Tag: cybersecurity

CISA Call with Critical Infrastructure Partners on Potential Russian Cyberattacks Against the US

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency convened a three-hour call with over 13,000 industry stakeholders to provide an update on the potential for Russian cyberattacks against the U.S. homeland and answer questions from a range of stakeholders across the nation.

As President Biden noted, evolving intelligence indicates that the Russian Government is exploring options to conduct potential cyberattacks against the United States. CISA echoed the President’s warning on the call and reinforced the urgent need for all organizations, large and small, to act now to protect themselves against malicious cyber activity.

On the three-hour call, CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Tonya Ugoretz, Deputy Assistant Director for the FBI’s cyber division, encouraged organizations of all sizes to have their Shields Up to cyber threats and take proactive measures now to mitigate risk to their networks. They encouraged those on the line to visit CISA.gov/Shields-Up to take action to protect their organizations and themselves and urged all critical infrastructure providers to implement the mitigation guidelines enumerated on CISA.gov/Shields-Up, including:

- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Update the software on your computers and devices to continuously look for and mitigate threats;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data;
- Sign up for CISA’s free cyber hygiene services; and
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly.

Director Easterly urged all organizations, regardless of size, to contact CISA immediately if they believe they may have been impacted by a cyber incident. When cyber incidents are reported quickly, CISA can use the information to render assistance and help prevent other organizations and entities from falling victim to a similar attack.

The event built on a series of briefings that CISA has been convening since late 2021 with U.S. Government and private sector stakeholders at both classified and unclassified levels. This outreach was provided to Federal Civilian Executive Branch Agencies, Sector Risk Management Agencies, private sector partners, state, local, tribal, and territorial (SLTT) governments, and international partners. To date, CISA has hosted or participated in more than 90 engagements reaching tens of thousands of partners.

Leave a comment , , ,

Security Industry world-wide preparing and bracing for the expected crime wave that may occur because of the Russian and Ukrainian affair

Cyber Security CII sector, Industry News

The pandemic resulted in an economic meltdown with crime related issues. The Russian and Ukrainian saga is a global threat because it impacts globally on the energy security. Oil and natural gas are the foundation to all costs for living. Besides such, Ukraine exports grains to many countries which will add and impact the cost of food such as cooking oil, bread and beer.

A second economic meltdown after the pandemic that initially lip-slapped the economy would be a massive blow to all financial sectors and industries.

Statement
Kunwar Singh, Chairman of CAPSI | Central Association for Private Security Industry states ‘’ the private security industry is larger than any military force in the world. The private security has the skills to manage the behaviour of the population. Furthermore, the industry has the skills, technology and equipment to find the crime and stop it more effectively. Simply put the security industry is providing more eyes on the ground therefore supporting the police in locating and catching criminals. The security industry must be acknowledged as a vital partner by the regulators’’.

CAPSI [Central Association for Private Security Industry], ISIO[International Security Industry Organization] and SASA (representing 9.15 million practitioners) call upon all security regulars world-wide to take certain steps to ensure a wider market for the legitimate traders. The regulators must protect the industry against illegitimate security companies and practitioners besides criminal elements that could attempt to penetrate the industry.

Learning from History
The economic meltdowns of the past recorded long lines of unemployed people and hungry people. The recent and current statistics related to the meltdown due to the pandemic affirm once again that many are jobless. Every country could be the same or their unique issues relating to the associated crime. One could deduce that whatever the stats were regardless of location, the levels of crime escalated. An example of recent demonstration and riots. These occurred in certain countries that experienced massive mobs against vaccinations.

In specific locations there were mass groups looting under the guise of a politically induced narrative. There were small mob attacks directed towards migrant owned small business besides increased number of pro-nationalist demonstrations on businesses that employ migrants under the banner ‘give the jobs to the citizens. The practitioner should consult their own crime statistics in their location and may be surprised at the escalation overall but pay attention to specific crime.

Possibilities of crime in this economic meltdown
The biggest threat on the ground would be the logistics. Gangs of people hijacking and theft of tankers carrying petrol, food and for that matter anything. These are soft targets on wheels carrying high value goods already without effective security systems. Any interruption in the logistic chain could cause chaos.

Each location and field of interest more than likely experience bribery and corruption of any kind for jobs. Consider expanding your crime research for such when considering the vulnerability landscape because this crime could lead to major reputational damage that obviously effects revenues.

