 5G is another impetus for change. With the pandemic-induced dependence on the Internet connectivity for everything – from work to study to health to shopping – COVID-19 only made those pressures more pertinent, at the same time further constraining CAPEX for new or expanded networks by making operators spend on capacity upgrades and network resilience.

Thirdly, a changing financial landscape, shaped by the many economic stimulus programmes (which basically never stopped since the Great Recession) is leading to the availability of more money to invest or lend and lower interest rates, which, especially in the face of significant economic uncertainty, is creating a huge demand for assets promising stable returns – with infrastructure layers of the telecoms industry fitting that bill nicely.

Finally, the expanded ‘liberalization’ of regulatory regimes is resulting in regulators assigning (or planning to assign) spectrum directly to enterprises for localized industrial use, according to the European 5G Observatory.

New kids on the block

While operators were busy trying to reinvent themselves (largely unsuccessfully) as tech companies, the forces described above have been advancing a plethora of new players. These ‘new kids on the block’ are chipping away at operators’ role as infrastructure players, especially the further strengthening of independent tower companies, which have been taking over telcos’ tower assets and are now enjoying higher shareholder returns than telcos according to a BCG report, as well as positive responses from the financial markets. As FT reports, rapidly expanding European tower company, Cellnex — an ITU Member — currently has a stock price trajectory comparable with Big Tech.

Another trend to watch is the rapid growth of fiber-only providers, also known as ‘altnets’, which are being increasingly fueled by private equity. Recent examples include investments into and expansion of Community Fiber and CityFibre in the UK, as well as Deutsche Glasfaser in Germany. Further, open access wholesale fibre is emerging as a model, with the potential of limiting duplicated investments and increasing economies of scale while contributing to government universal broadband goals.

Similarly, ‘neutral host’ wholesale mobile networks are emerging as well, driven primarily by network densification needs, especially for mmWave 5G deployments. Small Cell Forum predicts that “by 2026, as many as 30 per cent of the installed base of outdoor small cell networks […] are likely to be operated by new entrants to the cellular segment.”

Finally, direct spectrum assignments to enterprise users are removing spectrum ownership as an advantage in telco offerings and opening operators to the increased competition from self-deployed networks and system integrators, with Small Cell Forum predicting a 71 per cent share of indoor enterprise systems for newcomers.

Operator response: adapt or perish

Operators are finally starting to fight back though and taking a stronger control for their future in several ways, including by:

  • Separating tower companies, while retaining their control, to enable cash-out whether through private (as Telefonica through its partially KKR-owned Telxius venture) or public (as TIM and Vodafone through INWIT and the planned IPO of Vantage Towers) markets;
  • Setting up fiber joint ventures with partners from infrastructure players (such as Bouygues with Cellnex in France) to private equity money (for example, T-Mobile with Primeinvest in the Netherlands or Iliad with InfraVia in France);
  • Competing for enterprise contracts even when deployments are done on spectrum that is not owned by operators – as Vodafone is doing in the UK and Germany;
  • Voluntarily separating out wholesale businesses to increase economies of scale and make a more regulatory-friendly case for higher market concentration at the network level – as CETIN is now doing across Eastern Europe, following a successful attempt in the Czech Republic;
  • Finally increasing sharing directly among themselves rather than waiting for independent third parties to help out – especially in the deployment of rural networks, with shared rural network projects in the UK, Germany and Kazakhstan as good examples.

The key insight here is that the industry is changing drastically, with new players entering the fray and expanding their presence. However, operators are refusing to sit idle watching the world around them change and are finally trying to adapt. Their future will depend on the success of such efforts.

[Source: ITU]
Leave a comment

Nuclear operators face increasing climate risks, but resiliency investments mitigate impact

Industry News, Power/Energy/Oil & Gas sector

New report by Moodys highlights: Climate hazards are likely to worsen for nuclear power plant operators over the next two decades, with severity varying by region; Ultimate credit impact depends on the ability of plant operators to invest in mitigating measures to manage risks

Over the next 10 to 20 years, nuclear operators will face growing credit risks associated with climate change, Moody's Investors Service says in a new report. Utilizing data from Moody's affiliate Four Twenty Seven, the report examines the exposure of nuclear power plants to the heightened risk of extreme weather events or conditions brought on by acute climate change.

