Category: Agency News

Space ISAC Announces Initial Operating Capability for Threat Information Sharing

Agency News, Industry News, Space Sector
The Space Information Sharing and Analysis Center (Space ISAC) has announced a significant milestone, declaring the organization has reached Initial Operating Capability (IOC) following the launch of Space ISAC’s member portal and threat intelligence sharing platform. This capability will serve as the first of its kind, enabling commercial industry and international space partners to share timely, actionable information about space-based threats.
This milestone event marks just over one year since Space ISAC’s board of directors and leaders from U.S. government agencies met to discuss the timeline to achieve initial operating capability.
“Achieving IOC for the Space ISAC is one of the most critical milestones toward protecting the space critical infrastructure for the global space community. This platform for information sharing will bring our community together and align our efforts to increase the security and reliability of space systems,” said Frank Backes, Senior Vice President, Kratos Federal Space and Chairman of the Board at Space ISAC.
Space ISAC has selected Cyware to host the Space ISAC portal and threat intelligence sharing platform. The platform allows Space ISAC members to share threat data securely with next-generation partnership capabilities that meet the needs of the space industry’s rapidly evolving threat environment.
“Our team at Cyware believes it is mission-critical to support and empower cybersecurity sharing communities with the tools and resources needed to collaborate and share intelligence to improve security operations and maintain resiliency,” said Anuj Goel, CEO and co-founder of Cyware. “We are impressed by Space ISAC’s dedication to improving the defense capabilities of their membership. They are consistently seeking out the best opportunities to enhance threat intelligence sharing in an integrated and collaborative manner, that reduces cyber risk across space and other key industries where intelligence is critical.”
“It’s incredibly exciting to see the introduction of such a platform where commercial industry and international space partners will soon be able to share timely information about space-based threats,” said William O. Ferguson, Cyber Security Operations Manager for founding board member SES.
Space ISAC consists of 24 members and counting from the global space community. Johns Hopkins Applied Physics Lab, a founding board member of Space ISAC, leads a Space ISAC team that vets all new members to ensure that Space ISAC maintains the highest levels of trust and integrity within its membership base.
“We are thrilled to reach this milestone, a giant step in making all of us together smarter and safer than any of us alone. I hope that many others will join us in ensuring the resilience of the global space enterprise,” said Michael Ryschkewitsch, Head, Space Sector at Johns Hopkins Applied Physics Laboratory.
Andre Adelsbach, vice president of Group Information and Cyber Security for SES, added, “At SES, we realize the importance of safeguarding current and emerging space service technology, and welcome efforts that can be developed across the industry.”
Additionally, Space ISAC’s IOC includes hosting member events and facilitating working groups and task forces. These initiatives have created opportunities for Space ISAC members and partners to develop the functions of the ISAC and raise the entire space sector’s security posture. This includes an information sharing work group, an analyst work group, and task forces dedicated to small satellites and Space Policy Directive-5.
“As an ISAC we are responsible to coordinate across the entire space sector and communicate critical information sharing far and wide and for global space to create sector-wide situational awareness,” said Erin Miller, Executive Director, Space ISAC.
Leave a comment , , ,

ENISA provide statement on Microsoft Exchange vulnerabilities

Agency News, Cyber Security CII sector, Industry News
The EU Agency for Cybersecurity (ENISA) has provided a statement with an assessment and advice on Microsoft Exchange vulnerabilities.
Microsoft released security updates for Microsoft (MS) Exchange server suite. Active exploitation has been observed on-premises running MS Exchange installations.
MS Exchange vulnerabilities once exploited may lead to network compromise, data exfiltration and ransomware attacks. Across the EU, an increasing number of MS Exchange installations have also been found to be the target of malicious attacks.
ENISA published a situation report which provides an assessment as well as advice and mitigation measures. It reports that threat has been assessed as severe and considers these types of attacks probable and of high risk.
The Agency calls on organisations using affected Microsoft Exchange versions to patch the flaws immediately and thoroughly investigate for potential signs of compromise.
At EU level, the EU CSIRTs Network and EU Cyber Crises Liaison Organisation Network (CyCLONe) are monitoring the situation and collecting information at both the technical and operational levels.
Microsoft is updating advisories and guidance while additional technical information and advice are provided by CERT-EU technical advisory.
Leave a comment , , ,

