Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector
The Biden Administration continues to take steps to safeguard U.S. critical infrastructure from growing, persistent, and sophisticated cyber threats. Recent high-profile attacks on critical infrastructure around the world, including the ransomware attacks on the Colonial Pipeline and JBS Foods in the United States, demonstrate that significant cyber vulnerabilities exist across U.S. critical infrastructure, which is largely owned and operated by the private sector.
Currently, federal cybersecurity regulation in the United States is sectoral. It has a patchwork of sector-specific statutes that have been adopted piecemeal, as data security threats in particular sectors have gained public attention. Given the evolving threat faced today, it must consider new approaches, both voluntary and mandatory. It is critical infrastructure owners and operators responsibility to follow voluntary guidance as well as mandatory requirements in order to ensure that the critical services the American people rely on are protected from cyber threats.
President Biden has signed a National Security Memorandum (NSM) on “Improving Cybersecurity for Critical Infrastructure Control Systems,” which addresses cybersecurity for critical infrastructure and implements long overdue efforts to meet the threats. The NSM:
- Directs the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST), in collaboration with other agencies, to develop cybersecurity performance goals for critical infrastructure.
- Formally establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative. The ICS initiative is a voluntary, collaborative effort between the federal government and the critical infrastructure community to facilitate the deployment of technology and systems that provide threat visibility, indicators, detections, and warnings.
Leave a comment , , ,

TSA Takes Steps to Address Some Pipeline Security Program Weaknesses

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector
The nation's pipelines are vulnerable to cyber-based attacks due to increased reliance on computerized systems. In May 2021 malicious cyber actors deployed ransomware against Colonial Pipeline's business systems. The company subsequently disconnected certain systems that monitor and control physical pipeline functions so that they would not be compromised.
Protecting the nation's pipeline systems from security threats is a responsibility shared by both the Transportation Security Administration (TSA) and private industry stakeholders. Prior to issuing a cybersecurity directive in May 2021, TSA's efforts included issuing voluntary security guidelines and security reviews of privately owned and operated pipelines. GAO reports in 2018 and 2019 identified some weaknesses in the agency's oversight and guidance, and made 15 recommendations to address these weaknesses. TSA concurred with GAO's recommendations and has addressed most of them, such as clarifying portions of its Pipeline Security Guidelines improving its monitoring of security review performance, and assessing staffing needs.
As of June 2021, TSA had not fully addressed two pipeline cybersecurity-related weaknesses that GAO previously identified. These weaknesses correspond to three of the 15 recommendations from GAO's 2018 and 2019 reports.
Incomplete information for pipeline risk assessments. GAO identified factors that likely limit the usefulness of TSA's risk assessment methodology for prioritizing pipeline security reviews. For example, TSA's risk assessment did not include information consistent with critical infrastructure risk mitigation, such as information on natural hazards and cybersecurity risks. GAO recommended that TSA develop data sources relevant to pipeline threats, vulnerabilities, and consequences of disruptions. As of June 2021, TSA had not fully addressed this recommendation.
Aged protocols for responding to pipeline security incidents. GAO reported in June 2019 that TSA had not revised its 2010 Pipeline Security and Incident Recovery Protocol Plan to reflect changes in pipeline security threats, including those related to cybersecurity. GAO recommended that TSA periodically review, and update its 2010 plan. TSA has begun taking action in response to this recommendation, but has not fully addressed it, as of June 2021.
TSA's May 2021 cybersecurity directive requires that certain pipeline owner/operators assess whether their current operations are consistent with TSA's Guidelines on cybersecurity, identify any gaps and remediation measures, and report the results to TSA and others. TSA's July 2021 cybersecurity directive mandates that certain pipeline owner/operators implement cybersecurity mitigation measures; develop a Cybersecurity Contingency Response Plan in the event of an incident; and undergo an annual cybersecurity architecture design review, among other things. These recent security directives are important requirements for pipeline owner/operators because TSA's Guidelines do not include key mitigation strategies for owner/operators to reference when reviewing their cyber assets. TSA officials told GAO that a timely update to address current cyber threats is appropriate and that they anticipate updating the Guidelines over the next year.
Leave a comment , , , ,

