Category: Agency News

CISA Highlights Theft of FireEye Red Team Tools

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity & Infrastructure Security Agency (CISA) has advised FireEye has released a blog addressing unauthorized access to their Red Team’s tools by a highly sophisticated threat actor. Red Team tools are often used by cybersecurity organizations to evaluate the security posture of enterprise systems. Although the Cybersecurity and Infrastructure Security Agency (CISA) has not received reporting of these tools being maliciously used to date, unauthorized third-party users could abuse these tools to take control of targeted systems. The exposed tools do not contain zero-day exploits.

CISA recommends cybersecurity practitioners review FireEye’s two blog posts for more information and FireEye’s GitHub repository for detection countermeasures:

Leave a comment ,

Focus on National Cybersecurity Capabilities: New Self-Assessment Framework to Empower EU Member States

Agency News, Cyber Security CII sector, Industry News
The EU Agency for Cybersecurity issues a National Capabilities Assessment Framework (NCAF) to help EU Member States self-measure the level of maturity of their national cybersecurity capabilities.
Developed with the support of 19 EU Member States, this framework was designed following an extensive exchange of ideas and good practices. The strategic objectives of the national cybersecurity strategies served as a basis of the study.
The framework was developed as part of the mandate of ENISA, as defined in the Cybersecurity Act. It falls under the provision to support EU Member States in building capacities in the area of national cybersecurity strategies through the exchange of good practices.
The key features
The self-assessment framework is composed of 17 objectives structured around 4 clusters. Each of these clusters is associated to a key thematic area for building cybersecurity capacity. Different objectives are also associated to each cluster. Based on 5 levels of maturity, specific questions were devised for each objective.
The clusters are as follows:
(I) Cybersecurity governance and standards - This dimension considers aspects of planning to prepare the Member State against cyber-attacks as well standards to protect Member States and digital identity
(II) Capacity-building and awareness - This cluster assesses the capacity of the Member States to raise awareness on cybersecurity risks and threats and on how to tackle them. Additionally, this dimension gauges the ability of the country to continuously build cybersecurity capabilities, increase knowledge and skills in the cybersecurity domain.
(III) Legal and regulatory - This cluster measures the capacity of the Member States to put in place the necessary legal and regulatory instruments to address cybercrime and also address legal requirements such as incident reporting, privacy matters, CIIP.
(IV) Cooperation - This cluster evaluates the cooperation and information sharing between different stakeholder groups at the national and international level.
Target Audience
The report issued is intended for policymakers as well as experts and officials responsible for, or involved in the design, implementation and evaluation of a national cybersecurity strategy and/or of national cybersecurity capabilities.
Why a capability assessment framework?
Cybersecurity capabilities are the main tools used by EU Member States to achieve the objectives of their National Cybersecurity Strategies. The purpose of the framework is to help Member States build and enhance cybersecurity capabilities by assessing their level of maturity.
The framework will allow EU Member States to:
- Perform the evaluation of their national cybersecurity capabilities.
- Increase the maturity level of awareness;
- Identify areas for improvement;
- Build new cybersecurity capabilities.
Leave a comment ,

Supporting cities in advancing a holistic and systemic approach to resilience in Central Asia

Agency News, Health & Social Care, Industry News, Water sector
The United Nations Office for Disaster Risk Reduction (UNDRR), within its project “Strengthening disaster resilience and accelerating implementation of Sendai Framework for Disaster Risk Reduction in Central Asia”, engages with the capital cities of Central Asia with the aim to support local governments to reduce risks and advance a holistic and systemic approach to urban resilience. The initiative is funded by the European Commission.
A network of focal points at the city administrations and interagency technical working groups are being established, including representatives of various departments of local and national governments, as well as risk analysis institutions, public councils and private sector. UNDRR will support assessments of Local Resilience Strategies and Action Plans of the five capital cities in Central Asian.
The initiative will contribute directly to the achievement of the Sustainable Development Goal 11 (SDG11) and other global frameworks, including the Sendai Framework for Disaster Risk Reduction, the Paris Agreement and the New Urban Agenda in the region. The importance of engagement with local governments is emphasized by the fact, according to the UNECE estimates, 65% of the total SDG targets globally need to be delivered by local authorities and actors.
Increasing climate and disaster resilience is a priority for the Governments of Central Asia. The region is highly vulnerability to climate change and exposed to a range of natural and technological hazards.
UNDRR will also provide support to the capital cities of Central Asia through its Making Cities Resilient 2030 (MCR2030) launched in October 2020. Building upon the MCR Campaign success and lessons learned, it represents a new and unique multi-stakeholder initiative for improving local resilience. It lays out a broader offer of support to the cities than the MCR Campaign and enhances local resilience through advocacy, sharing knowledge and experiences, reinforcing city-to-city learning networks, injecting technical expertise, connecting multiple layers of government, and building partnerships.
Leave a comment , ,

