Category: Agency News

CISA, NCSC-UK and Partners Release Cybersecurity Advisory on Chinese Government-Linked Covert Networks

Agency News, Cyber Security CII sector, Industry News
CISA and the United Kingdom’s National Cyber Security Centre, in collaboration with other federal and international partners, have released a cybersecurity advisory, Defending Against China-nexus Covert Networks of Compromised Devices, providing network defenders with vital tools and resources to combat the threat posed by Chinese government-linked threat actors’ use of covert networks of compromised devices.
The advisory outlines tactics, techniques, and procedures associated with Chinese government-linked covert networks built from compromised small-office-home-office routers, Internet of Things, and smart devices. It explains how threat actors leveraging these covert networks, including those previously tied to groups such as Volt Typhoon and Flax Typhoon, use large scale botnet infrastructure to obscure attribution and enable reconnaissance, intrusion, command-and-control, and data exfiltration.
The advisory provides tailored defensive guidance for cyber defenders to identify, baseline, and mitigate activity originating from dynamic, deniable covert networks to reduce the risk of organizational compromise.
CISA and partners recommend the following steps to protect against this threat:
• Map and understand network edge devices, developing a clear understanding of organizational assets and what should be connected to them.
• Baseline normal connections, especially to corporate VPNs or other similar devices.
• Maintain log collection and storage solutions to assist with detecting and responding to unauthorized access attempts.
• Implement multifactor authentication for remote connections.
For more information on Chinese government-linked threat actor activity, please visit CISA's China Threat Overview and Advisories page.
Leave a comment

Ukraine's experience in critical infrastructure protection is increasingly shaping European thinking on resilience and preparedness

Agency News, Industry News
As part of the celebration of the first anniversary of the presentation of the EU Preparedness Union Strategy by the European Union, an EU conference on emergency preparedness, organized by the EU in Emergencies initiative, was held in Brussels (Kingdom of Belgium). The event became a platform for discussing achievements during the year of implementation of the Preparedness Strategy, as well as for exchanging experiences and discussing future challenges.
Vasyl Ananyev, a specialist in the Department of Critical Infrastructure Protection of the State Special Communications Administration, spoke during a session of experts on civil-military cooperation about the role of critical infrastructure protection in ensuring Ukraine's resilience.
“Resilience must be implemented at all levels, and a culture of preparedness should be strengthened in all our societies. The discussion clearly demonstrated that Ukraine’s experience is not only about the resilience of our nation — it is increasingly shaping the European approach to preparedness and resilience,” the State Special Communications Service specialist concluded.
Vasyl Ananyev thanked EU in Emergencies for its continued support for Ukraine and the opportunity to present our country’s experience in protecting critical infrastructure in the face of full-scale war and continuous air strikes on civilian infrastructure.
The two-day conference in Brussels on the occasion of the first anniversary of the EU Preparedness Strategy brought together government representatives, civil protection experts, military, private sector leaders and partners from across Europe. The participants of the event paid special attention to the lessons learned from Russia's military aggression against Ukraine, and also summed up the annual results of the implementation of the Union's Readiness Strategy.
Recall that in March last year, the European Union presented the EU Readiness Strategy, which contains plans for preventing and responding to new threats and challenges in the world.
[source: Vasyl Ananyev, News OKI Defense]
Leave a comment

