NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

The National Security Agency (NSA), CISA, and the Office of the Director of National Intelligence (ODNI), published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents both the benefits and risks associated with 5G network slicing. It also provides mitigation strategies that address potential threats to 5G network slicing.

Building upon the work published in the Enduring Security Framework’s Potential Threat Vectors to 5G Infrastructure, the Enduring Security Framework1 (ESF) established a working panel comprised of government and industry experts and conducted an in-depth review of network slicing, a key component of 5G infrastructure. This working panel assessed the security, risks, benefits, design, deployment, operations, and maintenance of a network slice.

For this guidance, a network slice is defined as an end-to-end logical network that provides specific network capabilities and characteristics for a user.

As with any emerging technology, with increased benefits come increased risks. This guidance intends to introduce 5G stakeholders to the benefits associated with network slicing and introduce perceived risks and management strategies that may address those risks.

The guidance builds upon ESF’s Potential Threat Vectors to 5G Infrastructure, published in 2021.

Trends in maritime communications

An estimated 90 per cent of the goods traded around the world travel by sea. Vital commodity flows, as well as seafarer safety, hinge on ever more sophisticated maritime communication networks.

Much of the world’s commerce would simply not be possible without the plethora of technologies making up today’s maritime communications ecosystem. These include ship stations (meaning radiocommunication equipment on board commercial, passenger or patrol vessels, etc.); coast stations that support ships at sea; as well as radar services, automatic identification, and maritime distress systems.

Although the International Maritime Organization (IMO) develops regulations for shipping, ensuring safe maritime communication largely falls to the International Telecommunication Union (ITU).

ITU Recommendations, Reports, Regulations, and databases – along with giving seafarers vital information – help safeguard the frequency bands that vessels use to navigate safely, as explained by ITU’s German Medici.

Modernizing the GMDSS

Distress, safety, and emergency maritime communications are coordinated through the Global Maritime Distress and Safety System (GMDSS), which uses terrestrial communication and satellite systems (such as those operated by Inmarsat and Iridium) to connect ships and coast stations. Discussions currently underway at ITU aim to make the GMDSS more flexible in terms of maritime safety information distribution, which in turn should open the door to new technology applications in this area, said Medici.

The GMDSS continues to evolve to improve and enhance maritime communications and safety.  Satellite EPIRBs operating at 1.6 gigahertz (GHz) and using very high frequency (VHF) systems for DSC will no longer be part of the GMDSS. However, the IMO may soon allow an existing geostationary satellite system to become a new GMDSS satellite service provider, explained Medici.

Evolving e-navigation

In the future, seafarers will increasingly rely on communications services, such as e-navigation, which IMO defines as “the harmonized collection, integration, exchange, presentation and analysis of marine information on board and ashore by electronic means to enhance berth-to-berth navigation and related services for safety and security at sea and to protect the marine environment”. High-speed broadband connections will keep ships and shore facilities continuously updated and let mariners follow real-time data displays on the bridge.

Ships will increasingly use VHF data exchange systems that integrate data exchange, application-specific messaging, and automatic identification capabilities in the same VHF maritime band, Medici added.

Beacon detection and response

Cospas-Sarsat, a satellite-aided, treaty-based search and rescue initiative that has been operational since 1985, is now developing a second-generation beacon and medium-Earth orbit search and rescue system (MEOSAR), in which repeaters are placed on global navigation satellite system (GNSS) satellites.

The initiative brings together 45 nations and agencies to collaboratively detect and locate radio beacons activated by aircraft, vessels or people in distress.

This Cospas-Sarsat development will enable near-time global coverage of beacon localization and distress message transmission, said Medici. A new “return-link-service” (RLS) will give users a confirmation that their message was received.

Autonomous vessels on the waves

Maritime autonomous surface ships (MASS) are also on the horizon. These are ships that can operate independently (to varying degrees) of human interaction.

“In April 2022, IMO began work on the development of a regulatory framework for Maritime Autonomous Surface Ships,” Medici noted.  The work aims to integrate new and advancing technologies in its regulatory framework – balancing the benefits derived from new and advancing technologies against safety and security concerns, the impact on the environment and on international trade facilitation, the potential costs to the industry, and their impact on personnel, both on board and ashore.