CISA Publish Ransomware Guidance and Resources

Agency News, Cyber Security CII sector, Industry News
Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.
Malicious actors continue to adjust and evolve their ransomware tactics over time, and CISA analysts remain vigilant in maintaining awareness of ransomware attacks and associated tactics, techniques, and procedures across the country and around the world: See CISA's Awareness Briefings on Combating Ransomware, Joint Ransomware Statement, and CISA Insights – Ransomware Outbreak.
Looking to learn more about this growing cyber threat? The NEW Ransomware Guide is a great place to start. The Guide, released in September 2020, represents a joint effort between CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The joint Ransomware Guide includes industry best practices and a response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans.
In January 2021, CISA unveiled the Reduce the Risk of Ransomware Campaign to raise awareness and instigate actions to combat this ongoing and evolving threat. The campaign is a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate ransomware risk.
Leave a comment , , , ,

UNISDR Report: Words into Action guideline: Man-made/technological hazards

Agency News, Industry News, Power/Energy/Oil & Gas sector, Water sector
The UNISDR has issues a report that takes a practical approach in addressing man-made and technological hazards, and builds upon previous analyses and recommendations relating to such hazards in the context of DRR.
The number and magnitude of man-made disasters worldwide have risen since the 1970s and continue to grow in both frequency and impact on human wellbeing and economies, particularly in low and middle-income countries.
Several major technological accidents and the increased number of new hazardous substances and materials have highlighted the need to tackle these hazards within the overall frame of inclusive disaster risk management. Paragraph 15 of the Sendai Framework for Disaster Risk Reduction 2015-2030 leaves no doubt about the need to address hazards comprehensively as it applies to the risk of small-scale and large-scale, frequent and infrequent, sudden and slow-onset disasters, caused by both natural and man-made hazards as well as related environmental, technological and biological hazards and risks. It aims to guide the management of disaster risk at all levels as well as within and across all sectors.
The United Nations Office for Disaster Risk Reduction (UNISDR) is the focal point of the United Nations system for disaster risk reduction and the custodian of the Sendai Framework, supporting countries and societies in its implementation, monitoring and review of progress.
In accordance with the Sendai Framework, this guide seeks to address man-made hazards by strengthening national and local disaster management plans to include these hazards and by raising awareness of their risks and impacts. Furthermore, it will be a valuable tool to support training and capacity building.
This guide provides a set of evidence-based, practical activities for implementation for chemical, industrial and transport accidents, and nuclear and radiological hazards under the Sendai Framework’s four priorities for action. The guide highlights the existing diversity of thematic frameworks, institutional and legal mechanisms at global and regional levels that are related to and used for addressing man-made hazards. It also draws attention to existing collaborations within the disaster risk reduction community and key partners.
The Guide builds on the outcomes of the Open-ended Intergovernmental Expert Working Group on Indicators and Terminology for the Sendai Framework, and the work on hazard classification and terminology related to man-made hazards.
Full guide is available here >>
Leave a comment , , ,

GAO Report: Opportunities Exist for DOE to Better Support Utilities in Improving Resilience to Hurricanes