OSCE promotes marine transport security and relevant Convention implementation

Agency News, Industry News, Transport sector
The OSCE Programme Office in Astana co-organized a practical seminar on inspection of higher educational institutions and maritime training centres of Kazakhstan in co-operation with the Committee of Railway and Water Transport of the Ministry of Transport and with the support of the Kazakhstan Maritime Academy of the Kazakh-British Technical University. The main goal of the seminar was to strengthen oversight of inspection and accreditation of higher educational institutions and maritime training centres in Kazakhstan, in line with the International Convention on Standards of Training, Certification, and Watchkeeping for Seafarers (STCW).
Maritime safety begins long before a vessel leaves port, it starts in the classroom, where future seafarers are trained to meet international standards. The STCW sets globally accepted minimum standards for the training, certification, and competence of seafarers, ensuring that ships are operated safely worldwide. Before STCW, standards varied widely between countries, creating risks to maritime safety and uneven levels of crew competence. The Convention also plays a key role in protecting the marine environment, as competent seafarers are better equipped to prevent pollution and respond effectively to environmental emergencies.
The seminar focused on the strict STCW requirements governing seafarer training, including curriculum development, teaching methodologies, assessment processes, and institutional facilities. Participants gained a comprehensive understanding of how inspections are conducted, the methodologies used for evaluation, and the specific criteria applied during accreditation.
Through in-depth discussions and practical guidance delivered by an international expert, the seminar helped to identify areas for improvement and support the Ministry’s efforts to modernize and adapt its national framework, where needed. This initiative represents an important step toward modernizing national inspection systems, strengthening compliance with international standards, and enhancing maritime safety and environmental protection.
Leave a comment

OSCE and Kazakhstan Strengthen Co-operation on Emergency Management and Disaster Risk Reduction

Agency News, Industry News
The Head of the OSCE Programme Office in Astana, Ambassador Alexey Rogov, met with Deputy Minister for Emergency Situations, Batyrbek Abdyshev, at the Ministry's Crisis Management Center to review joint achievements and chart future co-operation in disaster risk reduction and emergency response.
The discussions highlighted the tangible results of the partnership between the OSCE Programme Office in Astana and the Ministry for Emergency Situations. Through the partnership, two critical digital tools have been successfully implemented: the Digital Safety Passport and Interactive Maps sub-systems. These innovations have been integrated into the Ministry's geographic information system (GIS ES), substantially enhancing the country's capacity to forecast and monitor emergency situations.
Deputy Minister Abdyshev congratulated Ambassador Rogov on his recent appointment and expressed appreciation for the Office’s continued support. He emphasized that initiatives on future co-operation are discussed on working and higher levels, and highly relevant to the Ministry’s strategic priorities, particularly noting strong interest in the planned capacity-building seminars on satellite imagery interpretation and the programme to certify Caspian Sea divers according to international standards.
During discussions, the Ministry shared insights into its expanding operational capabilities, including conducting an average of eight drone operations daily – the highest volume among all State agencies, and provided practical examples of their use in rescue and monitoring scenarios as well as the integrated use of Artificial Intelligence. The Ministry’s technical expertise in unmanned aerial systems has positioned it as a resource for other government bodies requiring complex drone-assisted operations.
The sides also addressed emerging security challenges linked to climate change, with the Ministry actively monitoring global patterns in the frequency and intensity of natural disasters.
Ambassador Rogov noted that the partnership demonstrates how international co-operation can deliver practical tools that enhance public safety and strengthen institutional capacity in emergency management. He reaffirmed the OSCE's commitment to supporting Kazakhstan's efforts to further modernize its civil protection systems and build resilience against emerging challenges.
Looking ahead, both sides outlined priority areas for future co-operation in the coming years, including automated monitoring systems for natural hazards, research on glacial and landslide-dammed lakes, seismic hazard assessment, and detailed seismic zoning maps. These priorities will form the basis of a multi-year co-operation framework to be developed in the coming period.
The Office will continue implementation of planned activities, including upcoming capacity-building seminars and technical assistance programmes.
The initiatives, implemented in close co-operation with the Ministry for Emergency Situations, underscore Kazakhstan’s commitment to strengthening its emergency management systems and demonstrates the country's dedication to adopting innovative digital solutions and international good practices in civil protection and disaster risk reduction.
Leave a comment