NSA, CISA, and FBI detail Chinese State-Sponsored Actions, Mitigations

Agency News, Cyber Security CII sector, Industry News
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory, Chinese State-Sponsored Cyber Operations: Observed TTPs. This advisory describes over 50 tactics, techniques, and procedures (TTPs) Chinese state-sponsored cyber actors used when targeting U.S. and allied networks, and details mitigations.
Chinese state-sponsored cyber activity poses a major threat to U.S. and allied systems. These actors aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data. These cyber operations support China’s long-term economic and military objectives.
One significant tactic detailed in the advisory includes the exploitation of public vulnerabilities within days of their public disclosure, often in major applications, such as Pulse Secure, Apache, F5 Big-IP, and Microsoft products. This advisory provides specific mitigations for detailed tactics and techniques aligned to the recently released, NSA-funded MITRE D3FEND framework.
General mitigations outlined include: prompt patching; enhanced monitoring of network traffic, email, and endpoint systems; and the use of protection capabilities, such as an antivirus and strong authentication, to stop malicious activity.
Leave a comment , , , , ,

New ITU standards project to define a sustainability passport for digital products

Agency News, Cyber Security CII sector, Industry News
A new ITU standard is under development to describe the information that a sustainability passport for digital products should contain to support consumers, industry and government in applying the principles of circular economy.
The project is underway in ITU’s standardization expert group for ‘environment and circular economy’, ITU-T Study Group 5.
Circular economy can be described as extending a product’s lifespan over multiple lifecycles or increasing the value delivered by a product over its lifespan. Supporting the shift towards circular economy is a key priority for ITU-T Study Group 5, with e-waste now the world’s fastest-growing waste stream.
Experts see considerable potential for a sustainability passport to provide an instrument to help manage e-waste in a sustainable way, on a global scale – e-waste often crosses borders, and often to developing countries ill-equipped to manage a growing e-waste burden.
Our national passports describe our attributes at birth but also record where we have travelled. Should a sustainability passport for digital products be the same?
“Digital products have one set of attributes at manufacture, but these attributes can change over time as products are upgraded, recycled or resold,” highlights the standard’s Editor and Co-Rapporteur for the responsible working group (Q7/5), Leandro Navarro of Spain’s Colegio Oficial Ingenieros de Telecomunicación.
The new standard aims to define the requirements and semantics necessary to represent information relevant to circular product lifecycles. Its development will consider the inclusion of information available at the time of manufacture as well as dynamic information representing changes to product attributes over product lifecycles.
“We need verifiable data to support us in assessing the extent to which we are achieving principles of circular economy and our ambition to achieve net zero emissions,” explains Leandro. “There is currently no international agreement on the product information required to facilitate and achieve circularity in the digital technology industry.”
Clarifying the necessary information could help to put theory into practice, highlights Leandro, making an example of ITU L.1023, an international standard outlining an assessment method for circular scoring.
“Verifiable, machine-readable information could enable automatic comparisons of product attributes relevant to circularity,” says Leandro. "And with the required degree of interoperability, all stakeholders and systems could make use of this information."
Leave a comment , ,

Agencies Should Strengthen Collaborative Mechanisms and Processes to Address Potential Interference

Agency News, Industry News, Telecomms sector
In the U.S., the FCC and the National Telecommunications and Information Administration regulate radio-frequency spectrum use to ensure enough is available for 5G networks, satellites, etc. when there could be interference, FCC and NTIA coordinate with other federal agencies via interagency agreements and groups.
To address potential interference among proposed uses of spectrum, these agencies employ various coordination mechanisms. For domestic matters, the agencies coordinate through an NTIA-led committee that provides input to FCC’s spectrum proceedings. For U.S. participation in the International Telecommunication Union’s (ITU) World Radiocommunication Conferences (WRC), agencies coordinate via a preparatory committee that provides input used to develop U.S. positions that the Department of State submits to a regional body or directly to the WRC.
These mechanisms reflect some key collaboration practices but do not fully reflect others. For example, while the documents that guide coordination between FCC and NTIA and the preparatory committee emphasize reaching consensus whenever possible, there are no clearly defined and agreed-upon processes for resolving matters when agencies cannot do so. Additionally, neither document has been updated in almost 20 years, though agency officials said conditions regarding spectrum management activities have changed in that time. GAO’s review of U.S. participation in ITU’s 2019 WRC shows that these issues affected collaboration. For example, disputes among the agencies and the inability to reach agreement on U.S. technical contributions challenged the U.S.’s ability to present an agreed-upon basis for decisions or a unified position.
NOAA and NASA conduct and FCC and NTIA review technical interference studies on a case-by-case basis. When originating from ITU activities, the agencies conduct or review technical interference studies through participation in international technical meetings and the preparatory committee process. However, the lack of consensus on study design and, within the U.S. process, specific procedures to guide the design of these types of studies, hampered U.S. efforts to prepare for the 2019 WRC. For example, the U.S. did not submit its studies on certain key issues to the final technical meeting, resulting in some stakeholders questioning whether the corresponding U.S. positions were technically rooted. Agreed-upon procedures could help guide U.S. efforts to design these studies and consider tradeoffs between what is desirable versus practical, to mitigate the possibility of protracted disagreements in the future.
Leave a comment , , , , , ,