For the moment, these “autonomous vessels” lack specified spectrum requirements.  But that may change as MASS communications requirements are identified.  “The development of MASS may be supported by future ITU studies, including potential determination of their spectrum needs, and the publication of associated ITU Recommendations and Reports,” Medici concluded.

[Source: ITU]

Critical Infrastructure: Actions Needed to Better Secure Internet-Connected Devices

The USA's 16 critical infrastructure sectors rely on internet-connected devices and systems to deliver essential services, such as electricity and health care. These sectors face increasing cybersecurity threats—an issue on our High Risk list.

Federal agencies that have leadership roles in 3 sectors we reviewed have taken some steps to manage the cybersecurity risks posed by internet-connected devices and systems. But they've not assessed risks to the sectors as a whole. Without a holistic assessment, the agencies can't know what additional cybersecurity protections might be needed.

Cyber threats to critical infrastructure IoT and OT represent a significant national security challenge. Recent incidents—such as the ransomware attacks targeting health care and essential services during the COVID-19 pandemic—illustrate the cyber threats facing the nation's critical infrastructure. Congress included provisions in the IoT Cybersecurity Improvement Act of 2020 for GAO to report on IoT and OT cybersecurity efforts.

This report (1) describes overall federal IoT and OT cybersecurity initiatives; (2) assesses actions of selected federal agencies with a lead sector responsibility for enhancing IoT and OT cybersecurity; and (3) identifies leading guidance for addressing IoT cybersecurity and determines the status of OMB's process for waiving cybersecurity requirements for IoT devices. To describe overall initiatives, GAO analyzed pertinent guidance and related documentation from several federal agencies.

To assess lead agency actions, GAO first identified the six critical infrastructure sectors considered to have the greatest risk of cyber compromise. From these six, GAO then selected for review three sectors that had extensive use of IoT and OT devices and systems. The three sectors were energy, healthcare and public health, and transportation systems. For each of these, GAO analyzed documentation, interviewed sector officials, and compared lead agency actions to federal requirements.

GAO also analyzed documentation, interviewed officials from the selected sectors, and compared those sector's cybersecurity efforts to federal requirements. GAO also interviewed OMB officials on the status of the mandated waiver process.

The nation's critical infrastructure sectors rely on electronic systems, including Internet of Things (IoT) and operational technology (OT) devices and systems. IoT generally refers to the technologies and devices that allow for the network connection and interaction of a wide array of “things,” throughout such places as buildings, transportation infrastructure, or homes. OT are programmable systems or devices that interact with the physical environment, such as building automation systems that control machines to regulate and monitor temperature.

Figure: Overview of Connected IT, Internet of Things (IoT), and Operational Technology

To help federal agencies and private entities manage the cybersecurity risks associated with IoT and OT, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) have issued guidance and provided resources. Specifically, CISA has published guidance, initiated programs, issued alerts and advisories on vulnerabilities affecting IoT and OT devices, and established working groups on OT. NIST has published several guidance documents on IoT and OT, maintained a center of cybersecurity excellence, and established numerous working groups. In addition, the Federal Acquisition Regulatory Council is considering updates to the Federal Acquisition Regulation to better manage IoT and OT cybersecurity risks.

Selected federal agencies with a lead role have reported various cybersecurity initiatives to help protect three critical infrastructure sectors with extensive use of IoT or OT devices and systems.

Title: Sector Lead Agencies' Internet of Things (IoT) or Operational Technology (OT) Cybersecurity Initiatives

Sector (Lead Federal Agency)

Examples of IoT or OT Initiatives

Energy (Department of Energy)

Considerations for OT Cybersecurity Monitoring Technologies guidance provides suggested evaluation considerations for technologies to monitor OT cybersecurity of systems that, for example, distribute electricity through the grid.

Cybersecurity for the Operational Technology Environment methodology aims to enhance energy sector threat detection of anomalous behavior in OT networks, such as electricity distribution networks.