Tony Botes of SASA |South African Security Association says, ’when a country has major job losses then desperate people can do anything. It is vital to protect the entire logistic chain from warehouses stocking all goods, the vehicles as well as the route because empty burnt trucks could shut the road for days causing high anxiety for the population.’

Profit Protect Clients and Security Companies
Clients should avoid reputational damage and lawsuits by using unlicensed security practitioners.
• When using an unlicensed security company then consider that there is no oversight and governance besides their staff being vetted. This could lead to organized or gang crime using the assets of the business for their needs or the staff adding to the loss of profits in some way or the other.

Avoid reputational damage by using professional companies
• When security companies cut rates to clients by cutting costs then they may not be training their staff properly or managing the site professionally. People carry phones that can record bad behaviour and social media could destroy reputations which could be costly.

False Alarms: Attending to false alarms costs money. AI (artificial intelligence) saves the client money because the technology is able to read and distinguish between a false and positive alarm.

Also, AI can
• notify appropriate people to respond thus not wasting money on irrelevant people that also cost money in transportation besides for their time.
• some perpetrators could be stopped before the crime is fully realized or caught quickly saving money and anxiety.
• reducing the percentage of budget for loss prevention
• AI could identify an individual perpetrator or mob formation and could activate counter measures to reduce the collateral damage and related costs.
• Using AI provides the opportunity to increase the number of security investigators that are focused on looking for crime or handling aggressive and violent behaviour and stopping it.
Avoid chaos: There are some sites that could experience specific issues because of the desperation of people. There are sites that could have a high probability of issues related that could demand for strategic security. Chaos can be expensive when the collateral damage is related to staff being hospitalized, assets destroyed or stolen besides the time needed to repair all besides the loss of revenue.
• The professional security company would ensure that the workforce at the entrance control is layered by specific skillsets to reduce the probability of aggressive and violent behaviour.
The economic meltdown can deliver a larger number of criminals and a wide scope of criminal methods on the stage and into the spotlight. This calls for heightened security measures. Criminals may attempt to penetrate buildings for nefarious reasons such as home invasions, burglary, rape, murder or kidnapping. It is costly dearly to emotionally repair people or replace assets.
• AI can assist using applications such as allowing entry to only recognized approved people on their own or escorting others. Obviously. all entry and exit points need to be covered.
• Stop tailgating entry by opportunistic perpetrators

Protect specific assets: The theft of company secrets could tremendously cost a company with loss of market share (money) without them knowing so.

Juan Kirsten of ISIO | International Security Industry Organization remarks that ‘’the security industry has had years of experience in using all types of security technology for example cctv and alarm systems. It is coincidental that AI has matured to the degree that it must be considered as vital tools to use for this threat on the ground. The vulnerability landscape can change speedily and dramatically that calls for devices such as drones, IoT, or software that can improve comprehending the situation and reacting accordingly and timeously’’

Leave a comment ,

NCSC advises organisations to act following Russia’s attack on Ukraine

Agency News, Cyber Security CII sector, Industry News

Following Russia’s unprovoked, premeditated attack on Ukraine, the National Cyber Security Centre continues to call upon on organisations in the UK, and beyond, to bolster their online defences.

The NCSC – which is a part of GCHQ – has urged organisations to follow its guidance on steps to take when the cyber threat is heightened.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine with international consequences.

The guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack.

For the NCSC Guidance visit https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened

Leave a comment , , , ,

CISA and FBI Publish Advisory to Protect Organizations from Destructive Malware Used in Ukraine

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint Cybersecurity Advisory today providing an overview of destructive malware that has been used to target organizations in Ukraine as well as guidance on how organizations can detect and protect their networks. The joint Advisory, “Destructive Malware Targeting Organizations in Ukraine,” provides information on WhisperGate and HermeticWiper malware, both used to target organizations in Ukraine.

Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. While there is no specific, credible threat to the United States at this time, all organizations should assess and bolster their cybersecurity. Some immediate actions that can be taken to strengthen cyber posture include:

- Enable multifactor authentication;
- Set antivirus and antimalware programs to conduct regular scans;
- Enable strong spam filters to prevent phishing emails from reaching end users;
- Update software; and
- Filter network traffic.