Public launch of MIDAS: the models behind EU policies

Agency News, Industry News
The European Commission opens the MIDAS inventory to the public, providing a user-friendly platform to explore the models used to support evidence-informed policymaking in the EU.
The new public version of MIDAS, the Modelling Inventory and Knowledge Management System, helps anyone explore any of the 35 models used for impact assessments since 2017.
The information available on the platform can help everyone to better understand the evidence used by the Commission when designing and evaluating policies that address today’s big challenges.
As well as providing useful documents and references, MIDAS explains how each model supported the analysis carried out for each impact assessment - indicating the leading Commission department, who runs the model, and which impacts it has helped to assess.
For each model, MIDAS also gives information on:
- Structure : details on the modelling approach, data inputs and outputs, spatial and temporal extent and resolution;
- Transparency: The extent to which underlying data, model results, code and documentation are available and accessible;
- Quality : if and how uncertainties are quantified and accounted for, if sensitivity analysis has been done, if the model has been peer reviewed or validated, if results are published in peer reviewed journals.
The Commission makes extensive use of models to support policymaking, from their initial design to evaluating their environmental, economic and social impacts. Models are used in many policy areas, such as agriculture, the environment, transport, economics and fisheries.
For example, the Commission recently used modelling to assess the feasibility of committing to EU climate neutrality by 2050, and of the 2030 Climate Target Plan, which raises the EU's ambition on reducing greenhouse gas emissions to at least 55% below 1990 levels by 2030.
By clearly presenting information on models that supported Commission impact assessments and making that information easy for the public to navigate, MIDAS encourages scrutiny of the quality of evidence provided by modelling and the exchange of good practices in model use.
The aim is to give everyone - whether it’s research bodies, decision makers or the general public - confidence in the contribution that these models make to better policy design and evaluation.
Leave a comment ,

INTERPOL warns of organized crime threat to COVID-19 vaccines

Agency News, Health & Social Care, Industry News
INTERPOL has issued a global alert to law enforcement across its 194 member countries warning them to prepare for organized crime networks targeting COVID-19 vaccines, both physically and online.
The INTERPOL Orange Notice outlines potential criminal activity in relation to the falsification, theft and illegal advertising of COVID-19 and flu vaccines, with the pandemic having already triggered unprecedented opportunistic and predatory criminal behaviour.
It also includes examples of crimes where individuals have been advertising, selling and administering fake vaccines.
As a number of COVID-19 vaccines come closer to approval and global distribution, ensuring the safety of the supply chain and identifying illicit websites selling fake products will be essential.
The need for coordination between law enforcement and health regulatory bodies will also play a vital role to ensure the safety of individuals and wellbeing of communities are protected.
Vaccines prime target of organized crime
“Criminal networks will also be targeting unsuspecting members of the public via fake websites and false cures, which could pose a significant risk to their health, even their lives.
“It is essential that law enforcement is as prepared as possible for what will be an onslaught of all types of criminal activity linked to the COVID-19 vaccine, which is why INTERPOL has issued this global warning,” concluded Secretary General Stock.
As well as targeting COVID-19 vaccines, as international travel gradually resumes it is likely that testing for the virus will become of greater importance, resulting in a parallel production and distribution of unauthorized and falsified testing kits.
Online dangers
With an increasing amount of COVID-related frauds, INTERPOL is also advising members of the public to take special care when going online to search for medical equipment or medicines.
In addition to the dangers of ordering potentially life-threatening products, an analysis by the INTERPOL’s Cybercrime Unit revealed that of 3,000 websites associated with online pharmacies suspected of selling illicit medicines and medical devices, around 1,700 contained cyber threats, especially phishing and spamming malware.
To avoid falling victim to online scams, it is important to be vigilant, be skeptical and be safe, as offers which appear too good to be true usually are. Always check with your national health authorities or the World Health Organization for the latest health advice in relation to COVID-19.
Leave a comment ,