Healthcare and public health (Department of Health and Human Services)

Pre-market Guidance for Management of Cybersecurity identifies issues related to cybersecurity for manufacturers to consider in the design and development of their medical devices, such as diagnostic equipment.

Post-market Management of Cybersecurity in Medical Devices provides recommendations for managing cybersecurity vulnerabilities for marketed and distributed medical devices, such as infusion pumps.

Transportation systems (Departments of Homeland Security and Transportation)

Surface Transportation Cybersecurity Toolkit is designed to provide informative cyber risk management tools and resources for control systems that, for example, function on the mechanics of the vessel.

Department of Homeland Security's Transportation Security Administration's Enhancing Rail Cybersecurity Directive requires actions, such as conducting a cybersecurity vulnerability assessment and developing of cybersecurity incident response plans for higher risk railroads.

Source: GAO analysis of agency documentation │ GAO-23-105327

However, none of the selected lead agencies had developed metrics to assess the effectiveness of their efforts. Further, the agencies had not conducted IoT and OT cybersecurity risk assessments. Both of these activities are best practices. Lead agency officials noted difficulty assessing program effectiveness when relying on voluntary information from sector entities. Nevertheless, without attempts to measure effectiveness and assess risks of IoT and OT, the success of initiatives intended to mitigate risks is unknown.

The Internet of Things Cybersecurity Improvement Act of 2020 generally prohibits agencies from procuring or using an IoT device after December 4, 2022, if that device is considered non-compliant with NIST-developed standards. Pursuant to the act, in June 2021 NIST issued a draft guidance document that, among other things, provides information for agencies, companies and industry to receive reported vulnerabilities and for organizations to report found vulnerabilities. The act also requires the Office of Management and Budget (OMB) to establish a standardized process for federal agencies to waive the prohibition on procuring or using non-compliant IoT devices if waiver criteria detailed in the act are met.

As of November 22, 2022, OMB had not yet developed the mandated process for waiving the prohibition on procuring or using non-compliant IoT devices. OMB officials noted that the waiver process requires coordination and data gathering with other entities. According to OMB, it is targeting November 2022 for the release of guidance on the waiver process. Given the act's restrictions on agency use of non-compliant IoT devices beginning in December 2022, the lack of a uniform waiver process could result in a range of inconsistent actions across agencies.

FEMA Obligates Over $10M Through Swift Current Initiative

FEMA has obligated $10.28 million in flood resilience projects through the Flood Mitigation Assistance Swift Current initiative. This is the first FEMA initiative funded through President Biden’s Infrastructure Investment and Jobs Act, also known as the Bipartisan Infrastructure Law.

The initiative allocates a total of $60 million to Louisiana, Mississippi, New Jersey and Pennsylvania—all states affected by Hurricane Ida—to equitably expedite mitigation grants to disaster survivors with repetitively flooded homes. The application period opened April 1, and by Aug. 1, the funding requested exceeded the amount made available through the Swift Current Initiative by over $9 million. FEMA continues to review all other subapplications submitted to the Flood Mitigation Assistance Swift Current initiative and will announce further selections in the upcoming months.

Selections include acquiring 31 flood-prone properties in New Jersey and converting land to open space while two properties in Louisiana will be reconstructed to better withstand flooding. More information about these and other selections is available on FEMA.gov.

Swift Current seeks to substantially speed up the award of Flood Mitigation Assistance funding after a flooding event and reduce the complexity of the application process. Its goal is to obligate flood mitigation dollars for repetitively and substantially flood damaged properties insured through the National Flood Insurance Program as quickly and equitably as possible after a disaster event.

The program recognizes the growing flood hazards associated with climate change, and of the need for flood hazard risk mitigation activities that promote climate adaptation, equity and resilience to flooding. These hazards are expected to increase in frequency and intensity.

Cybersecurity Investments in the EU: Is the Money Enough to Meet the New Cybersecurity Standards?

The European Union Agency for Cybersecurity publishes the latest report on Network and Information Security Investments in the EU providing an insight on how the NIS Directive has impacted the cybersecurity budget of operators over the past year with deep-dives into the Energy and Health sectors.