“In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, CISA has been working hand-in-hand with our partners to identify and rapidly share information about malware that could threaten the operations of critical infrastructure here in the U.S.,” said CISA Director Jen Easterly. “Our public and private sector partners in the Joint Cyber Defense Collaborative (JCDC), international computer emergency readiness team (CERT) partners, and our long-time friends at the FBI are all working together to help organizations reduce their cyber risk.”

"The FBI alongside our federal partners continues to see malicious cyber activity that is targeting our critical infrastructure sector," said FBI Cyber Division Assistant Director Bryan Vorndran. "We are striving to disrupt and diminish these threats, however we cannot do this alone, we continue to share information with our public and private sector partners and encourage them to report any suspicious activity. We ask that organizations continue to shore up their systems to prevent any increased impediment in the event of an incident."

Executives and leaders are encouraged to review the advisory, assess their environment for atypical channels for malware delivery and/or propagation through their systems, implement common strategies, and ensure appropriate contingency planning and preparation in the event of a cyberattack.

CISA has updated the Shields Up webpage to include new services and resources, recommendations for corporate leaders and chief executive officers, and actions to protect critical assets. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.

Leave a comment , ,

Critical Infrastructure Protection: Agencies Need to Assess Adoption of Cybersecurity Guidance

Agency News, Cyber Security CII sector, Health & Social Care, Industry News, Power/Energy/Oil & Gas sector, Space Sector, Telecomms sector, Transport sector, Water sector

Federal agencies with a lead role to assist and protect one or more of the nation's 16 critical infrastructures are referred to as sector risk management agencies (SRMAs). The SRMAs for three of the 16 have determined the extent of their sector's adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity (framework). In doing so, lead agencies took actions such as developing sector surveys and conducting technical assessments mapped to framework elements. SRMAs for four sectors have taken initial steps to determine adoption (see figure). However, lead agencies for nine sectors have not taken steps to determine framework adoption.

Status of Framework Adoption by Critical Infrastructure Sector

Regarding improvements resulting from sector-wide use, five of the 16 critical infrastructure sectors' SRMAs have identified or taken steps to identify sector-wide improvements from framework use, as GAO previously recommended. For example, the Environmental Protection Agency identified an approximately 32 percent overall increase in the use of framework-recommended cybersecurity controls among the 146 water utilities that requested and received voluntary technical assessments. In addition, SRMAs for the government facilities sector identified improvements in cybersecurity performance metrics and information standardization resulting from federal agencies' use of the framework. However, SRMAs for the remaining 11 sectors did not identify improvements and were not able to describe potential successes from their sectors' use of the framework.

SRMAs reported various challenges to determining framework adoption and identifying sector-wide improvements. For example, they noted limitations in knowledge and skills to implement the framework, the voluntary nature of the framework, other priorities that may take precedence over framework adoption, and the difficulty of developing precise measurements of improvement were challenges to measuring adoption and improvements. To help address challenges, NIST launched an information security measurement program in September 2020 and the Department of Homeland Security has an information network that enables sectors to share best practices. Implementing GAO's prior recommendations on framework adoption and improvements are key factors that can lead to sectors pursuing further protection against cybersecurity threats.

The U.S. has 16 critical infrastructure sectors that provide clean water, gas, banking, and other essential services. To help protect them, in 2014 the National Institute of Standards and Technology developed cybersecurity standards and procedures that organizations within these sectors may voluntarily use. Federal agencies are charged with leading efforts to improve sector security.

The GAO have found agencies have measured the adoption of these standards and procedures for 3 of 16 sectors and have identified improvements across 2 sectors. For example, the EPA found a 32% increase in the use of recommended cybersecurity controls at 146 water utilities.

Leave a comment , ,

2021 Trends Show Increased Globalized Threat of Ransomware

Agency News, Cyber Security CII sector, Industry News

In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) observed incidents involving ransomware against 14 of the 16 U.S. critical infrastructure sectors, including the Defense Industrial Base, Emergency Services, Food and Agriculture, Government Facilities, and Information Technology Sectors. The Australian Cyber Security Centre (ACSC) observed continued ransomware targeting of Australian critical infrastructure entities, including in the Healthcare and Medical, Financial Services and Markets, Higher Education and Research, and Energy Sectors. The United Kingdom’s National Cyber Security Centre (NCSC-UK) recognizes ransomware as the biggest cyber threat facing the United Kingdom. Education is one of the top UK sectors targeted by ransomware actors, but the NCSC-UK has also seen attacks targeting businesses, charities, the legal profession, and public services in the Local Government and Health Sectors.

Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally.

This joint Cybersecurity Advisory—authored by cybersecurity authorities in the United States, Australia, and the United Kingdom—provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

Full report can be downloaded here >>

Leave a comment , ,

Recommendations for the Implementation of an EU Strategy on Technology Infrastructures

Agency News, Cyber Security CII sector, Industry News

As technology infrastructures (TIs) are critical enablers for the European research, development and innovation ecosystems, the European Commission’s Joint Research Centre (JRC) and the European Association of Research and Technology Organisations (EARTO) recommend a pan-European, agile and sustainable environment for their development, accessibility and governance, within the framework of a dedicated EU strategy.

The key role of TIs in RD&I Ecosystems

TIs are (physical or virtual) facilities and equipment, such as demonstrators, testbeds, piloting facilities and living labs, capable of building bridges between science and the market.

They are mostly created, managed, maintained and upgraded by not-for-profit Research Performing Organisations (mainly Research and Technology Organisations – RTOs, and Technical Universities – TUs), which require dedicated and significant resources and competences.

TIs are open to a wide range of public and private users, large and small, collaborating with TI managers to jointly develop and integrate innovative technologies into new products, processes, and services.

Examples  of  technology  infrastructures  include  facilities  to  develop  electrolyser stacks,  biogas  plants,  clean-room  facilities  for  chip  production,  test  areas  for automated shipping or road traffic safety solutions, wind tunnels, testbeds for multi-functional nano-composites, multi-material 3D printing, thermo-plastics and industrial robotics.

Technology Infrastructures are major building blocks for Europe to deliver on its ambitions of making successful transitions to a sustainable, digital and resilient industry and society.

Industry’s innovation capacity, productivity and international competitiveness heavily depend on possibilities to develop, test, validate and upscale new technological solutions at an ever-faster pace.

Towards an EU strategy for technology infrastructures

A European Commission Staff Working Document on TIs published in 2019 recommended the development of an EU Strategy for Technology Infrastructures building on the experience and the framework of the European Strategy for Research Infrastructures (ESFRI) with its own specificities.

In this context, the JRC and EARTO launched a joint project on TIs to gather evidence and highlight the common specificities of TIs across Europe, assess the challenges they face over their whole lifecycle, and identify how their capacity could be further leveraged.

The JRC and EARTO have just published an analysis of the main strategic elements that would ensure an effective and sustainable management of an integrated landscape for TIs at the European level:

  • Combining and completing the existing repositories and mappings of TIs at EU level, covering both TIs’ locations and the services and facilities they offer, could be used to enable a better understanding of the TIs’ landscape by policymakers and users, foster accessibility to TIs, and create connections between complementary TIs.
  • Roadmapping of future needs for capital expenditure (CAPEX) investments in TIs should be organised with a sectorial value-chain and bottom-up approach, with the involvement of TIs’ stakeholders, by identifying the future needs for TIs in existing roadmaps linked to current EU instruments and actions (e.g. European Partnerships, European Research Area (ERA) Industrial Technology Roadmaps).
  • Setting up a mechanism to draw from sectorial roadmaps and prioritise investments in TIs at European level and/or to coordinate and synchronise national/regional TIs’ roadmaps in strategic sectors would be valuable to maximise the use of public funds.
  • Creating an agile Advisory Board will be necessary to operationalise the prioritisation of investments and the coordination of national/regional TIs’ roadmaps. The board should be composed of Member States experts responsible for TIs within national ministries, as well as relevant stakeholders including RTOs, technical universities, and industry (large and small).
  • TIs need to be developed and upgraded at the same fast pace as the technologies and the products that are developed and tested. A strengthened and clearer pathway of grant-based public support for CAPEX investments for the creation and upgrade of TIs, as well as creating synergies for more structural support at European, national, and regional levels would be essential, as the current funding landscape is very scattered. The support for the creation of new TIs should be designed in complementarity with the support for the upgrade of existing ones, taking a balanced approach between the two.
  • Pan-European accessibility to TIs should be facilitated by fostering the use of TIs in competitively funded projects at EU level, defining harmonised principles for access to TIs, and adopting a one-stop-shop approach in specific value-chains.
  • Creating thematic networks of TIs with a value-chain approach would enable to better integrate and structure the European landscape for TIs, foster capacity building across regions, and spread excellence and expertise to overcome the European innovation divide. Dedicated support and funding for network orchestration activities is needed to explore the full potential of TIs’ networks.
Leave a comment , ,

