Category: Agency News

Chemical security experts call for multisector cooperation against terrorism

Agency News, Industry News, Power/Energy/Oil & Gas sector, Transport sector, Water sector

The devastating impact of chemical weapons and explosives used in acts of terrorism continues to affect civilian populations and is well known for its destructive and long-term harm.

Last year over 1,000 improvised explosive device (IED) attacks were conducted by non-state actors, injuring over 7,150 people in more than 40 countries. Many attacks come from chemicals that criminals acquired through weak points in the supply chain – from manufacturing to storage and retail– and made into weapons.

To counter this threat, some 220 chemical security practitioners from more than 70 countries met at INTERPOL’s 3rd Global Congress on Chemical Security and Emerging Threats to find ways of reducing vulnerabilities by enhancing multisector cooperation and collaboration.

With a focus on acquisition, transportation, physical and cyber security of chemical materials, the meeting highlighted a range of security issues, such as detecting cross-border movements of regulated material and implementing regulatory frameworks.

Terrorists’ misuse of e-commerce and new technologies

The Global Congress also explored ways to counter emerging threats including terrorists’ misuse of e-commerce and new technologies to acquire toxic and precursor chemicals.

Due to the substantial growth and access to the Internet in recent years, so too we have seen an increase in digital content produced and shared through platforms such as instant messaging, social networking, blogs and online portals. The misuse of technologies can be seen as a result of this rapid growth in content, and with it a rise in suspicious activities.

Law enforcement agencies provided examples of investigative techniques that could be used to identify and prosecute the illicit purchase or sale of chemicals on the Dark Net. These lessons provided delegates with solutions to address the use of sophisticated technologies for nefarious purposes.

"The concerted effort of global law enforcement, along with our partners, is key to combatting the use of explosive precursor chemicals and chemical weapons,” Mr Hinds added.

Dual-use and precursor chemicals have a wide legitimate function in the production of consumer goods such as pharmaceuticals, cleaning supplies and fertilizers. This raises significant challenges to prevent and monitor, and remains one of the inherent threats to chemical security worldwide.

INTERPOL awareness video - ‘The Watchmaker’

In this context, an INTERPOL-produced awareness video was premiered at the meeting to engage a broad spectrum of stakeholders in understanding the importance of individuals and companies to secure dangerous toxic chemicals, including equipment.

Entitled ‘The Watchmaker’, the video highlights the need for multisector cooperation to combat these threats and will be used in a series of INTERPOL capacity building workshops and other activities related to counter-terrorism and prevention.

“Multisector collaboration is essential for us to tackle the threats we face from criminals who gain access to dangerous chemicals with malevolent intentions. Morocco is committed to strengthening the engagement of these issues as part of our proactive approach to combating terrorism,” said Mr. Mohammed Dkhissi, Head of National Central Bureau, Rabat.

Other measures proposed by the Global Congress Network include:

- Advocating chemical security recommendations such as increased retail reporting on suspicious activity;
- Expanding the INTERPOL-hosted Global Knowledge Hub, which allows members to engage in interactive discussions and access good practice guidance;
- Strengthening the Global Congress Network through greater diversity of expertise and activities across regions and sectors;
- Promoting decision-making tools such as a customer database, which can flag areas of security concern.

Since its inception in 2018, the Global Congress has been jointly led by INTERPOL, the US Cybersecurity and Infrastructure Security Agency (CISA), the US Defense Threat Reduction Agency (DTRA) and the US Federal Bureau of Investigation (FBI), and implemented in cooperation with the G7 Global Partnership Against the Spread of Weapons and Materials of Mass Destruction.

Leave a comment , ,

ITU Emergency Telecom Roster helps restore connectivity after hurricane hits Nicaragua

Agency News, Industry News, Telecomms sector

A powerful tropical hurricane ripped across Nicaragua earlier this month, with torrential rains triggering life-threatening flash floods and mudslides across the Central American country.

The Category 1 storm forced 13,000 people to evacuate to shelters, according to some reports – many with only the clothes on their backs.