The report analyses data collected from Operators of Essential Services (OES) and from Digital Service Providers (DSP) identified in the European Union's Directive on Network and Information Security Systems (NIS Directive). The analysis seeks to understand whether those operators have invested their budgets differently over the past year in order to meet the new requirements set by the legislative text.

EU Agency for Cybersecurity, Executive Director, Juhan Lepassaar, declared: “The resilience of our EU critical infrastructures and technologies will highly depend on our ability to make strategic investments. I am confident that we have the competence and skills driving us to achieve our goal, which is to ensure we will have the adequate resources at hand to further develop our cybersecurity capacities across all economic sectors of the EU."

Contextual parameters framing the analysis

The report includes an analysis reaching more than 1000 operators across the 27 EU Member States. Related results show that the proportion of Information Technology (IT) budget dedicated to Information Security (IS) appears to be lower, compared to last year's findings, dropping from 7.7% to 6.7%.

These numbers should be conceived as a general overview of information security spending across a varied typology of strategic sectors. Accordingly, specific macroeconomic contingencies such as COVID19 may have influenced the average results.

What are the key findings?

  • The NIS Directive, other regulatory obligations and the threat landscape are the main factors impacting information security budgets;
  • Large operators invest EUR 120 000 on Cyber Threat Intelligence (CTI) compared to EUR 5 500 for SMEs, while operators with fully internal or insourced SOCs spend around EUR 350 000 on CTI, which is 72% more than the spending of operators with a hybrid SOC;
  • The health and banking sectors bear the heaviest cost among the critical sectors in case of major cybersecurity incidents with the median direct cost of an incident in these sectors amounting to EUR 300 000;
  • 37% of Operators of Essential Services and Digital Service Providers do not operate a SOC; 
  • For 69% the majority of their information security incidents are caused by vulnerabilities in software or hardware products with the health sector declaring the higher number of such incidents;
  • Cyber insurance has dropped to 13% in 2021 reaching a low 30% compared to 2020;
  • Only 5% of SMEs subscribe to cyber insurance;
  • 86% have implemented third-party risks management policies.

Key findings of Health and Energy sectors

  • Health

From a global perspective, investments in ICT for the health sector seem to be greatly impacted by COVID-19 with many hospitals looking for technologies to expand healthcare services to be delivered beyond the geographical boundaries of hospitals. Still, cybersecurity controls remain a top priority for spending with 55% of health operators seeking increased funding for cybersecurity tools.

64% of health operators already resort to connected medical devices and 62% already deployed a security solution specifically for medical devices. Only 27% of surveyed OES in the sector have a dedicated ransomware defence programme and 40% of them have no security awareness programme for non-IT staff.

  • Energy

Oil and gas operators seem to prioritise cybersecurity with investments increasing at a rate of 74%.  Energy sector shows a trend in investments shifting from legacy infrastructure and data centres to cloud services.

However, 32% of operators in this sector do not have a single critical Operation Technology (OT) process monitored by a SOC. OT and IT are covered by a single SOC for 52% of OES in the energy sector.

United States and Spain Announce the Development of a New Capacity Building Tool to Combat Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the U.S. Department of State and the Spanish Ministry of the Interior, announced a joint project to develop a capacity-building tool to help countries utilize public-private partnerships (PPPs) to combat ransomware. This project was developed as part of the Second International Counter Ransomware Initiative (CRI) Summit, which was convened in Washington, D.C. The CRI is a global coalition of 36 partner nations and the European Union dedicated to confronting the scourge of ransomware.

The CRI’s Public-Private Partnership (P3) Working Group, chaired by Spain, has focused on the essential need for close collaboration between governments and the private sector to address the challenges posed by ransomware. This tool will provide much needed guidance to nations around the world seeking to develop or deepen such public-private partnerships.

“Building capacity across the world is an essential aspect of our fight against ransomware,” said Brandon Wales, CISA Executive Director. “By learning from each other—public and private sector alike—and sharing that knowledge more broadly, we can effectively protect the critical infrastructure necessary to sustain not only American society, but the global institutions and networks upon which it relies.”