"Nuclear power reactors are some of the most hardened industrial assets in the US, but they still face rising climate risks, especially if they look to extend their operating licenses for another 20 years," said David Kamran, a Moody's Analyst.

While nuclear plants are among the most hardened infrastructure assets, plant operators may have to take added measures to offset exposure to these growing climate risks, Moody's says. The proximity of power plants to large bodies of water leaves them vulnerable to flooding, hurricanes, and storm surges, which increases the risk of damage to the plant or essential equipment.

Rising heat and water stress also poses a risk to plant operations. "Parts of the Midwest and southern Florida face the highest levels of heat stress, while the Rocky Mountain region and California face the greatest uncertainty regarding long-term water supplies, Kamran said. "We count about 48 GW of nuclear capacity with elevated exposure to combined rising heat and water stress across the US."

For regulated or cost based nuclear plants, representing 55 GW of generating capacity, the credit impact of these climate risks is likely to be more modest given their ability to recoup costs through rate recovery mechanisms. Many of these plants face higher risks of floods and hurricanes due to their locations.

For market-based nuclear plants, the credit impact of climate risks is likely to be more pronounced relative to cost based plants, given they don't have the ability to recoup costs through rate recovery mechanisms. These plants face elevated heat stress, with more locations facing high and red flag water stress, according to Four Twenty Seven.

Given pressure to support baseload demand, Moody's expects many nuclear plant operators to file for license extensions over the next decade. Because their ability to operate effectively will be impacted by climate hazards, nuclear plant operators will continue to determine the exposure they face and design and implement resilience measures to adapt to these risks.

The report can be accessed at: http://www.moodys.com/researchdocumentcontentpage.aspx?docid=PBC_1230101

Leave a comment

UN aims to help prevent another Beirut disaster

Agency News, Industry News, Transport sector

The devastation caused by the Beirut explosions on 4 August has focused attention on the risks involved in the transportation and storage of dangerous goods around the world. The UN is at the forefront of international efforts to reduce these risks and save lives.

Many offices and agencies of the UN have been mobilized to respond to the aftermath of the disaster, provide emergency aid, and coordinate the international community’s response.

The cost of reconstruction is estimated to be in the range of several billion dollars and, on August 10, Mark Lowcock, the UN’s Emergency Relief Coordinator, called for donors to “come together and put their shoulder to the wheel” for the benefit of the Lebanese people.

Exposure to risk
Three days later, a group of independent UN human rights experts released a statement decrying the “level of irresponsibility and impunity surrounding human and environmental devastation” in the city, and called for an independent investigation that clarifies responsibility for the man-made disaster, and leads to justice and accountability.

In their statement, the experts also maintained the right of the Lebanese people to clear and accurate information about the health and environmental risks to which they are exposed.

The explosions have led to much soul-searching in Lebanon, but it is far from the only country whose citizens are at risk from sites containing dangerous materials: according to the Small Arms Survey, a research organization based in Geneva, Switzerland, tens of thousands of people have been killed by unplanned explosions at arms depots over the past four decades.

Follow the rules
However, several internationally agreed rules and regulations concerning the transportation of dangerous cargo have been in circulation for several years. From the International Maritime Dangerous Goods Code, published by the UN International Maritime Organization (IMO), to the International Labour Organisation (ILO) code of practice on safety and health in ports.

But, as Alfredo Parroquín-Ohlson, the head of Cargoes and Technical Cooperation Coordination at the IMO, explained to UN News, whilst the UN can convene countries to thrash out these rules and guidelines, the states themselves are responsible for making sure they are followed.

“Monitoring falls to shipping companies, and it is the responsibility of each country to verify that regulations are applied and implemented properly. If procedures are not followed, then there will, of course, be gaps. This clearly happened in the case of Beirut”, he said.

“We can only hope that this kind of catastrophe raises the general awareness of the risks involved”, added the UN official, “and we are sure that many ports are taking a closer look at the kind of dangerous materials they have on their hands, and are now revising their procedures.”

Framing the problem
The responsibility of governments around the world to identify risks, is included in the Sendai Framework for Disaster Risk Reduction, the first of the 2030 Agenda global agreements, adopted in 2015, which sets out how Member States can reduce risk. It calls for Member States to finalize their strategies for disaster risk reduction by the end of this year.