New FEMA Study Projects Implementing I-Codes Could Save $600 Billion by 2060

Agency News, Industry News
FEMA released its landmark study, “Building Codes Save: A National Study,” featuring an in-depth look at the quantified benefits—avoided losses to buildings and building contents—from adopting modern building codes and standards. As the frequency and severity of natural hazards continue to increase year-over-year, this study reaffirms that building codes continue to be the best first line of defense.
“With incredible analytic detail, this study reaffirms what so many studies before have concluded — adopting and implementing the I-Codes is one of the most effective ways to safeguard our communities against disasters,” said Code Council Chief Executive Officer Dominic Sims, CBO. “But further strides must be made in states and localities where the report identifies there are no codes adopted or where codes have not been updated this century.  We thank FEMA for highlighting the value of and need for coordinated action at all levels of government that is critical to ensuring our homes and businesses are best positioned to weather the increasing hazard risks posed by our changing climate.”
International Code Council and FLASH celebrate the most comprehensive study conducted around hazard-resilient building codes to-date
The study affirmed the recent finding by the National Institute of Building Sciences that adopting modern codes provides $11 in mitigation savings for every $1 invested. Alarmingly, the FEMA study found that currently 65 percent of counties, cities, and towns across the U.S. have not adopted modern building codes, only 50 percent of cumulative post-2000 construction adhered to the I-Codes, and 30 percent of new construction is occurring in communities with no codes at all  or codes that are more than 20 years outdated.
“This study is excellent news for consumers as it delivers powerful economic evidence that modern building codes are the essential public policy tool to help communities survive and recover from disasters,” said FLASH President and CEO Leslie Chapman-Henderson. “The findings validate yet again that safer and stronger buildings preserve our quality of life today and strengthen our ability to confront an accelerating number of deadly, billion-dollar disasters tomorrow. We urge all leaders to recognize and use these profound insights to champion the cause for codes, and we thank FEMA for their leadership in bringing this critical information forward.”
“We are not powerless in the face of severe weather,” explains Dr. Anne Cope, chief engineer for the Insurance Institute for Business & Home Safety (IBHS). “The latest building science, including research conducted at the IBHS Research Center, points us to actionable and affordable ways to strengthen our homes and businesses to reduce avoidable losses from natural catastrophes. A critical step toward ending the cycle of repeated losses, particularly in coastal areas, is the adoption and enforcement of modern building codes.”
Based on a database of more than 18 million actual buildings constructed since the inception of the I-Codes in 2000, the frequency of hazard events across the country, and the contents and edition of the International Residential Code (IRC) and International Building Code (IBC) in effect in each locality where post-2000 construction took place, the study found:
- The IRC and IBC provided more than $27 billion in cumulative mitigation benefits against flood, hurricane wind, and earthquake hazards from 2000 to 2016. These benefits could have been doubled if all post 2000 construction adhered to the I-Codes.
- If construction continues at the pace the study observed and if the proportion of that construction adhering to the I-Codes is consistent with the trend the study identifies, the I-Codes could help communities avoid $132 billion to $171 billion in cumulative losses through 2040.
- If all new buildings across the U.S. were built to modern editions of the I-Codes, the country would save more than $600 billion by 2060.
The cost of not adopting building codes is too high. As FEMA’s materials make clear: “Adopting building codes is the single most effective thing we can do! One change in building codes can save lives and protect property for generations to come.” Proper implementation of adopted codes is also critical, as the means through which codes’ theoretical benefits are delivered in the field.
Leave a comment ,