“Spain has the strong conviction that this project will contribute in a decisive manner to expose the most innovative state of the art of PPP best practices to fight against ransomware, said Guillermo Ardizone Garcίa, Political Director of the Ministry of Foreign Affairs. “Thereby, all multi-stakeholders and partners involved in the CRI will be benefited from this line of action. Spain will actively encourage state and non-state stakeholders to join in this project poised to broadly share the PPP best practices, including creative financing schemes.”

When completed, the tool will feature a series of case studies of PPPs that have been used in the counter-ransomware fight, including those pioneered by members of the CRI P3 Working Group. The tool will highlight the features that made these efforts successful and will be designed to provide practical guidance to countries looking to implement their own PPPs as part of their national counter-ransomware efforts.

To develop the tool, the United States and Spain are partnering with the Global Forum on Cyber Expertise (GFCE), a global leader in cyber capacity building that will commission experts to deliver the tool. Other CRI members have been invited to provide additional financial and practical support to the project.

Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape

With the geopolitical context giving rise to cyberwarfare and hacktivism, alarming cyber operations and malignant cyberattacks have altered the trends of the 10th edition of the Threat Landscape report released by the European Union Agency for Cybersecurity (ENISA).

The ENISA Threat Landscape 2022 (ETL) report is the annual report of the EU Agency for Cybersecurity on the state of the cybersecurity threat landscape. The 10th edition covers a period of reporting starting from July 2021 up to July 2022.

With more than 10 terabytes of data stolen monthly, ransomware still fares as one of the prime threats in the new report with phishing now identified as the most common initial vector of such attacks. The other threats to rank highest along ransomware are attacks against availability also called Distributed Denial of Service (DDoS) attacks.

However, the geopolitical situations particularly the Russian invasion of Ukraine have acted as a game changer over the reporting period for the global cyber domain. While we still observe an increase of the number of threats, we also see a wider range of vectors emerge such as zero-day exploits and AI-enabled disinformation and deepfakes. As a result, more malicious and widespread attacks emerge having more damaging impact.

EU Agency for Cybersecurity Executive Director, Juhan Lepassaar stated that “Today's global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors. We enter a phase which will need appropriate mitigation strategies to protect all our critical sectors, our industry partners and therefore all EU citizens."

Prominent threat actors remain the same

State sponsored, cybercrime, hacker-for-hire actors and hacktivists remain the prominent threat actors during the reporting period of July 2021 to July 2022.

Based on the analysis of the proximity of cyber threats in relation to the European Union (EU), the number of incidents remains high over the reporting period in the NEAR category. This category includes affected networks, systems, controlled and assured within EU borders. It also covers the affected population within the borders of the EU.

Threat analysis across sectors

Added last year, the threat distribution across sectors is an important aspect of the report as it gives context to the threats identified. This analysis shows that no sector is spared. It also reveals nearly 50% of threats target the following categories; public administration and governments (24%), digital service providers (13%) and the general public (12%) while the other half is shared by all other sectors of the economy.

Top threats still standing their grounds

ENISA sorted threats into 8 groups. Frequency and impact determine how prominent all of these threats still are.

Ransomware:
- 60% of affected organisations may have paid ransom demands
Malware:
- 66 disclosures of zero-day vulnerabilities observed in 2021
Social engineering:
- Phishing remains a popular technique but we see new forms of phishing arising such as spear-phishing, whaling, smishing and vishing
Threats against data:
- Increasing in proportionally to the total of data produced
Threats against availability:
- Largest Denial of Service (DDoS) attack ever was launched in Europe in July 2022;
- Internet: destruction of infrastructure, outages and rerouting of internet traffic.
Disinformation – misinformation:
- Escalating AI-enabled disinformation, deepfakes and disinformation-as-a-service
Supply chain targeting:
- Third-party incidents account for 17% of the intrusions in 2021 compared to less than 1% in 2020

Contextual trends emerging

- Zero-day exploits are the new resource used by cunning threat actors to achieve their goals;
- A new wave of hacktivism has been observed since the Russia-Ukraine war.
- DDoS attacks are getting larger and more complex moving towards mobile networks and Internet of Things (IoT) which are now being used in cyberwarfare.
- AI-enabled disinformation and deepfakes. The proliferation of bots modelling personas can easily disrupt the “notice-and-comment” rulemaking process, as well as the community interaction, by flooding government agencies with fake contents and comments.