Mami Mizutori is the head of the UN Office for Disaster Risk Reduction (UNDRR), the UN’s lead agency for risk and resilience, charged with overseeing implementation of the Sendai Framework.

She told UN News that, whilst the current UN response in Beirut is necessarily focusing on the immediate needs of the affected citizens, it is also important to discuss how to reduce the likelihood of a similar incident hitting the city in the future.

Will it happen again?
“The essence of the Sendai Framework is about shifting attention from responding to disasters, to changing behaviour, so that we can mitigate risks from disasters before they hit and, in doing so, reducing deaths and economic loss, and make it more likely that we will achieve sustainable development”, she said. “In short, it’s about prevention and building resilience for the future.”

“Ports are critical infrastructure, and essential services, and they need to be built in a way that takes all kinds of risk into consideration, including the kinds of goods that are being brought into the port”, added Ms. Mizutori.

“We have robust international rules and regulations regarding the operation of ports, and the ways that substances are stored, but often we see that regulations are not implemented. Governments need to invest in the right people and the right infrastructure. If this doesn’t happen, we will see more technological hazards turning into disasters, whether it’s at a port, a mine, big industrial facilities, or at nuclear power plants.

“When we don’t have enough risk governance, the likelihood of a catastrophic event grows”, she said. “Beirut is a stark reminder that disasters don’t wait in turn to strike us.”

Prevention pays
The message from these UN officials is that fresh rules and regulations are not necessarily needed. What is more important, is a change in our behaviour and the way we factor risk into the way we live, whether at a personal level, or at a national level.

Mr. Parroquín-Ohlson notes that personnel working at ports should not necessarily shoulder the blame, when disaster strikes.

“Staff need to be supported by their institutions, who have robust rules and regulations available to them. In some examples we have seen, staff were not well trained, but, in others, we saw that there was a lack of internal procedures within the administration as a whole”, he said. “For example, there needs to be a clear policy, stating who is responsible for the storage of such cargo, up to the point that it leaves on a ship.”

For Ms. Mizutori, part of the answer is for countries to put disaster risk reduction at the heart of government: “The countries need to put money behind this, and establish national disaster management agencies, which are connected to all the other ministries, working directly under the Head of State, or the Cabinet Office, to ensure that they can take charge of putting prevention at heart of policy-making.

The difficulty, of course, is convincing people that it is worth putting money into something that might happen only happen every 30, or even 100 years. Our job is to help explain why investing in prevention pays.”

[Source: UN]
Leave a comment

Private sector experience in Japan: Supporting disaster preparedness for evacuations under COVID-19

Health & Social Care, Industry News

The shared trauma and experiences of disasters over the decades have helped shape Japan’s unique disaster culture, where all segments of society contribute to disaster prevention and mitigation. The current COVID-19 pandemic has been no exception, and under the guidance and coordination of the central government, the private sector has emerged as a key player in supporting prevention and response efforts.

The Japanese government’s current response phase is focused on trying to keep society running while preventing the spread of the virus. This has been coined as the ‘With Corona’ phase.

One area that has received considerable attention under this phase has been the country’s disaster evacuation protocols. To ensure preparedness and evacuation measures do not inadvertently fuel the pandemic, the Disaster Management division of the Cabinet Office has released a series of practical guidelines, which have been compiled into a general manual document accompanied by YouTube tutorials.

One of the key recommendations is wider engagement with the private sector to support the implementation of the revised evacuation procedures. This is where the member companies of ARISE Japan – the Japanese branch of UNDRR’s partnership alliance of private sector entities committed to DRR – along with other private sector actors, are playing instrumental roles.

To satisfy physical distancing guidelines at disaster shelters while securing the necessary capacity, the government recommends that local governments tap locally available private-owned facilities, such as hotels. The dual-use of private-owned facilities in times of disaster is a well-established practice in Japan that pre-dates the pandemic. But under COVID-19, the practice is being urgently expanded. Responding to these calls, four major accommodation industry associations have announced the preparation of 1,256 facilities nationwide to serve as emergency evacuation shelters, according to ARISE Japan member, JTB Tourism Research & Consulting.

In Japan, cross-utilization of business facilities for DRR purposes is not limited to hotels. Across the nation, 55 metropolitan areas have been designated as ‘Special Districts for Urban Regeneration,’ where facilities, such as shopping complexes, serve necessary disaster preparedness functions such as evacuation shelters or supply depots.