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

Agency News, Cyber Security CII sector, Industry News
In December 2025, a malicious cyber actor(s) targeted and compromised operational technology (OT) and industrial control systems (ICS) in Poland’s Energy Sector—specifically renewable energy plants, a combined heat and power plant, and a manufacturing sector company—in a cyber incident. The malicious cyber activity highlights the need for critical infrastructure entities with vulnerable edge devices to act now to strengthen their cybersecurity posture against cyber threat activities targeting OT and ICS.
A malicious cyber actor(s) gained initial access in this incident through vulnerable internet-facing edge devices, subsequently deploying wiper malware and causing damage to remote terminal units (RTUs). The malicious cyber activity caused loss of view and control between facilities and distribution system operators, destroyed data on human machine interfaces (HMIs), and corrupted system firmware on OT devices. While the affected renewable energy systems continued production, the system operator could not control or monitor them according to their intended design.
CERT Polska’s incident report highlights:
- Vulnerable edge devices remain a prime target for threat actors.
  - As indicated by CISA’s Binding Operational Directive (BOD) 26-02: Mitigating Risk From End-of-Support Edge Devices, end-of-support edge devices pose significant risks.
- OT devices without firmware verification can be permanently damaged.
  - Operators should prioritize updates that allow firmware verification when available; if updates are not immediately feasible, ensure that cyber incident response plans account for inoperative OT devices to mitigate prolonged outages.
- Threat actors leveraged default credentials, a vulnerability not limited to specific vendors, to pivot onto the HMI and RTUs.
  - Operators should immediately change default passwords and establish requirements for integrators or OT suppliers to enforce password changes in the future.
CISA and the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (DOE CESER) urge OT asset owners and operators to review the following resources for more information about the malicious activity and mitigations:
- CERT Polska’s Energy Sector Incident Report - 29 December 2025.
- CISA’s joint fact sheet with FBI, EPA, and DOE Primary Mitigations to Reduce Cyber Threats to Operational Technology.
- DOE’s Energy Threat Analysis Center’s threat advisories.
Leave a comment

€113 million in EU funding allocated to strengthen the resilience of Baltic and Polish electricity grids

Agency News, Industry News, Power/Energy/Oil & Gas sector
The European Commission has allocated €113 million in funding from Connecting Europe Facility (CEF) for critical Synchronisation infrastructure protection implemented by the transmission system operators of Lithuania, Estonia, Latvia and Poland. The implementation of wider range of projects aimed at ensuring energy security against potential cyber and physical threats began on February 9 last year, following the successful synchronization of the Baltic States with the Continental European electricity network.
“Having successfully completed the synchronization project, the Baltic States and Poland continue to invest in energy independence and security. We are grateful to the European Commission for supporting our ambition to make the Baltic Sea region a model for strengthening the security and resilience of critical energy infrastructure across Europe. This funding is the result of our consistent efforts and sets a new precedent, as until now the European Union had no dedicated financing for the protection of critical energy infrastructure. By consistently applying the lessons learned from Ukrainian energy specialists, we are expanding the scope of protection for our critical energy infrastructure projects. We plan to apply for further funding for resilience projects and are actively working to ensure that a long-term EU-level instrument for financing critical energy infrastructure protection is established,” – said Žygimantas Vaičiūnas, Minister of Energy of the Republic of Lithuania.
The protection of critical energy infrastructure is being financed on the EU level for the first time. These possibilities have been empowered due to the implementation of the synchronization project by the Baltic States and Poland. Lithuania together with Estonia, Latvia and Poland is targeting the long-term legal and financial instruments for the financing of the critical energy infrastructure within the EU. Currently the legal instruments are under review, it is expected and the efforts are pursued the initiative to be properly aligned also during the negotiations of Multiannual Financial Framework for 2028-2034.
“We launched the resilience programme just over a year ago, and we have already made significant progress in many areas: we have procured and are installing drone neutralization solutions, implemented initial protection measures for substation equipment, designed and prepared to build physical barriers – materials for which were tested at Lithuanian Armed Forces training grounds – and introduced measures to ensure rapid restoration of damaged infrastructure. We continue to raise the level of cybersecurity. By sharing information and insights with partners in the Baltic States and Poland, working with universities and security experts, and learning from Ukraine’s experience, we are constantly looking for ways to supplement and improve existing solutions,” said Litgrid CEO Rokas Masiulis.
The critical infrastructure protection projects implemented by the Baltic and Polish transmission system operators – Litgrid, AST, Elering, and PSE – as part of the Baltic synchronization effort will be financed through the Connecting Europe Facility (CEF).
The projects will receive up to the maximum possible co financing rate of 50% of eligible costs. Funding for projects in Lithuania amounts to €22 million.
Litgrid’s energy infrastructure resilience programme includes strengthening the physical protection of critical facilities, establishing emergency and crisis reserves for transmission network equipment, installing electronic security systems, deploying unmanned aerial vehicle detection and neutralization systems, enhancing perimeter protection, and preparing to operate under critical conditions.
Litgrid is implementing 13 projects under the resilience programme, comprising more than 150 measures deployed across various transmission network facilities. The programme is continuously reviewed based on threat assessments and new technological solutions.
On February 8, 2025, the Baltic States disconnected from the Russia controlled IPS/UPS electricity system, and on February 9 successfully synchronized their electricity systems with the Continental European synchronous area. Synchronization with Continental Europe enables the Baltic States to operate their electricity systems in close cooperation with other Continental European countries, ensuring stable and reliable frequency regulation, thereby strengthening energy independence and enhancing energy security across the region. The Baltic States joined the Continental European network, which serves more than 400 million consumers in 26 countries.
Leave a comment