“The river rose one metre in ten minutes,” according to eyewitness José Domingo Enríquez of the interior town El Rama, one of the worst-affected. “It was clear the flood was coming fast, and we had to find a way to evacuate.”

Critical electricity and telecommunications services were cut shortly after the storm made landfall, leaving a million people in the dark and worried about their loved ones’ safety.

Emergency Telecom Roster deploys

To help close connectivity gaps and bolster disaster response efforts in some of the country’s hardest-hit areas, two members of ITU’s Emergency Telecommunications Roster (ETR), a group of staff volunteers from across the organization, were deployed to Nicaragua.

Their mission – the first since the roster was created – was two-fold: deliver 10 Iridium satellite phones and 10 Inmarsat Broadband Global Area Network (BGAN) terminals to help restore connectivity as soon as possible, and to provide training for local teams to use the equipment.

ITU will typically deploy equipment upon request from an ITU Member State following a natural hazard, after which the team aims to respond within 24 to 48 hours.

In Nicaragua’s case, the request came via the telecom regulator, TELCOR, and SINAPRED, the country’s national disaster management agency.

Once on the ground, roster members Mario Castro Grande and Hani Alser met with government officials to deliver the equipment, train Telcor and SINAPRED responders, and assess the damage.

According to Alser, local officials were extremely welcoming and highly appreciative of both the equipment and the expertise provided.

“Having at least one technical person and another that can communicate in the local language and knows the customs is key to a successful ETR mission,” added Castro Grande.

Beyond bringing equipment

Delivering critical emergency telecom equipment is only part of ITU’s work in this domain.

The UN agency for information and communication technologies (ICTs) also supports the development and implementation of National Emergency Telecommunication Plans (NETP) among other regulatory and legal disaster preparedness frameworks.

“Nicaragua had a draft NETP back in 2014, but apparently it was shelved,” explained Castro Grande. “Our mission also served as a timely reminder that they should look at it again, with the objective of finalizing it.”

The ITU team also urged national authorities to implement an early warning system. This was another aspect of the mission, said Castro Grande. “We offered some information on appropriate available systems for developing countries, such as cell broadcasting, and informed them on legislative models they could look at.”

The ability of cell broadcast technology to push messages without being affected by traffic load makes it useful during emergencies when data traffic spikes, and regular SMS and voice calls tend to congest mobile networks.

“About 95 per cent of the global population is covered by a broadband network, with 5.7 billion mobile subscriptions, meaning at least 70 per cent of the world is connected,” Castro Grande pointed out. “Cell broadcasting technology should be used to its fullest potential to warn people ahead of disaster.”

Earlier this year, Secretary-General Antonio Guterres announced the United Nations would “spearhead new action to ensure every person on Earth is protected by early warning systems within five years.” ITU is supporting this initiative, which is led by the World Meteorological Organization (WMO).

Leave a comment , , ,

NCSC CEO delivers international speech on securing the Internet of Things and smart cities

Agency News, Cyber Security CII sector, Industry News

The head of the UK’s National Cyber Security Centre, Lindy Cameron, has emphasised the importance of connected technologies being made secure by design in a speech at Singapore International Cyber Week.

Lindy Cameron said the growth of the Internet of Things (IoT) has brought benefits for consumers, enterprises and at a city level in connected places, but she highlighted that the associated risks must be managed now to stay ahead of cyber threats.

She outlined how the UK has developed a strong framework for managing the future security of the Internet of Things, including through new legislation, the adoption of international cyber security standards and developing ‘secure by design’ principles to help influence IoT at the design phase.

She called for swift, decisive and ongoing action to ensure connected devices are designed, built, deployed and managed with security as a first-class concern, to prevent malicious actors, improve national resilience and reap benefits of these emerging technologies

Leave a comment , ,

ESF Partners, NSA, and CISA Release Software Supply Chain Guidance for Suppliers

Agency News, Cyber Security CII sector, Industry News

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI) released Securing the Software Supply Chain: Recommended Practices Guide for Suppliers. The product is through the Enduring Security Framework (ESF) — a public-private cross-sector working group led by NSA and CISA that provides cybersecurity guidance to address high priority threats to the nation’s critical infrastructure.