Deputy Secretary General stresses NATO will continue to increase Ukraine’s cyber defences

Agency News, Cyber Security CII sector, Industry News

Deputy Secretary General Mircea Geoană participated virtually at the Cybersec Global 2022 event. Focusing on the tensions between Russia and Ukraine during his keynote speech, the Deputy Secretary General stressed that NATO has been working with Ukraine for years to increase its cyber defences, and will continue to do so at pace.

He said: “The use of hybrid attacks against Ukraine, including cyber-attacks and disinformation, as well as the massing of advanced weapons on its borders, underlines the key role of advanced technology in modern warfare”.

The Deputy Secretary General pointed out that “China and Russia are investing heavily and deploying new technologies with little regard for human rights or international law, aggressively challenging our technological edge”. He recalled that last summer Allies had agreed a new comprehensive cyber defence policy for NATO and went on to say that “we are strengthening our cyber defences and increasing the resilience of our critical infrastructure and supply chains to reduce our vulnerabilities”.

The Deputy Secretary General also noted NATO’s leading role with regard to the new technologies, in areas such as artificial intelligence, autonomous systems, biotechnology, big data, hypersonics, quantum computing and space. He underlined that to avoid any technology gaps, “we are making sure that transatlantic innovation benefits all Allies”. Mr. Geoană emphasized that NATO’s strength comes from its unity and its ability to adapt to remain strong and “retaining our technological edge is a big part of this”, he added.

Leave a comment , , ,

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

Agency News, Cyber Security CII sector, Industry News

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of concrete actions that every organization—regardless of sector or size—can take immediately to:

- Reduce the likelihood of a damaging cyber intrusion,
- Detect a potential intrusion,
- Ensure the organization is prepared to respond if an intrusion occurs, and
- Maximize the organization’s resilience to a destructive cyber incident.

CISA urges senior leaders and network defenders to review the CISA Insights and implement the cybersecurity measures on the checklist.

Leave a comment , ,

Artificial Intelligence: How to make Machine Learning Cyber Secure

Agency News, Cyber Security CII sector, Industry News

Machine learning (ML) is currently the most developed and the most promising subfield of artificial intelligence for industrial and government infrastructures. By providing new opportunities to solve decision-making problems intelligently and automatically, artificial intelligence (AI) is applied in almost all sectors of our economy.

While the benefits of AI are significant and undeniable, the development of AI also induces new threats and challenges, identified in the ENISA AI Threat Landscape.

How to prevent machine learning cyberattacks? How to deploy controls without hampering performance? The European Union Agency for Cybersecurity answers the cybersecurity questions of machine learning in a new report recently published.

Machine learning algorithms are used to give machines the ability to learn from data in order to solve tasks without being explicitly programmed to do so. However, such algorithms need extremely large volumes of data to learn. And because they do, they can also be subjected to specific cyber threats.

The Securing Machine Learning Algorithms report presents a taxonomy of ML techniques and core functionalities. The report also includes a mapping of the threats targeting ML techniques and the vulnerabilities of ML algorithms. It provides a list of relevant security controls recommended to enhance cybersecurity in systems relying on ML techniques. One of the challenges highlighted is how to select the security controls to apply without jeopardising the expected level of performance.

The mitigation controls for ML specific attacks outlined in the report should in general be deployed during the entire lifecycle of systems and applications making use of ML.

Machine Learning Algorithms Taxonomy

Based on desk research and interviews with the experts of the ENISA AI ad-hoc working group, a total of 40 most commonly used ML algorithms were identified. The taxonomy developed is based on the analysis of such algorithms.

The non-exhaustive taxonomy devised is to support the process of identifying which specific threats target ML algorithms, what are the associated vulnerabilities and the security controls needed to address those vulnerabilities.

The EU Agency for Cybersecurity continues to play a bigger role in the assessment of Artificial Intelligence (AI) by providing key input for future policies. The Agency takes part in the open dialogue with the European Commission and EU institutions on AI cybersecurity and regulatory initiatives to this end.

Leave a comment , , ,
1 5 6 7 8 9 17