Shifting motivation and digital impact are driving new trends

An impact assessment of threats reveals 5 types of impact; damages of reputational, digital, economical, physical or social nature. Although for most incidents the impact really remains unknown because victims fail to disclose information or the information remains incomplete.

Prime threats were analysed in terms of motivation. The study reveals that ransomware is purely motivated by financial gains. However, motivation for state sponsored groups can be drawn from geopolitics with threats such as espionage and disruptions. Ideology may also be the motor behind cyber operations by hacktivists.

Chemical security experts call for multisector cooperation against terrorism

The devastating impact of chemical weapons and explosives used in acts of terrorism continues to affect civilian populations and is well known for its destructive and long-term harm.

Last year over 1,000 improvised explosive device (IED) attacks were conducted by non-state actors, injuring over 7,150 people in more than 40 countries. Many attacks come from chemicals that criminals acquired through weak points in the supply chain – from manufacturing to storage and retail– and made into weapons.

To counter this threat, some 220 chemical security practitioners from more than 70 countries met at INTERPOL’s 3rd Global Congress on Chemical Security and Emerging Threats to find ways of reducing vulnerabilities by enhancing multisector cooperation and collaboration.

With a focus on acquisition, transportation, physical and cyber security of chemical materials, the meeting highlighted a range of security issues, such as detecting cross-border movements of regulated material and implementing regulatory frameworks.

Terrorists’ misuse of e-commerce and new technologies

The Global Congress also explored ways to counter emerging threats including terrorists’ misuse of e-commerce and new technologies to acquire toxic and precursor chemicals.

Due to the substantial growth and access to the Internet in recent years, so too we have seen an increase in digital content produced and shared through platforms such as instant messaging, social networking, blogs and online portals. The misuse of technologies can be seen as a result of this rapid growth in content, and with it a rise in suspicious activities.

Law enforcement agencies provided examples of investigative techniques that could be used to identify and prosecute the illicit purchase or sale of chemicals on the Dark Net. These lessons provided delegates with solutions to address the use of sophisticated technologies for nefarious purposes.

"The concerted effort of global law enforcement, along with our partners, is key to combatting the use of explosive precursor chemicals and chemical weapons,” Mr Hinds added.

Dual-use and precursor chemicals have a wide legitimate function in the production of consumer goods such as pharmaceuticals, cleaning supplies and fertilizers. This raises significant challenges to prevent and monitor, and remains one of the inherent threats to chemical security worldwide.

INTERPOL awareness video - ‘The Watchmaker’

In this context, an INTERPOL-produced awareness video was premiered at the meeting to engage a broad spectrum of stakeholders in understanding the importance of individuals and companies to secure dangerous toxic chemicals, including equipment.

Entitled ‘The Watchmaker’, the video highlights the need for multisector cooperation to combat these threats and will be used in a series of INTERPOL capacity building workshops and other activities related to counter-terrorism and prevention.

“Multisector collaboration is essential for us to tackle the threats we face from criminals who gain access to dangerous chemicals with malevolent intentions. Morocco is committed to strengthening the engagement of these issues as part of our proactive approach to combating terrorism,” said Mr. Mohammed Dkhissi, Head of National Central Bureau, Rabat.

Other measures proposed by the Global Congress Network include:

- Advocating chemical security recommendations such as increased retail reporting on suspicious activity;
- Expanding the INTERPOL-hosted Global Knowledge Hub, which allows members to engage in interactive discussions and access good practice guidance;
- Strengthening the Global Congress Network through greater diversity of expertise and activities across regions and sectors;
- Promoting decision-making tools such as a customer database, which can flag areas of security concern.

Since its inception in 2018, the Global Congress has been jointly led by INTERPOL, the US Cybersecurity and Infrastructure Security Agency (CISA), the US Defense Threat Reduction Agency (DTRA) and the US Federal Bureau of Investigation (FBI), and implemented in cooperation with the G7 Global Partnership Against the Spread of Weapons and Materials of Mass Destruction.