ENISA Report Highlights Resilience of Telecom Sector in Facing the Pandemic

Agency News, Industry News, Telecomms sector
ENISA is releasing its ‘Telecom Security During a Pandemic’ report at the 32nd meeting of EU telecom security authorities. Underlining the current strength of the sector in the face of the pandemic, the report also calls for increased cooperation, as telecommunications become more and more essential for Europe’s society and economy.
the European Union Agency for Cybersecurity (ENISA) is releasing its Telecom Security During a Pandemic report, which gives an overview of initiatives and good practices in the telecom sector to mitigate the impact of the pandemic. The report highlights the resiliency of telecom networks and services during the pandemic, which sustained major fluctuations in usage and traffic. The report also points to the need for increased cooperation between the public and private sectors as the role of telecoms expands.
The COVID-19 pandemic triggered major changes in the use of telecom networks and services: employees are teleworking; students are learning online; people are communicating via video. Almost overnight, the telecoms sector became a lifeline for Europe’s citizens and businesses. The pandemic put the telecom sector to the test with traffic peaks and spikes, combined with a national crisis and difficult working circumstances. Peaks followed major announcements about the pandemic; spikes occurred after news of lockdowns and closures. The diagram below shows the correlation between COVID-19 cases and fluctuations in network traffic on a single timeline. This is an example of one provider in one EU country, but it is representative of what other operators in Europe observed.
The report is divided in three parts:
- Early response phase: The report assesses the steps taken by telecom providers in the early response phase when providers activated their business continuity plans and supported emergency communications and communications via public warning systems.
- From initial strain to the new normal: Telecom providers had to deal with major surges and shifts in usage and in traffic patterns from the start of the pandemic. Gradually, this stabilised and became “the new normal”. The report examines the changes in usage, traffic patterns and network performance during the pandemic, and provides various examples of how providers managed the increased network loads.
- Response by the national authorities and collaboration with the telecom sector: The report provides a brief country-by-country summary of the pandemic response by the national telecom security authorities in the Union. It also highlights examples of industry initiatives, collaboration initiatives and information sharing between providers and authorities.
Leave a comment ,

JRC proposes a new framework to raise awareness and resilience against hybrid threats

Agency News, Industry News
A new conceptual framework on hybrid threats designed by researchers aims to increase the understanding of hybrid threats and facilitate the development of effective measures to improve resilience against these threats.
The 'hybrid threats' concept refers to coordinated action conducted by hostile state or non-state actors with the deliberate goal to undermine or harm democratic states.
Although the topic is high on the political agenda, our understanding of hybrid threats is often limited to past experiences and known forms of interference, such as disinformation and terrorism.
Working together with the Centre of Excellence for Countering Hybrid Threats (Hybrid CoE), the JRC has developed a conceptual framework, which describes the components of hybrid threats in terms of actors, their objectives, tools, the domains that can be compromised as well as the different phases of action.
Speaking during the launch event of the conceptual framework, Mariya Gabriel, European Commissioner for Innovation, Research, Culture, Education and Youth, said: "The EU has the capacities and know-how to build its resilience against hybrid threats. But we need to understand the problem in depth to be able to design an effective response. It is our advantage that we ground our policy actions on science. The conceptual framework is an instrumental part of this process. It provides a comprehensive description of hybrid threats, actors and the tools that can be used against EU countries."
The work aims to facilitate the early detection of hybrid threats, the identification of gaps in preparedness and response and the development of effective measures to counter this complex phenomenon.
The research teams call for a whole-of-society approach, which brings together all civil, military and political actors for a more effective response to hybrid threats.
Understanding modern hybrid threats
The concept of hybrid threats is not new, but modern tools and technologies, as well as increased levels of connectivity have enabled the actors behind hybrid threats to organise attacks with potentially devastating effects.
Cyberattacks, disinformation campaigns and election interference can be part of hybrid threat activity, but none of them constitutes a hybrid threat alone.
Hybrid campaigns can be a combination of both conventional and non-conventional means, including classic warfare, cyberattacks, fake news and election interference.
They are designed to be difficult to detect or attribute to any individual or group.
The actors behind these actions aim to create ambiguity and confusion by blurring the borders of what is true and what is false, what is acceptable and what is unacceptable behaviour, manipulating legal thresholds and making it difficult attribute responsibility for wrong-doing to any particular actor.
The overarching objective of the actors is to undermine public trust in democratic institutions, challenge the core values of societies, gain geopolitical influence and weaken the decision-making capacity of countries.
Leave a comment ,