Summer of extremes: floods, heat and fire

Industry News, Water sector
Heavy rainfall has triggered devastating flooding causing dozens of casualties in Western Europe. Parts of Scandinavia are enduring a lasting heatwave, and smoke plumes from Siberia have affected air quality across the international dateline in Alaska. The unprecedented heat in Western North America has also triggered devastating wildfires.
"Whilst rapid attribution studies have shown the clear link between human-induced climate change for the unprecedented heatwave episodes recorded in the Western United States and Canada, weather patterns over the whole northern Hemisphere have shown an unusual planetary wavy patterns in this summer. This has brought unprecedented heat, droughts, cold and wet conditions in various places. The connection of this large-scale disturbance of summer season with the warming of Arctic and the heat accumulation in the ocean needs to be investigated," said Dr Omar Baddour, head of WMO Climate Monitoring and Policy Division.
European Floods
Some parts of Western Europe received up to 2 months worth of rainfall in 2 days on soils that were already near saturation. The top 1 meter of soil was completely saturated or well above field capacity after the intense rain in the most affected regions of Belgium, Netherlands, Luxembourg and Germany.
In terms of the human toll, Germany and Belgium were the worst hit countries by the floods in Europe. Authorities reported at least one hundred people were killed, with many more missing as people were trapped or swept away by waters. Images of collapsed houses and landlides showed the force of the waters.
Heatwaves
While Central Europe suffered deadly floods, Northern Europe has been gripped by an extended heatwave
Finland had its warmest June on record, according to FMI. And the heat has extended into July. Kouvola Anjala, which is in southern Finland, has seen 27 consecutive days with temperatures above 25°C. This is the longest heatwave in Finland since at least 1961.
Western USA and Canada has also been gripped by heat, with many records broken in the most recent heatwave last weekend in SW USA. eg Las Vegas tied its all-time record of 117°F (47.2°C), as did Utah.
Death Valley, California had reported temperature of 130°F (54.4°C) 9 July, according to the US National Weather Service in Las Vegas. WMO is ready to verify new extreme temperatures We are currently evaluating 130°F reading in Aug 2020 at Death Valley, which holds world highest temperature record.
The megadrought conditions, very dry fuels and heatwaves are fuelling the occurrence of extreme wildfires this year in west USA, as well as western and central Canada.
Climate Change attribution
Climate change is already increasing the frequency of extreme weather events, and many single events have been shown to have been made worse by global warming.
The record-breaking heatwave in parts of the US and Canada at the end of June would have been virtually impossible without the influence of human-caused climate change, according to a rapid attribution analysis by an international team of leading climate scientists. Climate change, caused by greenhouse gas emissions, made the heatwave at least 150 times more likely to happen.
As the atmosphere gets warmer it holds more moisture which means it will rain more during storms, increasing the risk of floods.
The study, published in the journal Climatic Change, found that the higher the level of global warming, the projected increase in frequency or severity or both will be stronger for hot weather, droughts and flooding in the UK. These high-impact weather events can cause significant disruption across the UK affecting sectors such as health, transport, agriculture and energy.
IPCC Special Report Global Warming of 1.5°C mentions that human-induced global warming has already caused multiple observed changes in the climate system. Trends in intensity and frequency of some climate and weather extremes have been detected over time spans during which about 0.5°C of global warming occurred. Changes include increases in both land and ocean temperatures, as well as more frequent heatwaves in most land regions. Further, there is substantial evidence that human-induced global warming has led to an increase in the frequency, intensity and/or amount of heavy precipitation events at the global scale.
Several regional changes in climate are assessed to occur even with global warming up to 1.5°C as compared to pre-industrial levels, including warming of extreme temperatures in many regions, increases in frequency, intensity and/or amount of heavy precipitation in several regions.
Leave a comment , ,