Draft NIST Guidelines Rethink Cybersecurity for the AI Era

Agency News, Cyber Security CII sector, Industry News
Artificial intelligence (AI) is impacting many organizations’ activities, and cybersecurity is no exception. For anyone interested in the opportunities and risks at the intersection of cybersecurity and AI, the National Institute of Standards and Technology (NIST) has released a preliminary draft of its Cyber AI Profile.
The publication, whose full title is the Cybersecurity Framework Profile for Artificial Intelligence (NISTIR 8596), offers guidelines for using the NIST Cybersecurity Framework (CSF 2.0) to accelerate the secure adoption of AI. The profile helps organizations think about how to strategically adopt AI while addressing emerging cybersecurity risks that stem from AI’s rapid advance.
“Regardless of where organizations are on their AI journey, they need cybersecurity strategies that acknowledge the realities of AI’s advancement,” said Barbara Cuthill, one of the profile’s authors.
The draft resulted from a yearlong effort on the part of NIST cybersecurity and AI experts. Over that time, more than 6,500 individuals have joined the community of interest to contribute to NIST’s development of the profile. After releasing an initial concept paper in February 2025, conducting a workshop the following April, and hosting a series of community of interest meetings in the summer, NIST is now releasing the preliminary draft of the profile for a 45-day public comment period.
The Cyber AI Profile centers on three focus areas:
- Securing AI systems: identifying cybersecurity challenges when integrating AI into organizational ecosystems and infrastructure
- Conducting AI-enabled cyber defense: identifying opportunities to use AI to enhance cybersecurity, and understanding challenges when leveraging AI to support defensive operations
- Thwarting AI-enabled cyberattacks: building resilience to protect against new AI-enabled threats
“The three focus areas reflect the fact that AI is entering organizations’ awareness in different ways,” Cuthill said. “But ultimately every organization will have to deal with all three.”
The Cyber AI Profile can help organizations use the CSF to crystallize their cybersecurity goals with respect to AI and CSF 2.0. The profile offers insights to help organizations understand, examine and address the cybersecurity concerns related to AI and thoughtfully integrate AI into their cybersecurity strategies.
NIST uses the term “community profile” to describe the application of CSF 2.0 to address shared interests and goals among organizations. The Cyber AI Profile joins other community profiles that NIST has created for the manufacturing, financial and telecommunications communities, among others.
The preliminary draft release is intended to seek feedback from the public to inform an initial public draft, which Cuthill says will further refine the profile and include mapping of additional relevant resources to the CSF. Following the 45-day comment period, NIST plans to develop the initial public draft for release in 2026.
When finalized, the profile will help organizations incorporate AI into their cybersecurity planning by suggesting key actions to prioritize, highlighting special considerations from specific parts of the CSF when considering AI, and providing mappings to other NIST resources, including the AI Risk Management Framework.
Cuthill said the authors hope to continue developing the profile as a tool that will prove useful to the community.
“The Cyber AI Profile is all about enabling organizations to gain confidence on their AI journey,” she said. “We hope it will help them feel equipped to have conversations about how their cybersecurity environment will change with AI and to augment what they are already doing with their cybersecurity programs.”
Leave a comment