In an effort to provide guidance to suppliers, ESF examined the events that led up to the SolarWinds attack, which made clear that investment was needed to create a set of industry and government evaluated best practices focusing on the needs of the software supplier.

Cyberattacks target an enterprise’s use of cyberspace to disrupt, disable, destroy, or maliciously control a computing environment or infrastructure, destroy the integrity of data, or steal controlled information. A malicious actor can take advantage of a single vulnerability in the software supply chain and have a severe negative impact on computing environments or infrastructure.

Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the supplier also holds a critical responsibility in ensuring the security and integrity of our software. After all, the software vendor is responsible for liaising between the customer and software developer. It is through this relationship that additional security features can be applied via contractual agreements, software releases and updates, notifications and mitigations of vulnerabilities.

Software suppliers will find guidance from NSA and our partners on preparing organizations by defining software security checks, protecting software, producing well-secured software, and responding to vulnerabilities on a continuous basis. Until all stakeholders seek to mitigate concerns specific to their area of responsibility, the software supply chain cycle will be vulnerable and at risk for potential compromise.

Leave a comment , , ,

NSA Releases Guidance on How to Protect Against Software Memory Safety Issues

Agency News, Cyber Security CII sector, Industry News

The National Security Agency (NSA) has published guidance to help software developers and operators prevent and mitigate software memory safety issues, which account for a large portion of exploitable vulnerabilities.

The “Software Memory Safety” Cybersecurity Information Sheet highlights how malicious cyber actors can exploit poor memory management issues to access sensitive information, promulgate unauthorized code execution, and cause other negative impacts.

“Memory management issues have been exploited for decades and are still entirely too common today,” said Neal Ziring, Cybersecurity Technical Director. “We have to consistently use memory safe languages and other protections when developing software to eliminate these weaknesses from malicious cyber actors.”

Microsoft and Google have each stated that software memory safety issues are behind around 70 percent of their vulnerabilities. Poor memory management can lead to technical issues as well, such as incorrect program results, degradation of the program’s performance over time, and program crashes.

NSA recommends that organizations use memory safe languages when possible and bolster protection through code-hardening defenses such as compiler options, tool options, and operating system configurations.

Leave a comment , ,

DOD Cybersecurity: Enhanced Attention Needed to Ensure Cyber Incidents Are Appropriately Reported and Shared

Agency News, Cyber Security CII sector, Industry News

DOD and DIB information technology systems continue to be susceptible to cyber incidents as cybersecurity threats have evolved and become more sophisticated. Federal laws and DOD guidance emphasize the importance of properly reporting and sharing cyber incident information, as both are vital to identifying system weaknesses and improving the security of the systems.

House Report 116-442 included a provision for GAO to review DOD's cyber incident management. This report examines the extent to which DOD established and implemented a process to (1) report and notify leadership of cyber incidents, (2) report and share information about cyber incidents affecting the DIB, and (3) notify affected individuals of a PII breach.

To conduct this work, GAO reviewed relevant guidance, analyzed samples of cyber incident artifacts and cyber incident reports submitted by the DIB and privacy data breaches reported by DOD, and surveyed 24 DOD cyber security service providers. In addition, GAO interviewed officials from DOD and cyber security service providers and convened two discussion groups with DIB companies.

Cyber attacks threaten national security—but hackers continue to target DOD as well as private companies and others involved in the nation's military operations.

DOD has taken steps to combat these attacks and has reduced the number of cyber incidents in recent years. But we found that DOD:
- Hasn't fully implemented its processes for managing cyber incidents
- Doesn't have complete data on cyber incidents that staff report
- Doesn't document whether it notifies individuals whose personal data is compromised in a cyber incident

What GAO Found

The Department of Defense (DOD) and our nation's defense industrial base (DIB)—which includes entities outside the federal government that provide goods or services critical to meeting U.S. military requirements—are dependent on information systems to carry out their operations. These systems continue to be the target of cyber attacks, as DOD has experienced over 12,000 cyber incidents since 2015 (see figure).To combat these incidents, DOD has established two processes for managing cyber incidents—one for all incidents and one for critical incidents. However, DOD has not fully implemented either of these processes.