Digital solutions enhance seafarer safety

Agency News, Industry News, Transport sector
From time immemorial, seafarers and ships have provided vital links to keep the world connected.
Even today, as digital transformation brings far-flung communities together amid the COVID-19 pandemic, maritime trade and transport remain central elements in global connectivity.
Seafarers and their demanding missions, meanwhile, are changing with the times.
Connecting mariners to the rest of the world and providing them with the best technologies and services to keep them safe at sea is of utmost importance.
Connected seafarers
More and more connected ships mean increasingly huge amounts of data. Most importantly, we must ensure that nobody is left behind. In the maritime sector, this means helping seafarers understand the latest information and communication technologies (ICTs) well enough to extract real value from the resulting data.
Gathering and analyzing data in intelligent ways makes all of us in the maritime business more effective in our missions. I have seen firsthand how ICT adoption can help to build a safer and fairer work environment for seafarers, address global environmental concerns including warming oceans, biodiversity loss and rising sea levels, and, of course, optimize maritime fleet performance.
To take one example, key shipboard data can be transmitted securely thanks to emerging technologies like distributed ledgers.
At the same time, access to satellite data while at sea has never been easier. Seafarers can capture deep insights through a new-generation interface with their equipment. Ultimately, satellite-based meteorology has vastly improved our knowledge of the seas.
For those in peril
Safety has always been priority number one for seafarers. Yet the perils of the harsh maritime working environment are never far away. ICT uptake and standardization have greatly improved seafarer safety in recent years, with the International Telecommunication Union (ITU) making vital contributions in this regard.
Take, for example, the Global Maritime Distress and Safety System (GMDSS), the internationally agreed set of safety procedures, frequencies, types of equipment, and communication protocols developed by ITU and the International Maritime Organization (IMO). GMDSS has been saving lives for over 30 years now. It came as an especially welcome innovation back in 1988.
Today, ITU’s Maritime Manual, List IV (List of Coast Stations and Special Service Stations) and List V (List of Ship Stations and Maritime Mobile Service Identity Assignments) remain highly reliable sources of industry information. They equip our seafaring colleagues to anticipate navigational concerns and ultimately help bring ships and crews home safe and sound.
After many years of travelling the oceans, I appreciate the value of practical tech of seaborne users. My wish to leverage digital solutions and design user-first services is what led me to the next stage of my career. Now, at Opsealog, my mission is to provide crews and shore staff with dedicated tools and accurate advice for the best use of resources.
Evolving technologies, meanwhile, keep unlocking new possibilities. I can’t wait to help create the next generation digital tools for our beautiful maritime industry.
[source: ITU]
Leave a comment ,

New StopRansomware.gov website launched

Agency News, Cyber Security CII sector, Industry News
The U.S. Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts. We encourage organizations to use this new website to understand the threat of ransomware, mitigate risk, and in the event of an attack, know what steps to take next.
The StopRansomware.gov webpage is an interagency resource that provides our partners and stakeholders with ransomware protection, detection, and response guidance that they can use on a single website. This includes ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners.
Leave a comment , , ,

Storms and Record Rainfall in Western Europe Disrupts CI

Industry News, Power/Energy/Oil & Gas sector, Water sector
Record rainfall has caused swollen rivers to burst their banks and wash away homes and other buildings in western Europe – leading to more than 190 fatalities and over 1000 people missing. The floods have affected several river basins, first in the United Kingdom and later across northern and central Europe including Austria, Belgium, Germany, Luxembourg, the Netherlands, Switzerland and Italy.
The German states of Rhineland-Palatinate and North Rhine-Westphalia were among the worst hit by the torrential rainfall, with water levels rising in the Rhine River, as well as the Walloon Region in Belgium. The storms and high waters have also battered neighbouring Switzerland, the Netherlands and Luxembourg.
Data from the Copernicus Sentinel-1 mission are being used to map flooded areas to help relief efforts. The mission has been supplying imagery through the Copernicus Emergency Mapping Service to aid relief efforts. The devastating floods has triggered four activations in the Copernicus Emergency Mapping Service, in Western Germany, Belgium, Switzerland and the Netherlands.
The service uses observations from multiple satellites to provide on-demand mapping to help civil protection authorities and the international humanitarian community in the face of major emergencies.
Westnetz, Germany's biggest power distribution grid, stated that 200,000 properties in the North Rhine-Westphalia and Rhineland-Palatinate regions were without power and that it would be impossible to repair substations until roads were cleared.
Leave a comment , ,

CISA’s CSET Tool Sets Sights on Ransomware Threat

Agency News, Cyber Security CII sector, Industry News

CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform a comprehensive evaluation of their cybersecurity posture using many recognized government and industry standards and recommendations.

The RRA is a self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident. CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity. The RRA:

  • Helps organizations evaluate their cybersecurity posture, with respect to ransomware, against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner.
  • Guides asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat.
  • Provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.

CISA strongly encourages all organizations to take the CSET Ransomware Readiness Assessment

Leave a comment , , ,
1 26 27 28 29 30 55