Agency News, Industry News, Power/Energy/Oil & Gas sector
Hurricanes are a leading cause of major power outages in the U.S., impacting millions of customers in recent years. Utilities in hurricane-affected states have invested in ways to better equip their grids to withstand and rapidly recover from hurricanes. For example, some utilities have elevated equipment to protect grid infrastructure from flooding.
The Department of Energy and its National Laboratories are developing planning tools, such as metrics to track grid resilience. However, we recommended that DOE create a plan to better guide these efforts and to better inform utilities about available resources at its National Labs.
Since 2012, utilities have taken steps to improve grid resilience to severe hurricanes, such as (1) implementing storm hardening measures to enable the grid to better withstand the effects of hurricanes; (2) adopting technologies to enhance operational capacity and help quickly restore service following disruptions; and (3) participating in mutual aid programs with other utilities and training and planning exercises. For example, utilities have implemented storm hardening measures that include elevating facilities and constructing flood walls to protect against storm surges. Utilities have also adopted technologies that enhance communication capabilities and monitor systems to detect, locate, and repair sources of disruptions. However, these utilities reported challenges justifying grid resilience investments to obtain regulatory approval, and some utilities have limited resources to pursue such enhancements.
Various federal agencies can provide funding for efforts to enhance grid resilience to hurricanes, including the Department of Agriculture (USDA) and the Federal Emergency Management Agency (FEMA). However, eligibility for most federal funding for grid resilience, including some USDA and FEMA funding, is limited to publicly owned utilities and state, tribal, and local governments. The Department of Energy (DOE) does not provide direct funding for grid resilience improvements, but it has efforts under way, including through its National Laboratories, to provide technical assistance and promote research and collaboration with utilities. DOE has also initiated preliminary efforts to develop tools for resilience planning, including resilience metrics and other tools such as a framework for planning, but DOE does not have a plan to guide these efforts. Without a plan to guide DOE efforts to develop tools for resilience planning, utilities may continue to face challenges justifying resilience investments. In addition, DOE lacks a formal mechanism to inform utilities about the efforts of its National Laboratories. Such a mechanism would help utilities leverage existing resources for improving grid resilience to hurricanes.
Hurricanes pose significant threats to the electricity grid in some U.S. coastal areas and territories and are a leading cause of major power outages. In recent years, hurricanes have impacted millions of customers in these areas. Adoption of technologies and other measures could improve the resilience of the grid so that it is better able to withstand and rapidly recover from severe weather; this could help mitigate the effects of hurricanes.
This report examines (1) measures utilities in selected states have adopted to enhance grid resilience following major hurricanes since 2012 and any challenges utilities face funding such measures; and (2) federal efforts to support the adoption of measures to enhance grid resilience to hurricanes and any opportunities that exist to improve these efforts. For this report, GAO assessed agency and industry actions; reviewed relevant reports, policies, and documents; and interviewed federal, industry, and local officials.
GAO recommends that DOE (1) establish a plan to guide its efforts to develop tools for resilience planning, and (2) develop a mechanism to better inform utilities about grid resilience efforts at the National Laboratories. DOE agreed in principle with these recommendations, but its proposed actions do not fully address GAO's concerns.
Full report can be found here >>
Leave a comment , , , ,

Climate Change Is Expected to Have Far-reaching Effects and DOE and FERC Should Take Actions

Agency News, Industry News, Power/Energy/Oil & Gas sector
Climate change is expected to affect every aspect of the electricity grid—from generation, transmission, and distribution, to demand for electricity. For example, more frequent droughts and changing rainfall patterns may diminish hydroelectricity in some areas, and increasing wildfires may damage transmission lines.
We testified about how the Department of Energy and the Federal Energy Regulatory Commission could enhance grid resilience. We recommended that DOE develop a strategy for doing so and coordinate efforts within the department, and that FERC assess grid risks and plan how to promote resilience.
Climate change is expected to have far-reaching effects on the electricity grid that could cost billions and could affect every aspect of the grid from generation, transmission, and distribution to demand for electricity, according to several reports GAO reviewed. The type and extent of these effects on the grid will vary by geographic location and other factors. For example, reports GAO reviewed stated that more frequent droughts and changing rainfall patterns may adversely affect hydroelectricity generation in Alaska and the Northwest and Southwest regions of the United States. Further, transmission capacity may be reduced or distribution lines damaged during increasing wildfire activity in some regions due to warmer temperatures and drier conditions. Moreover, climate change effects on the grid could cost utilities and customers billions, including the costs of power outages and infrastructure damage.
Since 2014, the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) have taken actions to enhance the resilience of the grid. For example, in 2015, DOE established a partnership with 18 utilities to plan for climate change. In 2018, FERC collected information from grid operators on grid resilience and their risks to hazards such as extreme weather. Nevertheless, opportunities exist for DOE and FERC to take additional actions to enhance grid resilience to climate change. For example, DOE identified climate change as a risk to energy infrastructure, including the grid, but it does not have an overall strategy to guide its efforts. GAO's Disaster Resilience Framework states that federal efforts can focus on risk reduction by creating resilience goals and linking those goals to an overarching strategy. Developing and implementing a department-wide strategy that defines goals and measures progress could help prioritize DOE's climate resilience efforts to ensure that resources are targeted effectively. Regarding FERC, it has not taken steps to identify or assess climate change risks to the grid and, therefore, is not well positioned to determine the actions needed to enhance resilience. Risk management involves identifying and assessing risks to understand the likelihood of impacts and their associated consequences. By doing so, FERC could then plan and implement appropriate actions to respond to the risks and achieve its objective of promoting resilience.
According to the U.S. Global Change Research Program, changes in the earth's climate are under way and expected to increase, posing risks to the electricity grid that may affect the nation's economic and national security. Annual costs of weather-related power outages total billions of dollars and may increase with climate change, although resilience investments could help address potential effects, according to the research program. Private companies own most of the electricity grid, but the federal government plays a significant role in promoting grid resilience—the ability to adapt to changing conditions; withstand potentially disruptive events; and, if disrupted, to rapidly recover. DOE, the lead agency for grid resilience efforts, conducts research and provides information and technical assistance to industry. FERC reviews mandatory grid reliability standards.
This testimony summarizes GAO's report on grid resilience to climate change. Specifically, the testimony discusses (1) potential climate change effects on the electricity grid; and (2) actions DOE and FERC have taken since 2014 to enhance electricity grid resilience to climate change effects, and additional actions these agencies could take. GAO reviewed reports and interviewed agency officials and 55 relevant stakeholders.
Leave a comment , , ,