Despite the reduction in the number of incidents due to DOD efforts, weaknesses in reporting these incidents remain. For example, DOD's system for reporting all incidents often contained incomplete information and DOD could not always demonstrate that they had notified appropriate leadership of relevant critical incidents. The weaknesses in the implementation of the two processes are due to DOD not assigning an organization responsible for ensuring proper incident reporting and compliance with guidance, among other reasons. Until DOD assigns such responsibility, DOD does not have assurance that its leadership has an accurate picture of the department's cybersecurity posture.

In addition, DOD has not yet decided whether DIB cyber incidents detected by cybersecurity service providers should be shared with all relevant stakeholders, according to officials. DOD guidance states that to protect the interests of national security, cyber incidents must be coordinated among and across DOD organizations and outside sources, such as DIB partners. Until DOD examines whether this information should be shared with all relevant parties, there could be lost opportunities to identify system threats and improve system weaknesses.

DOD has established a process for determining whether to notify individuals of a breach of their personally identifiable information (PII). This process includes conducting a risk assessment that considers three factors—the nature and sensitivity of the PII, likelihood of access to and use of the PII, and the type of the breach. However, DOD has not consistently documented the notifications of affected individuals, because officials said notifications are often made verbally or by email and no record is retained. Without documenting the notification, DOD cannot verify that people were informed about the breach.

GAO is making six recommendations, including that DOD assign responsibility for ensuring proper incident reporting, improve the sharing of DIB-related cyber incident information, and document when affected individuals are notified of a PII breach. DOD concurred with the recommendations.

Leave a comment , , ,

CISA Developed Cross-Sector Recommendations to Help Organizations Prioritize Cybersecurity Investments

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector

The Department of Homeland Security released the Cybersecurity Performance Goals (CPGs), voluntary practices that outline the highest-priority baseline measures businesses and critical infrastructure owners of all sizes can take to protect themselves against cyber threats. The CPGs were developed by DHS, through the Cybersecurity and Infrastructure Security Agency (CISA), at the direction of the White House. Over the past year, CISA worked with hundreds of public and private sector partners and analyzed years of data to identify the key challenges that leave our nation at unacceptable risk. By clearly outlining measurable goals based on easily understandable criteria such as cost, complexity, and impact, the CPGs were designed to be applicable to organizations of all sizes. This effort is part of the Biden-Harris Administration’s ongoing work to ensure the security of the critical infrastructure and reduce our escalating national cyber risk.

“Organizations across the country increasingly understand that cybersecurity risk is not only a fundamental business challenge but also presents a threat to our national security and economic prosperity,” said Secretary of Homeland Security Alejandro N. Mayorkas. “The new Cybersecurity Performance Goals will help organizations decide how to leverage their cybersecurity investments with confidence that the measures they take will make a material impact on protecting their business and safeguarding our country.”

CISA developed the CPGs in close partnership with the National Institute for Standards and Technology (NIST). The resulting CPGs are intended to be implemented in concert with the NIST Cybersecurity Framework. Every organization should use the NIST Cybersecurity Framework to develop a rigorous, comprehensive cybersecurity program. The CPGs prescribe an abridged subset of actions – a kind of “QuickStart guide” – for the NIST CSF to help organizations prioritize their security investments.

“To reduce risk to the infrastructure and supply chains that Americans rely on every day, we must have a set of baseline cybersecurity goals that are consistent across all critical infrastructure sectors,” said CISA Director Jen Easterly. “CISA has created such a set of cybersecurity performance goals to address medium-to-high impact cybersecurity risks to our critical infrastructure. For months, we’ve been gathering input from our partners across the public and private sectors to put together a set of concrete actions that critical infrastructure owners can take to drive down risk to their systems, networks and data. We look forward to seeing these goals implemented over the coming years and to receiving additional feedback on how we can improve future versions to most effectively reduce cybersecurity risk to our country.”

