Category: Organisation Types

Organisation Types for membership

COVID-19 pandemic highlights submarine cables as critical infrastructure

Industry News, Telecomms sector

“Submarine cables are crucial infrastructure and have been vital in helping us get through this pandemic together,” said Keith Schofield, General Manager, International Cable Protection Committee.

For many years now, the submarine cable industry has been at the heart of international connectivity, providing data avenues that span continents and unrivalled capacity. Despite this, the industry’s fundamental contribution to the telecoms sphere is often overlooked.

But now, during the coronavirus pandemic, the critical nature of the subsea cable industry has come to the fore, proving once and for all that they are undeniably critical infrastructure all over the world. But responding to the demands of the crisis has not been easy.

[Source: Total Telecom]
Leave a comment

Nigeria declares telecoms facilities critical national Infrastructure

Industry News, Telecomms sector

In response to the yearnings of industry stakeholders to declare telecom facilities Critical National Infrastructure, President Muhammadu Buhari, has finally approved and also directed that necessary physical protective measures be put in place to safeguard telecommunications infrastructure deployed across the country.

This followed a proposal by the Minister of Communications and Digital Economy, Dr. Ibrahim Pantami, to the President to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

Recall that telecom operators and industry players had over the years been consistent in their demand for the Federal government to declare all telecoms facilities across the country critical national infrastructure but their request was never heeded to, leading to frequent vandalization of telecoms infrastructure in various parts of the country.

The Nigerian telecommunications industry, depends on a number of infrastructure that play a critical role in the smooth delivery of telecoms services.

These are part of Critical National Infrastructure (CNI) because of the important role they play, in ensuring security and in the delivery of other essential services.

As part of the policy of the Federal Government of Nigeria, the Minister of the Federal Ministry of Communications and Digital Economy, Dr Isa Ali Ibrahim Pantami, decided to champion the efforts to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

With the presidential directive, the Minister said the Office of the National Security Adviser (ONSA), Defence Headquarters (DHQ), Nigeria Police Force (NPF), Department of State Security Services (DSS) and the Nigeria Security and Civil Defence Corps (NSCDC), have been notified of Mr President’s directive and are expected to enforce same as directed.

While, appreciating the security institutions, and commending them for their commitment in securing these infrastructure, he noted that the ministry are also working towards the reinforcement of the directives through appropriate regulatory instruments.

“The implementation of the National Broadband Plan (NBP) and the implementation of the National Digital Economy Policy and Strategy, both unveiled by Mr. President, have repositioned the ICT sector.

“This is evident by the recent ‘Nigeria’s Gross Domestic Product Report’ released by the National Bureau of Statistics (NBS) which showed that the ICT sector contributed an unprecedented 14.07% to the total real GDP in the first quarter of 2020.

“The Minister is truly grateful for the timely approval of President Muhammadu Buhari, and we are confident that this will address the challenge of vandalism of our Critical National Infrastructure.

“It will also go a long way in supporting the implementation of the National Broadband Plan (2020-2025),” the Minister said.

He however, urged the Mobile Network Operators (MNOs) to ensure that they further reduce the price of data and calls for citizens to reciprocate the government gesture.

He also advised them to submit a comprehensive list of their facility locations all over the country.

[Source: Today Nigeria]
Leave a comment

National Grid Welcomed to European CNI Forum

Industry News, Power/Energy/Oil & Gas sector

The European Network for Cyber Security (ENCS) has welcomed National Grid as its first UK member, saying the UK’s transmission system operator (TSO) is among Europe’s “most sophisticated” in terms of cybersecurity posture, and its membership will boost knowledge sharing.

The ENCS is a member-led organisation that works to boost the security of EU energy grids and infrastructure in the face of hyperactive probing by bad actors, and, arguably, distinctly half-baked regulation that fails to penalise manufacturers for insecure components.

Among other efforts, ENCS has baked security requirement guidance into procurement cycles across its membership base and developed testing capabilities to risk-assess things like smart metres; this has now expanded to other areas of the grid, like distribution automation and other tools.