The private sector is also playing a part in raising awareness and educating the public on the importance of reassessing their preparedness plans in light of the pandemic. Under ‘With Corona’ evacuation protocols, people are being asked to consider additional evacuation destinations, such as the homes of family and friends or the higher floors of structurally-sound buildings. To help with this, Japan Conservation Engineers & Co., the creators of the game EVAG - a role-playing game that tests evacuation behavior - updated their simulation script, which already accounted for pandemic disasters, to encourage players to consider alternative evacuation destinations.

In the area of risk communication and closing the “last-mile” gap, the private sector is supporting the delivery of accurate and up-to-date information. In Japan, where a significant information barrier exists for non-Japanese speakers, multi-language call centers such as the Japan Visitor Hotline for the Japan National Tourism Organization are working to reduce this vulnerability. Since the start of the COVID-19 pandemic, BRICK’s Corporation, an ARISE member which operates the hotline, have handled a surge in calls from a few hundred per month before COVID, to over 1,000 calls per month, which peaked in March at 5,300 calls.

The private sector is also helping officials better understand the risk environment and vulnerabilities through market research. Since the start of the pandemic, Japan has experienced a major climate-related disaster in the form of the July heavy rains which affected multiple regions. Web-based surveys conducted across all 47 prefectures by Survey Research Center Co., an ARISE member, revealed areas for improvement in the evacuation protocols developed under the ‘With Corona’ phase. Specifically, the analysis showed that public expectations were unsustainably skewed towards greater reliance on local governments to provide infection control measures, and less on personal or community preparedness.

One reason Japan’s private sector is able to serve as a reliable government partner is thanks to the investments it made in building its own resilience. ARISE Japan member companies report that their existing pandemic scenarios for business continuity, along with peer-to-peer communication through networks such as ARISE, have helped them guide their decision-making during this crisis. Their priorities include maintaining a healthy and productive workforce and maintaining their social responsibilities as a stakeholder organization, as highlighted in the testimony of Ms. Sandra Wu, CEO of Kokusai Kogyo Co. Ltd., an ARISE member.

Tackling far-reaching disasters, like COVID-19, requires a multi-stakeholder approach that brings together the strengths of each sector to fill in the gaps and augment the government’s reach. The examples highlighted of ARISE Japan’s contributions in the area of evacuation preparedness is only one aspect of how the private sector is lending their expertise, resources, and capabilities to build resilience for all.

Leave a comment

CISA Release 5G Strategy for Secure and Resilient Critical Infrastructure

Agency News, Industry News, Telecomms sector

The Cybersecurity and Infrastructure Security Agency (CISA) has released its strategy to ensure the security and resilience of fifth generation (5G) technology in our nation.

As the Nation’s risk advisor, CISA serves the unique role as a trusted information broker across a diverse set of public and private stakeholders. In this role, CISA fosters increased information sharing to help these stakeholders make more informed decisions when identifying and addressing future 5G technology priorities.

CISA’s 5G Strategy seeks to advance the development and deployment of a secure and resilient 5G infrastructure, one that promotes national security, data integrity, technological innovation, and economic opportunity for the United States and its allied partners. The strategy establishes five strategic initiatives that align to the Lines of Effort defined in the National Strategy to Secure 5G. Guided by the core competencies of risk management, stakeholder engagement, and technical assistance, CISA’s 5G activities will help ensure there are policy, legal, security, and safety frameworks in place to fully leverage 5G technology while managing its significant risks.

“The promise of 5G is undeniable, but with 5G technology posed to underpin a wide range of critical infrastructure functions, it’s vital that we manage these risks adequately and promote a trusted ecosystem of 5G componentry,” said CISA Director Christopher Krebs. “CISA is committed to working with partners to build a resilient 5G infrastructure, and this strategy identifies a roadmap of how we will bring stakeholders together to achieve this.”

In addition to the Strategy, CISA has released a 5G Basics Infographic to educate stakeholders on challenges and risks associated with 5G. Working in close collaboration with the critical infrastructure community, the Agency plans to publish sector-specific 5G risk profiles in the coming months.

To learn more about CISA’s role in 5G and to view the strategy, visit www.cisa.gov/5G.