NIST Launches Centers for AI in Manufacturing and Critical Infrastructure

Agency News, Cyber Security CII sector, Industry News
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intelligence (AI). Through this award, NIST is investing $20 million to establish two centers to advance the delivery of AI-based technology solutions to strengthen U.S. manufacturing and cybersecurity for critical infrastructure.
“This investment will help accelerate the application of AI in American manufacturing and help drive the American manufacturing renaissance,” said Deputy Secretary of Commerce Paul Dabbar. “We can harness AI to increase the competitiveness of our manufacturers and attract investment in America.”
The award is an important step in implementing NIST’s Strategy for American Technology Leadership in the 21st Century to accelerate the progress of critical and emerging technologies from development to adoption, in close partnership with U.S. industry.
“Our goal is to remove barriers to American AI innovation and accelerate the application of our AI technologies around the world,” said Acting Under Secretary of Commerce for Standards and Technology and Acting NIST Director Craig Burkhardt. “This new agreement with MITRE will focus on enhancing the ability of U.S. companies to make high-value products more efficiently, meet market demands domestically and internationally, and catalyze discovery and commercialization of new technologies and devices.”
The AI Economic Security Center for U.S. Manufacturing Productivity and the AI Economic Security Center to Secure U.S. Critical Infrastructure from Cyberthreats will drive the development and adoption of AI-driven tools, or “agents,” in these two national priority areas. The centers will develop the technology evaluations and advancements that are necessary to effectively protect U.S. dominance in AI innovation, address threats from adversaries’ use of AI, and reduce risks from reliance on insecure AI.
NIST will rely on existing resources to build on its expertise and carry forward recommendations in the White House’s July 2025 America’s AI Action Plan, including Pillar I: Accelerate AI Innovation and Pillar II: Build American AI Infrastructure.
These are important first steps in NIST’s programmatic plan to coordinate innovation-based research efforts for accelerating the development and deployment of critical technologies in areas of national priority. Building on its long history of public-private collaboration, NIST plans to use adaptive and flexible partnerships to develop, pilot and implement new advances to establish U.S. leadership and innovation in critical and emerging technologies such as AI, quantum information science and technology, and biotechnology.
The partnership will leverage MITRE’s long-standing mission to operate federally funded research and development centers. NIST expects the AI centers to enable breakthroughs in applied science and advanced technology and deliver disruptive innovative solutions to tackle the most pressing challenges facing the nation.
This agreement expands NIST’s portfolio of AI-focused programs and builds on the private-public partnerships leveraged by the Center for AI Standards and Innovation (CAISI), which leads evaluations of U.S. and adversary systems and contributes to NIST’s efforts to develop best practices. CAISI has established voluntary agreements with multiple developers of leading-edge or “frontier” AI models to enable collaborative research and voluntary testing of industry models for priority national security capabilities.
In the coming months, NIST plans to announce its award for the AI for Resilient Manufacturing Institute, through the Manufacturing USA program. With up to $70 million in investment over a five-year period from NIST and at least that much in nonfederal funding, the institute will bring together expertise in AI, manufacturing and supply chain networks to promote manufacturing resilience.
Combined, these efforts will enhance NIST’s core research, standards and technology mission to tackle barriers preventing U.S. innovation and leadership in AI.
Leave a comment