DOE Announces $30 Million for Quantum Information Science to Tackle Emerging 21st Century Challenges

Agency News, Industry News, Power/Energy/Oil & Gas sector
The U.S. Department of Energy (DOE) announced plans to provide $30 million for Quantum Information Science (QIS) research that helps scientists understand how nature works on an extremely small scale—100,000 times smaller than the diameter of a human hair. QIS can help our nation solve some of the most pressing and complex challenges of the 21st century, from climate change to national security. Watch this video to learn more about QIS.
“Quantum computing and devices are poised to revolutionize the way we process information and develop new technologies that are currently beyond our reach,” said Secretary of Energy Jennifer M. Granholm. “From developing novel materials to building better batteries to moving clean electricity across the country more efficiently, the field of quantum information sciences can help us accelerate discoveries to solve complex problems in energy and beyond.”
QIS helps researchers discover new ways to measure, analyze, process, and communicate information. Potential applications for this work range from quantum computers to enable complex power forecasting to prevent outages during extreme weather events, to quantum devices to enable new smart windows, clothes, and buildings that can change their properties on demand.
“Quantum information sciences have become essential tools for our National Labs to take on the challenges of the modern world,” said Senator Ben Ray Luján. “This strong investment in the Department’s NSRCs will support their cutting-edge discoveries and strengthen America’s competitiveness in this emerging field. The Nation’s future is inextricably tied to the future of our National Labs, and I will keep working to ensure that they receive the necessary resources to support their invaluable work.”
“The U.S. is a world leader in high-tech innovation and jobs. This investment will help ensure we continue to build on our record of achieving advancements in quantum computing research and development and the high-paying jobs it creates,” said Senator Steve Daines.
DOE's “Quantum Information Science and Research Infrastructure” $30 million funding opportunity is focused on developing advanced capabilities for synthesizing, constructing, and understanding quantum structures and phenomena, as well as making these capabilities available to the greater scientific community via access to DOE’s five Nanoscale Science Research Centers (NSRCs).
The five NSRCs were established by DOE's Basic Energy Sciences (BES) program in the Office of Science, and provide access to leading-edge synthesis, characterization, computational tools, and scientific expertise. Their research supports DOE's mission to advance the energy, economic, and national security of the United States.
All five NSRCs will be selected based on peer review, and eligible to lead applications for awards of up to three years. DOE’s Office of Basic Energy Sciences, which is funding the effort, envisions awards both for single NSRCs and NSRCs working in partnerships or teams.
Leave a comment , ,

New Major Interventions to Block Encrypted Communications of Criminal Networks

Agency News, Cyber Security CII sector, Industry News
Judicial and law enforcement authorities in Belgium, France and the Netherlands have in close cooperation enabled major interventions to block the further use of encrypted communications by large-scale organised crime groups (OCGs), with the support of Europol and Eurojust. The continuous monitoring of the illegal Sky ECC communication service tool by investigators in the three countries involved has provided invaluable insights into hundreds of millions of messages exchanged between criminals. This has resulted in the collection of crucial information on over a hundred of planned large-scale criminal operations, preventing potential life threatening situations and possible victims.
During an action day, a large number of arrests were made, as well as numerous house searches and seizures in Belgium and the Netherlands.  The operation is an essential part of the continuous effort of judiciary and law enforcement in the EU and third countries to disrupt the illegal use of encrypted communications, as was already displayed last year following the successful de-encryption of the EncroChat communication platform.
As of mid-February, authorities have been able to monitor the information flow of approximately 70 000 users of Sky ECC. Many users of EncroChat changed over to the popular Sky ECC platform, after EncroChat was unveiled in 2020.
By successfully unlocking the encryption of Sky ECC, the information acquired will provide insights into criminal  activities in various EU Member States and beyond and will assist in expanding investigations and solving serious and cross-border organised crime for the coming months, possibly years.
Law enforcement in all three countries has been on a continuous stand by during the last month to be able to provide rapid reactions to possible dangerous criminal activities when required. The newly acquired information will now be analysed further
Investigations into the tool started in Belgium, after mobile phones seized during searches showed the use of Sky ECC  by suspects. Worldwide, approximately 170 000 individuals use the tool, which has its own infrastructure and applications and is operated from the United States and Canada, using computer servers based in  Europe. On a global scale, around three million messages are being exchanged each day via Sky ECC. Over 20 percent of the users are based in Belgium and the Netherlands.
Europol has and will continue to provide the authorities of Belgium, Netherlands and other affected countries with tactical, technical and financial support and will be dealing with this important flow of information on criminal activities in order to prevent threats to life and major crimes.
Eurojust has provided advice and support regarding cross-border judicial cooperation and organised 12 coordination meetings to enable this collaboration. The Agency will continue to provide this support and stands ready for further advice and cross-border operational financial support to all Member States and countries involved, to ensure an adequate cross-border judicial cooperation.
Leave a comment , , , ,