ITU Emergency Telecom Roster helps restore connectivity after hurricane hits Nicaragua

A powerful tropical hurricane ripped across Nicaragua earlier this month, with torrential rains triggering life-threatening flash floods and mudslides across the Central American country.

The Category 1 storm forced 13,000 people to evacuate to shelters, according to some reports – many with only the clothes on their backs.

“The river rose one metre in ten minutes,” according to eyewitness José Domingo Enríquez of the interior town El Rama, one of the worst-affected. “It was clear the flood was coming fast, and we had to find a way to evacuate.”

Critical electricity and telecommunications services were cut shortly after the storm made landfall, leaving a million people in the dark and worried about their loved ones’ safety.

Emergency Telecom Roster deploys

To help close connectivity gaps and bolster disaster response efforts in some of the country’s hardest-hit areas, two members of ITU’s Emergency Telecommunications Roster (ETR), a group of staff volunteers from across the organization, were deployed to Nicaragua.

Their mission – the first since the roster was created – was two-fold: deliver 10 Iridium satellite phones and 10 Inmarsat Broadband Global Area Network (BGAN) terminals to help restore connectivity as soon as possible, and to provide training for local teams to use the equipment.

ITU will typically deploy equipment upon request from an ITU Member State following a natural hazard, after which the team aims to respond within 24 to 48 hours.

In Nicaragua’s case, the request came via the telecom regulator, TELCOR, and SINAPRED, the country’s national disaster management agency.

Once on the ground, roster members Mario Castro Grande and Hani Alser met with government officials to deliver the equipment, train Telcor and SINAPRED responders, and assess the damage.

According to Alser, local officials were extremely welcoming and highly appreciative of both the equipment and the expertise provided.

“Having at least one technical person and another that can communicate in the local language and knows the customs is key to a successful ETR mission,” added Castro Grande.

Beyond bringing equipment

Delivering critical emergency telecom equipment is only part of ITU’s work in this domain.

The UN agency for information and communication technologies (ICTs) also supports the development and implementation of National Emergency Telecommunication Plans (NETP) among other regulatory and legal disaster preparedness frameworks.

“Nicaragua had a draft NETP back in 2014, but apparently it was shelved,” explained Castro Grande. “Our mission also served as a timely reminder that they should look at it again, with the objective of finalizing it.”

The ITU team also urged national authorities to implement an early warning system. This was another aspect of the mission, said Castro Grande. “We offered some information on appropriate available systems for developing countries, such as cell broadcasting, and informed them on legislative models they could look at.”

The ability of cell broadcast technology to push messages without being affected by traffic load makes it useful during emergencies when data traffic spikes, and regular SMS and voice calls tend to congest mobile networks.

“About 95 per cent of the global population is covered by a broadband network, with 5.7 billion mobile subscriptions, meaning at least 70 per cent of the world is connected,” Castro Grande pointed out. “Cell broadcasting technology should be used to its fullest potential to warn people ahead of disaster.”

Earlier this year, Secretary-General Antonio Guterres announced the United Nations would “spearhead new action to ensure every person on Earth is protected by early warning systems within five years.” ITU is supporting this initiative, which is led by the World Meteorological Organization (WMO).

NCSC CEO delivers international speech on securing the Internet of Things and smart cities

The head of the UK’s National Cyber Security Centre, Lindy Cameron, has emphasised the importance of connected technologies being made secure by design in a speech at Singapore International Cyber Week.

Lindy Cameron said the growth of the Internet of Things (IoT) has brought benefits for consumers, enterprises and at a city level in connected places, but she highlighted that the associated risks must be managed now to stay ahead of cyber threats.

She outlined how the UK has developed a strong framework for managing the future security of the Internet of Things, including through new legislation, the adoption of international cyber security standards and developing ‘secure by design’ principles to help influence IoT at the design phase.

She called for swift, decisive and ongoing action to ensure connected devices are designed, built, deployed and managed with security as a first-class concern, to prevent malicious actors, improve national resilience and reap benefits of these emerging technologies

1 13 14 15 16 17 53