“The Biden-Harris Administration has relentlessly focused on securing our Nation’s critical infrastructure since day one,” said Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger. “CISA has demonstrated tremendous leadership in strengthening our critical infrastructure’s cyber resilience over the last year. The Cyber Performance Goals build on these efforts, by setting a higher cybersecurity standard for sectors to meet.”

“Given the myriad serious cybersecurity risks our nation faces, NIST looks forward to continuing to work with industry and government organizations to help them achieve these performance goals,” said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio. “Our priority remains bringing together the right stakeholders to further develop standards, guidelines and practices to help manage and reduce cybersecurity risk.”

In the months ahead, CISA will actively seek feedback on the CPGs from partners across the critical infrastructure community and has established a Discussions webpage to receive this input. CISA will also begin working directly with individual critical infrastructure sectors as it builds out sector-specific CPGs in the coming months.

To access these new CPGs visit CISA.gov/cpgs.

Leave a comment , , , , ,

TSA issues new cybersecurity requirements for passenger and freight railroad carriers

Agency News, Industry News, Transport sector

The Transportation Security Administration (TSA) announced a new cybersecurity security directive regulating designated passenger and freight railroad carriers. Today’s announcement demonstrates the Biden-Harris Administration’s commitment to strengthen the cybersecurity of U.S. critical infrastructure. Building on the TSA’s work to strengthen defenses in other transportation modes, this security directive will further enhance cybersecurity preparedness and resilience for the nation’s railroad operations.

Developed with extensive input from industry stakeholders and federal partners, including the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Transportation’s Federal Railroad Administration (FRA), this Enhancing Rail Cybersecurity – SD 1580/82-2022-01 strengthens cybersecurity requirements and focuses on performance-based measures to achieve critical cybersecurity outcomes.

“The nation’s railroads have a long track record of forward-looking efforts to secure their network against cyber threats and have worked hard over the past year to build additional resilience, and this directive, which is focused on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack,” said TSA Administrator David Pekoske. “We are encouraged by the significant collaboration between TSA, FRA, CISA and the railroad industry in the development of this security directive.

The security directive requires that TSA-specified passenger and freight railroad carriers take action to prevent disruption and degradation to their infrastructure to achieve the following critical security outcomes:

1. Develop network segmentation policies and controls to ensure that the Operational Technology system can continue to safely operate in the event that an Information Technology system has been compromised and vice versa;
2. Create access control measures to secure and prevent unauthorized access to critical cyber systems;
3. Build continuous monitoring and detection policies and procedures to detect cybersecurity threats and correct anomalies that affect critical cyber system operations; and
4. Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems in a timely manner using a risk-based methodology.

Passenger and freight railroad carriers are required to:

1. Establish and execute a TSA-approved Cybersecurity Implementation Plan that describes the specific cybersecurity measures the passenger and freight rail carriers are utilizing to achieve the security outcomes set forth in the security directive.
2. Establish a Cybersecurity Assessment Program to proactively test and regularly audit the effectiveness of cybersecurity measures and identify and resolve vulnerabilities within devices, networks, and systems.

This is the latest in TSA’s performance-based security directives; previous security directives include requirements such as reporting significant cybersecurity incidents to CISA, establishing a cybersecurity point of contact, developing and adopting a cybersecurity incident response plan, and completing a cybersecurity vulnerability assessment. Through this security directive, TSA continues to take steps to protect transportation infrastructure in the current threat environment. TSA also intends to begin a rulemaking process, which would establish regulatory requirements for the rail sector following a public comment period.

To view TSA’s security directives and guidance documents, please visit the TSA cybersecurity toolkit.

Leave a comment , , , ,

The importance of early warning systems in disaster risk reduction

Agency News, Industry News, Water sector

It is not enough for an early warning system to correctly identify an incoming hazard, it must also ensure that the populations and sectors that are at risk can receive the alert, understand it, and most importantly, act on it.

Disasters, increasingly frequent and intense, have become a major issue requiring urgent action. In 2021, 432 catastrophic events took place, incrementing the average of 357 annual catastrophic events recorded in 2001-2020. Only last year, 101.8 million people were affected worldwide, and the economic losses amounted to 252.1 billion US dollars.