Paul Lee, an engineering manager for cyber and control systems at National Grid said in a statement shared by ENCS: “We have robust cybersecurity measures in place across all our operational infrastructure and IT to protect against cyber threats, but our membership will help us to benefit from ENCS knowledge base as we share information with other members, contributing to increased protection across all critical infrastructure”.

ENCS’s MD Nijk said, “Grid infrastructure has evolved with dramatic speed. Partnering with domain operators to build an expert pool is vital to our members need to be fast and effective [in building up their security] instead of waiting for regulations”.

“National Grid already ranks among the most sophisticated TSOs in terms of cyber security, and by joining ENCS, it demonstrates its commitment to that improving even further” he said in a canned statement.

[Source: Computer Business Review]
Leave a comment

Red Cross Calls for Halt to Cyberattacks on Healthcare Infrastructure

Health & Social Care, Industry News

The Red Cross has called on hackers and scammers to end their cyber-attacks on health facilities in a letter published.

The letter, also signed by a group of political and business figures, said that attacks endanger human lives, particularly during the Covid-19 pandemic, and governments should take more “immediate and decisive action” to stop them.

Brad Smith, President of Microsoft, and former US Secretary of State Madeleine Albright, are among the 42 co-signers of the letter, which was initiated by the CyberPeace Institute.

In the letter, Peter Maurer, president of the International Committee of the Red Cross, said: “We are hoping that the world’s governments will step up to affirm their commitments to the international rules that prohibit such actions.”

The calls come after an increase in cyber-attacks on critical infrastructure and healthcare facilities during the Covid-19 pandemic, with hackers and scammers eyeing an opportunity to take advantage of a complicated situation.

In April, Interpol warned that cybercriminals have been increasing attacks on healthcare systems, increasing ransomware attacks to hold hospitals to ransom during the spread of Covid-19, despite the work these facilities carry out to save lives.

Interpol Secretary-General, Jürgen Stock, commented: “As hospitals and medical organisations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients

“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, but it could also directly lead to deaths.

“Interpol continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable.”

Leave a comment

Only 36% of critical infrastructures have a high level of cyber resilience

Cyber Security CII sector, Industry News

Greenbone Networks revealed the findings of a research assessing critical infrastructure providers’ ability to operate during or in the wake of a cyberattack.

The research investigated the cyber resilience of organizations operating in the energy, finance, health, telecommunications, transport and water industries, located in the world’s five largest economies: UK, US, Germany, France and Japan. Of the 370 companies surveyed, only 36 percent had achieved a high level of cyber resilience.

To benchmark the cyber resilience of these critical infrastructures, the researchers assessed a number of criteria. These included their ability to manage a major cyberattack, their ability to mitigate the impact of an attack, whether they had the necessary skills to recover after an incident, as well as their best practices, policies and corporate culture.

Infrastructure providers in the US were the most likely to score highly, with 50 percent of companies considered highly resilient. In Europe, the figure was lower at 36 percent. In Japan, is was just 22 percent.

Read more >>

[Source: HelpNetSecurity]

Leave a comment

Statement from Attorney General William P. Barr Regarding the U.S. Department of State Global CTO Roundtable on 5G Integrated and Open Networks

Industry News, Telecomms sector

Attorney General Barr issued the following statement:

“The United States and our partners are in an urgent race against the People’s Republic of China (PRC) to develop and build 5G infrastructure around the world.  Our national security and the flourishing of our liberal democratic values here and around the world depend on our winning it.  Future 5G networks will be a critical piece of global infrastructure, the central nervous system of the global economy.  Unfortunately, the PRC is well on its way to seizing a decisive 5G advantage.  If the PRC wins the 5G race, the geopolitical, economic, and national security consequences will be staggering.

The PRC knows this, which explains why it is using every lever of power to expand its 5G market share around the globe.  The community of free and democratic nations must do the same.

To compete and win against the PRC juggernaut, the United States and its partners must work closely with trusted vendors to pursue practical and realistic strategies that can turn the tide now.  Although the ‘Open RAN’ approach is not a solution to our immediate problem, the concept of Integrated and Open Networks (ION), which was the topic of yesterday’s roundtable, holds promise and should be explored.  We can win the race, but we must act now.”