CISA releases the insider threat mitigation guide

Agency News, Cyber Security CII sector, Industry News
The Cybersecurity & Infrastructure Security Agency (CISA) has released their Insider Threat Mitigation Guide for organizations who have individuals entrusted with access to or knowledge of their organization, who represent potential risks, which includes current or former employees or any other person who has been granted access, understanding, or privilege.
Organizations of all types and sizes are vulnerable to insider threats. The CISA Insider Threat Mitigation Guide is designed to assist individuals, organizations, and communities in improving or establishing an insider threat mitigation program. It offers a proven framework that can be tailored to any organization regardless of size. It provides an orientation to the concept of insider threat, the many expressions those threats can take, and offers an integrated approach necessary to mitigate the risk. The Guide shares best practices and key points from across the infrastructure communities.
"This Insider Threat Mitigation Guide is an evolution in the series of resources CISA makes available on insider threats. This Guide draws from the expertise of some of the most reputable experts in the field to provide comprehensive information to help federal, state, local, tribal, and territorial governments; non-governmental organizations; and the private sector establish or enhance an insider threat prevention and mitigation program."
"Moreover, this Guide accomplishes this objective in a scalable manner that considers the level of maturity and size of the organization. It also contains valuable measures for building and using effective threat management teams. Through a case study approach, this Guide details an actionable framework for an effective insider threat mitigation program: Defining the Threat, Detecting and Identifying the Threat, Assessing the Threat, and Managing the Threat." said Steve Harris, Acting Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency.
The full Guide can be downloaded at CISA.org >> 
Leave a comment , ,

Europe deploys 7Shield - cybersecurity from space?

Agency News, Cyber Security CII sector, Industry News
SHIELD – Safety and Security Standards of Space Systems, ground Segments and Satellite data assets, via prevention, detection, response and mitigation of physical and cyber threats.
The project gives an innovative boost to the protection of earth segments and satellite data resources. Protecting critical infrastructures from cyber threats. From IoT to machine learning, here are the advanced technologies integrated into the framework.
The overall concept of 7SHIELD is to provide to the European Ground Segment facilities a holistic framework enable to confront complex cyber and physical threats by covering all the macrostages of crisis management, namely pre-crisis, crisis and post-crises phases.
The Copernicus era has created a new market with the massive amounts of satellite data that the ground segments of space systems receive serve to the market and governmental bodies.
A physical/cyber-attack to their installations or communication networks, respectively, would cause debilitating impact on public safety and security of EU citizens and public authorities. A physical attack on a space ground segment makes the distribution of satellite data problematic and, on the other hand, a cyber-attack in its data storage, access and exchange affects not only the reliability of space data, but also their FAIR standards: findability, accessibility, interoperability and reusability. Current approaches do not fully exploit the recent advances in surveillance mechanisms with robotic technologies and AI.
Given the above, the Center for Security Studies (KEMEA), has successfully submitted as member of a wider consortium, 7SHIELD proposal under the topic “SU-INFRA01-2019: Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe” of H2020. 7SHIELD has officially started on September 2020 and will have a duration of 24 months, coordinated by ENGINEERING (Italy).
7SHIELD will be an integrated yet flexible and adaptable framework enabling the deployment of innovative services for cyber-physical protection of ground segments, such as e-fences, passive radars and laser technologies, multimedia AI technologies, that enhance their protection capabilities, while integrating or interoperating with existing protection solutions already deployed at their installations. The framework will integrate advanced technologies for data integration, processing, and analytics, machine learning and recommendation systems, data visualization and dashboards, data security and cyber threat protection. The technological solution is co-designed with first responders’ teams and contributes to policy making, standardisation and new guidelines for contingency planning and service continuity. The project will be evaluated and demonstrated in five installations of ground segments of space systems.
KEMEA will be a task leader both in identifying security requirements in relation to the technology systems in use and the integration of the 7SHIELD solution and in defining the model of the Emergency Response Plan, by following the guidelines as described in international Standards such as ISO22320:2018 Security and resilience -- Emergency management -- Guidelines for incident management. KEMEA will also have a crucial role in pilot implementation, evaluation and training and an overall contribution to the whole development of the program.
Leave a comment , ,
1 30 31 32 33 34 37