The impacts of a disaster are often unequally distributed, affecting disproportionately the most vulnerable. These events cause a disruption in the economy and livelihoods of people, producing dramatic socio-economic downturns that hamper short-term recovery and long-term development. On this basis, the promotion of resilience to face all kinds of shocks and stresses is considered a key element for the global development agenda.

In line with this perspective, and in accordance with its mandate, the International Labour Organisation (ILO) has focused on building resilience through the promotion of employment and decent work.

In order to achieve this, the ILO works with its tripartite constituents – governments and employers’ and workers’ organizations – to develop a response to disasters that can answer immediate needs, but also deploy a long-term vision to build resilience for risk management through employment-centred measures. These include skills development, job creation through employment-intensive investments, enterprise support and business continuity management, among others.

This year, the International Day for Disaster Risk Reduction focuses on early warning systems, a fundamental element to decrease the destructive impacts of a disaster. An effective early warning is capable of saving many lives and reducing damage by 30% if activated 24 hours before the event. However, today, one-third of the world’s population, mainly in the least developed countries, is still not covered by early warning systems.

The purpose of early warning systems is mitigating the risk produced by disasters, but these risks are compounded by the socio-economic vulnerability of the population exposed to the hazards. In this context, early warning systems must be inclusive and sensitive to the different sources of vulnerability. As indicated by the United Nations Office for Disaster Risk Reduction (UNDRR) , these systems must be people-centred, end-to-end, and multi-hazard.

Early warning systems play a significant role in the world of work. By disseminating timely and accurate information regarding disaster risk, they enable preparedness action as well as a rapid response from workers, employers, and national or local authorities, and can therefore prevent human and economic losses in the workplace. For instance, farmers, pastoralists, fishers, and foresters are among the most-at-risk communities to disasters. Moreover, early warning systems can also play a crucial role in decent work, as part of the occupational health and safety standards in disaster-prone countries.

Early warning systems are essential to prepare and respond effectively in the short term, corresponding to the first stages of disaster management. Moreover, the implementation of such systems can also contribute to building resilience, as enhancing preparedness strengthens the capacity to recover rapidly, and reduces vulnerability.

Leave a comment , , , ,

Forest fires: €170 million to reinforce rescEU fleet

Agency News, Health & Social Care, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector, Water sector

Following a record-breaking forest fire season in Europe, the Commission is proposing today €170 million from the EU budget to reinforce its rescEU ground and aerial assets  starting from the summer of 2023. The rescEU transitional fleet would therefore have a total of 22 planes, 4 helicopters as well as more pre-positioned ground teams. As from 2025, the fleet would be further reinforced through an accelerated procurement of airplanes and helicopters.

Commissioner for Crisis Management Janez Lenarčič said: "Due to climate change the number of regions affected by wildfires is increasing, going beyond the traditionally affected Mediterranean countries. The last summers have clearly shown that more firefighting assets are needed at EU-level. By building up our fleet of aerial means and ground forces, the EU will be able to ensure a prompt, flexible response, including in situations where fires are burning in multiple Member States at the same time.”

Commissioner for Budget and Administration, Johannes Hahn said: “While the record-breaking forest fires this summer may have been overshadowed by other crises, today's proposal to reinforce rescEU shows that the EU budget will continue to support those in need. European solidarity across EU Member States remains strong and we are ready to support this solidarity with financial means.”

Wildfires in the EU are increasing in scope, frequency, and intensity. By 1 October, the data for 2022 reveal a 30% increase in the burnt area over the previous worst year recorded (2017) and a more than 170% increase over the average burnt area since EU-level recording started in 2006.

This season, the Emergency Response Coordination Centre  received 11 requests for assistance for forest fires. 33 planes and 8 helicopters were deployed across Europe via the EU Civil Protection Mechanism, which were joined by over 350 firefighters on the ground. In addition, the EU's emergency Copernicus satellite provided damage assessment maps of the affected areas.

Leave a comment , , ,
1 13 14 15 16 17 43