NSA Releases First in Series of Zero Trust Implementation Guidelines

Agency News, Cyber Security CII sector, Industry News
The National Security Agency (NSA) is releasing the first two products in a series of Zero Trust Implementation Guidelines (ZIGs) to provide practical, actionable recommendations to facilitate the implementation of Zero Trust (ZT).
This series of reports outlines the steps to implement the technologies and processes that support achieving the Target-level ZT Capabilities, Activities, and Expected Outcomes described in the Department of War (DoW) CIO ZT Framework.
The Primer and Discovery Phase are the gateway to ZT implementation, providing guidance and direction to ensure organizations are fully equipped to digest and implement the Phase 1 and Phase 2 ZIGs upon their release.
The Primer outlines the strategy and principles used to develop the ZIGs and provides a holistic approach to maximizing the usage of the series. Notably, the ZIGs are designed to be modular, allowing organizations at different levels of ZT maturity to select and implement the capabilities most relevant to the needs of their environment.
The Discovery Phase is intended to help organizations establish foundational visibility and understand the critical data, applications, assets, and services, as well as access and authorization activity existing within the architecture. The goal of this initial phase is to enable informed prioritization and planning by creating a reliable baseline that supports effective ZT implementation.
System owners, cybersecurity professionals, and stakeholders should review these foundational guidelines to gain a deeper understanding of ZT activities and their organization’s operational landscape in preparation for the release of the Phase 1 and Phase 2 ZIGs.
Leave a comment

New report explores use of robotics and unmanned systems in the fight against crime

Agency News, Industry News, Transport sector
Europol has published The Unmanned Future(s): The Impact of Robotics and Unmanned Systems on Law Enforcement. The report, produced by the Europol Innovation Lab, provides an in-depth analysis of how unmanned systems could change society, crime and law enforcement, and discusses the challenges and opportunities they present.
The report underscores the rapid advancement and integration of unmanned systems in various sectors, including law enforcement. As these technologies become more sophisticated and widespread, they offer new opportunities for law enforcement operations and operational support. However, they also introduce new security threats – such as misuse by criminal and terrorist groups – and regulatory challenges that law enforcement agencies must address to ensure public safety and maintain trust.
"The integration of unmanned systems into crime is already here, and we have to ask ourselves how criminals and terrorists might use drones and robots some years from now. Just as the internet and smartphones presented significant opportunities as well as challenges, so will this technology. Our new report by Europol’s Innovation Lab explores the future operating environment for European law enforcement agencies and suggests actions needed today in order to effectively combat crime while upholding public trust and fundamental rights tomorrow." said Catherine De Bolle,Europol Executive Director.
One chapter of the report highlights the role of war as a driver for innovation in unmanned systems. Recent conflicts, such as the ongoing Russian war of aggression against Ukraine, have accelerated the development and deployment of advanced unmanned systems. The lessons learnt from these conflicts are invaluable for law enforcement agencies in Europe as they prepare for the future operating environment.
Some of the key topics covered in the report include:
Increasing use of unmanned systems
Unmanned systems are becoming increasingly useful, affordable and widely available, with applications in both public and private sectors. Law enforcement agencies across Europe are scaling up adoption of such systems, including drones and robots, to enhance situational awareness, improve safety and extend operational reach. These systems are employed for a range of tasks, such as monitoring, crime scene mapping, search and rescue operations, and the disposal of explosive ordnance, among others. Converging technologies present a significant opportunity for a breakthrough in the capabilities of unmanned systems.
Technical and regulatory challenges
The report highlights significant technical limitations and regulatory gaps that hinder the effective use of unmanned systems in law enforcement. Issues such as limited autonomy, dependence on industrial suppliers and the lack of clear guidelines for autonomous operations pose substantial challenges.
Security threats
Criminal and terrorist groups are rapidly adopting unmanned systems for illicit activities. The report warns of the potential for these systems to be used for criminal surveillance, smuggling and even attacks. The increasing accessibility and versatility of drones, in particular, present serious security concerns.
Public trust and regulation
Public trust is crucial for the legitimacy of law enforcement capabilities. The report emphasises the need for transparency, accountability and public engagement in the deployment of unmanned systems. Current regulations, while advancing, still have gaps, particularly in addressing non-compliant or criminal use.
Future operating environment
The future of law enforcement will require policing in a three-dimensional space, as unmanned systems operate in the air and on the ground, as well as on and under water. This shift will necessitate new strategies, technologies and training for law enforcement agencies.
Recommendations
The report provides a set of recommendations for European law enforcement agencies, including the development of a strategic direction, the establishment of a competency hub and the integration of unmanned systems into existing information systems. It also calls for investments in training, education and public trust-building initiatives.
The report is available for download on the Europol website and includes detailed insights, case studies and recommendations for law enforcement agencies, policymakers and other stakeholders.
Leave a comment
1 2 3 46