Leave a comment

Model Of Critical Infrastructures Reveals Vulnerabilities

Industry News, Transport sector

An interdisciplinary team of Kansas State University researchers developed a computer simulation that revealed beef supply chain vulnerabilities that need safeguarding — a realistic concern during the COVID-19 pandemic.

Caterina Scoglio, professor, and Qihui Yang, doctoral student, both in electrical and computer engineering, recently published “Developing an agent-based model to simulate the beef cattle production and transportation in southwest Kansas” in Physica A, an Elsevier journal publication.

The paper describes a model of the beef production system and the transportation industry, which are interdependent critical infrastructures — similar to the electrical grid and computer technology. According to the model, disruptions in the cattle industry — especially in the beef packing plants — will affect the transportation industry and together cause great economic harm. The disruptions modeled in the simulation share similarities with how the packing plants have been affected during the COVID-19 pandemic.

“When we first started working on this project, there was a lot of emphasis on studying critical infrastructures; especially ones that are interdependent, meaning that they need to work together with other critical infrastructures,” Scoglio said. “The idea is if there is a failure in one of the systems, it can propagate to the other system, increasing the catastrophic effects.”

Full story at Eurasia Review - https://www.eurasiareview.com/18052020-model-of-critical-infrastructures-reveals-vulnerabilities/

Leave a comment

UK and US Security Agencies Issue COVID-19 Cyber Threat Update

Cyber Security CII sector, Industry News

A growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain, security officials in the UK and USA have revealed.

A joint advisory published today (April 8, 2020) by the UK’s National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) shows that cyber criminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware.

Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic.

Elsewhere the agencies have detected cyber criminals scanning for vulnerabilities in software and remote working tools as more people work from home during the pandemic.
As well as alerting people to the threat, the advisory directs them to the support available to counter it. This includes the NCSC’s guidance on dealing with suspicious emails and on working from home securely.

Paul Chichester, Director of Operations at the NCSC, said:
“Malicious cyber actors are adjusting their tactics to exploit the COVID-19 pandemic, and the NCSC is working round the clock with its partners to respond.
“Our advice to the public and organizations is to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites.”

As the risk advisor for the USA, CISA is helping organizations take a comprehensive approach to maintain a heightened level of security. This includes a CISA Insights on risk management for Novel Coronavirus, as well as guidance for individuals and business on defending against COVID-19 scams and securing enterprise Virtual Private Networks.

Bryan Ware, CISA Assistant Director for Cybersecurity, said:
“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond.

“We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats.”

To date the agencies are not seeing overall levels of cyber crime increase, but they are seeing a growing use of COVID-19 related themes by malicious cyber actors.
The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.

Phishing attempts often come from what appears to be a trustworthy sender, such as the ‘World Health Organization’, or with a subject line such as “2019-nCov: Coronavirus outbreak in your city (Emergency)”.

The NCSC and the CISA have also observed criminals scanning for known vulnerabilities in remote working tools and software, which is evidence that they are looking to take advantage of the increase in people working from home. This includes exploitation of the increased use of video conferencing software, such as Microsoft Teams, where phishing emails with attachment names such as ‘zoom-us-zoom_##########.exe’ and ‘microsoft-teams_V#mu#D_##########.exe’ aim to trick users into downloading malicious files.

It is expected that the frequency and severity of COVID-19 related cyber attacks will increase over the coming weeks and months.

You can read the full assessment here, which includes indicators of compromise (IOCs) for detection, and guidance for organizations and individuals on how to decrease the risk of cyber attacks.

Refer to trusted resources such as coronavirus.gov or the HHS website for official information about the coronavirus.

Additional Information
• APT groups conduct sophisticated attacks which typically aim to compromise an organization either through espionage or sabotage, but which aim to remain undetected for a long period of time.
• The Cybersecurity and Infrastructure Security Agency (CISA) is the nation’s risk advisor. We connect our partners in industry and government to improve the nation’s cyber and infrastructure security.
• Our mission is to lead the national effort to understand and advise on cyber and physical risks to our critical infrastructure.
• CISA’s goal is to be the “front door” to the government on issues related to cybersecurity and critical infrastructure protection.

Leave a comment
1 46 47 48