Leave a comment

Australian Government launch consultation on protection of critical infrastructures

Agency News, Cyber Security CII sector, Health & Social Care, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector, University/Research/Academia sector, Water sector

The Australian Government is committed to protecting the essential services all Australians rely on by uplifting the security and resilience of critical infrastructure.

The Government’s commitment to the continued prosperity of its economy and businesses is unwavering. The impacts of recent events only reinforce the need for collaboration between and across critical infrastructure sectors and Government to protect our economy, security and sovereignty.

At the same time, Government recognises the additional economic challenges facing many sectors and entities in the wake of the COVID-19 pandemic. The outcome it seek is clear - they want to work in partnership to develop proportionate requirements that strike a balance between uplifting security, and ensuring businesses remain viable and services remain sustainable, accessible and affordable. An uplift in security and resilience across critical infrastructure sectors will mean that all businesses will benefit from strengthened protections to the networks, systems and services we all depend on.

An enhanced critical infrastructure framework

The primary objective of the proposed enhanced framework is to protect Australia’s critical infrastructure from all hazards, including the dynamic and potentially catastrophic cascading threats enabled by cyber attacks.

The enhanced framework outlines a need for an uplift in security and resilience in all critical infrastructure sectors, combined with better identification and sharing of threats in order to make Australia’s critical infrastructure – whether industry or government owned and operated – more resilient and secure. This approach will prioritise acting ahead of an incident wherever possible.

Government has agreed that the proposed enhanced framework will apply to an expanded set of critical infrastructure sectors, comprising of three key elements:

  1. Positive Security Obligation, including:
    a. set and enforced baseline protections against all hazards for critical infrastructure and systems, implemented through sector-specific standards proportionate to risk.
  2. Enhanced cyber security obligations that establish:
    a. the ability for Government to request information to contribute to a near real-time national threat picture;
    b. owner and operator participation in preparatory activities with Government; and
    c. the co-development of a scenario based ‘playbook’ that sets out response arrangements.
  3. Government assistance for entities that are the target or victim of a cyber attack, through the establishment of a Government capability and authorities to disrupt and respond to threats in an emergency.

These three initiatives will be underpinned by an enhanced Government-industry partnership across all hazards.

The Government intends to consult with stakeholders during and after receiving submissions. This will also allow us to assess the impact of proposed reforms and refine the development of the enhanced framework.

Further details can be viewed at https://www.homeaffairs.gov.au/reports-and-pubs/files/protecting-critical-infrastructure-systems-consultation-paper.pdf

Leave a comment

INTERPOL report shows shift in cyber attacks from individuals to governments and critical health infrastructure

Agency News, Cyber Security CII sector, Industry News

An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.

With organizations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, generate profits and cause disruption.

In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs – all related to COVID-19 – were detected by one of INTERPOL’s private sector partners.

“The increased online dependency for people around the world, is also creating new opportunities, with many businesses and individuals not ensuring their cyber defences are up to date.

“The report’s findings again underline the need for closer public-private sector cooperation if we are to effectively tackle the threat COVID-19 also poses to our cyber health,” concluded the INTERPOL Chief.

Key findings highlighted by the INTERPOL assessment of the cybercrime landscape in relation to the COVID-19 pandemic include:

Online Scams and PhishingThreat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of COVID-19 themes for phishing and online fraud since the outbreak.

Disruptive Malware (Ransomware and DDoS)Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit.In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months.Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organizations.

Data Harvesting MalwareThe deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise. Using COVID-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets.

Malicious DomainsTaking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or “COVID”. These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing.From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner.

Misinformationn increasing amount of misinformation and fake news is spreading rapidly among the public. Unverified information, inadequately understood threats, and conspiracy theories have contributed to anxiety in communities and in some cases facilitated the execution of cyberattacks.Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19. Within a one-month period, one country reported 290 postings with the majority containing concealed malware. There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities.Other cases of misinformation involved scams via mobile text-messages containing 'too good to be true' offers such as free food, special benefits, or large discounts in supermarkets.

Future primary areas of concern highlighted by the INTERPOL report include.