CISA Announce Transfer of .gov Top-Level Dommain from US General Services Administration

Agency News, Cyber Security CII sector, Industry News
The Cybersecurity and Infrastructure Security Agency (CISA) announced it will begin overseeing the .gov top-level domain (TLD) in April 2021. CISA is working closely with the U.S. General Services Administration, who currently oversees the TLD, to ensure a seamless transition of daily operations for .gov customers.
“Using .gov and increasing trust that government communications are authentic will improve our collective cybersecurity,” said Eric Goldstein, Executive Assistant Director for CISA’s Cybersecurity Division. “People see a .gov website or email address and know they are interacting with an official, U.S.-based government organization. Using .gov also provides security benefits, like two-factor authentication on the .gov registrar and notifications of DNS changes to administrators, over other TLDs. We’ll endeavor to make the TLD more secure for the American public and harder for malicious actors to impersonate.”
.gov is one of the six original TLDs in the internet’s domain name system (DNS). The TLD is actively used by each branch of the federal government, every state in the nation, hundreds of counties and cities, and many tribes and territories as they serve the public on the internet. The DOTGOV Act of 2020 shifted responsibility for managing .gov to CISA as the nation’s civilian cybersecurity agency.
Because the TLD is central to the availability and integrity of thousands of online services relied upon by millions of users, .gov is critical infrastructure for governments throughout the country and all aspects of its administration have cybersecurity significance. Under the actions required by the Act, CISA will work to increase security and decrease complexity for our government partners.
Leave a comment , ,

Joint NSA and CISA Guidance on Strengthening Cyber Defense Through Protective DNS

Agency News, Cyber Security CII sector, Industry News
The National Security Agency (NSA) and CISA have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS) service as a key defense against malicious cyber activity. Protective DNS can greatly reduce the effectiveness of ransomware, phishing, botnet, and malware campaigns by blocking known-malicious domains. Additionally organizations can use DNS query logs for incident response and threat hunting activities.
CISA encourages users and administrators to consider the benefits of using a protective DNS service and review NSA and CISA’s CSI sheet on Selecting a Protective DNS Service for more information.
Protecting users’ DNS queries is a key defense because cyber threat actors use domain names across the network exploitation lifecycle: users frequently mistype domain names while attempting to navigate to a known-good website and unintentionally go to a malicious one instead (T1583.001); threat actors lace phishing emails with malicious links (T1566.002); a compromised device may seek commands from a remote command and control server (TA0011); a threat actor may exfiltrate data from a compromised device to a remote host (TA0010).1 The domain names associated with malicious content are often known or knowable, and preventing their resolution protects individual users and the enterprise.
Due to the centrality of DNS for cybersecurity, the Department of Defense (DoD) included DNS filtering as a requirement in its Cybersecurity Maturity Model Certification (CMMC) standard (SC.3.192). The Cybersecurity and Infrastructure Security Agency issued a memo and directive requiring U.S. government organizations to take steps to mitigate related DNS issues. Additionally, the National Security Agency has published guidance documents on defending DNS [1, 2, 3].
This guidance outlines the benefits and risks of using a protective DNS service and assesses several commercial PDNS providers based on reported capabilities. The assessment is meant to serve as information for organizations, not as recommendations for provider selection. Users of these services must evaluate their architectures and specific needs when choosing a service for PDNS and then validate that a provider meets those needs.
Leave a comment , , ,
1 32 33 34 35 36 44