  • A further increase in cybercrime is highly likely in the near future. Vulnerabilities related to working from home and the potential for increased financial benefit will see cybercriminals continue to ramp up their activities and develop more advanced and sophisticated modi operandi.
  • Threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.
  • Business Email Compromise schemes will also likely surge due to the economic downturn and shift in the business landscape, generating new opportunities for criminal activities.
  • When a COVID-19 vaccination is available, it is highly probable that there will be another spike in phishing related to these medical products as well as network intrusion and cyberattacks to steal data.
Leave a comment

Protect Operational Technologies and Control Systems Against Cyber Attacks

Agency News, Cyber Security CII sector, Industry News

Cyber actors have demonstrated their willingness to conduct cyber attacks against critical infrastructure by exploiting Internet-accessible Operational Technology (OT) assets. Due to the increase in adversary capabilities and activities, the criticality to U.S. national security and way of life, and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign powers attempting to harm to US interests or retaliate for perceived US aggressive.

Today, the National Security Agency and Cybersecurity and Infrastructure Security Agency released an advisory for critical infrastructure OT and control systems assets to be aware of current threats we observe, prioritize assessing their cybersecurity defenses and take appropriate action to secure their systems.

“Operational technology assets are pervasive and underpin many essential national security functions, as well as the Defense Industrial Base,” Anne Neuberger, Director of NSA's Cybersecurity Directorate noted. “We encourage all stakeholders to apply our joint recommendations with DHS CISA.”

“As we’ve said many times, our adversaries are capable, imaginative and aim to disrupt essential services, so it is important that we make sure we are staying ahead of them." Bryan Ware, Assistant Director for Cybersecurity, CISA. “Our goal at CISA is to lead and encourage a proactive ‘whole community’ assessment and response to significant threats and ensure we provide the right tools and services at the right time.”

NSA and CISA continue to collaborate on cybersecurity issues and share information about how to best secure National Security Systems, Department of Defense systems, and the Defense Industrial Base as well as other critical infrastructure, against foreign threats, ultimately keeping America and our allies safe.

Leave a comment

CISA Adds Top Cybersecurity Experts to Join Covid-19 Response Efforts

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA) announced today the addition of two leading cybersecurity experts to support the agency’s COVID-19 response efforts. Josh Corman is joining CISA as a Visiting Researcher, and Rob Arnold will join CISA’s National Risk Management Center as a Senior Cybersecurity and Risk Management Advisor. Corman and Arnold were both hired using authorities granted under the CARES Act, which allows agencies to hire staff to temporarily support the COVID-19 response.

“The COVID-19 pandemic has resulted in noticeable shifts in cyber risk calculations for organizations of all sizes,” said CISA Director Christopher Krebs. “The hardware, software, and services that underpin our connected infrastructure have absolutely been tested and stressed in this telework-heavy environment. At the same time, certain organizations and sectors of our economy have become more attractive targets for adversaries.”

“This changing threat landscape demands an ‘all-hands-on-deck’ approach and for us to bring the best and brightest minds to the front lines, and the authority granted to us by the CARES Act makes it possible to quickly recruit and add top experts to our team,” added Director Krebs. “Josh and Rob are two examples of the type of innovative leaders that will help us build up our technical capabilities while at the same time improve our engagement with our industry and security researcher community partners during this critical time.”

Josh Corman has an extensive private sector and nonprofit background in IT security and public policy. Corman recently served as the Chief Security Officer at PTC and the Director for the Cyber Statecraft Initiative at the Atlantic Council’s Brent Scowcroft Center for Strategy and Security. He is also the co-founder of IAmTheCavalry.org, a non-profit collection of volunteers dedicated to improving cybersecurity in areas that can save lives. Corman was also a member of the Congressional Health Care Industry Cybersecurity Task Force, which developed a report on the state of cybersecurity in the healthcare industry. In his new role, he will advise on CISA’s integrated industry engagement efforts supporting the COVID response, provide cybersecurity expertise on healthcare infrastructure, and support CISA’s control systems and life safety initiatives.

Rob Arnold most recently served as the founder and CEO of Threat Sketch, a strategic cyber risk management firm that helps small organizations manage cybersecurity at the executive level. He has a wealth of experience in advising businesses and organizations in implementing cyber risk management practices. In addition to co-founding the North Carolina Center for Cybersecurity and authoring a book that explains cyber risk management to business executives, Arnold serves on multiple academic advisory boards for cybersecurity degree seeking programs. At CISA, he will focus on helping the agency better understand shifts in cyber risk from COVID-related factors and how the critical infrastructure community can best fortify its defenses in response.

Leave a comment
1 46 47 48 49 50 54