GNSS Firewall Software to Strengthen Global Navigation Satellite System (GNSS) Protection

Industry News, Power/Energy/Oil & Gas sector

Critical infrastructure systems including power utilities, financial services, mobile networks and transportation rely on Global Positioning System (GPS)-delivered timing to ensure ongoing operations. Microchip Technology Inc. (Nasdaq: MCHP) today announced the release of a major software update for its BlueSky™ GNSS Firewall product, providing a higher level of resiliency against GPS vulnerabilities for systems dependent on GPS signal reception.

Microchip's BlueSky GNSS Firewall Software Release 2.0 performs real-time analysis to detect jamming and spoofing for protecting reception of the GPS signal and hardening response and recovery to avoid signal disruption. BlueSky GNSS Firewall Software Release 2.0 includes charting and advanced threshold settings of Global Navigation Satellite System (GNSS) observables such as satellites-in-view, carrier-to-noise, position dispersion, phase time deviation and radio frequency (RF) power level to simplify system turn-up and deployment.

BlueSky GNSS Firewall Software Release 2.0 includes improvements developed by Microchip as a result of participation in an industry live-sky testing event hosted by the U.S. Department of Homeland Security (DHS) Science and Technology Directorate and open to all providers. Microchip's participation in the DHS-hosted GPS Testing for Critical Infrastructure (GET-CI) events, with scenarios including spoofed signals, has helped the company to identify new solutions to prevent signal disruptions. As a result of 2019 live-sky testing and other input, Microchip developed the Blue Sky GNSS Firewall Software Release 2.0 to address operators' evolving requirements.

Leave a comment

Critical Infrastructure Protection Market Size to Surpass US$ 132750 million By 2025

Industry News

The global Critical Infrastructure Protection market size is expected to gain market growth in the forecast period of 2020 to 2025, with a CAGR of 5.3% in the forecast period of 2020 to 2025 and will expected to reach USD 132750 million by 2025, from USD 108100 million in 2019.

Growth forecast report " Critical Infrastructure Protection Market size by Product Type (Security technologies and Services), By Application (Risk management services, Consulting services, Managed services and Maintenance and support services), By Region Outlook (North America, Europe, Asia-Pacific, South America & Middle East and Africa), Top Manufacturer, Growth Potential, Price Trends, Competitive Market Share & Forecast 2020-2025 added by Market Study Report LLC.

The Critical Infrastructure Protection market stands tall as one of the most proactive industry verticals, as claimed by a new research report. This research study forecasts this space to accrue substantial proceeds by the end of the projected period, aided by a plethora of driving forces that will fuel the industry trends over the forecast duration. A gist of these driving factors, in tandem with myriad other dynamics pertaining to the Critical Infrastructure Protection market, such as the risks that are prevalent across this industry as well as the growth opportunities existing in Critical Infrastructure Protection market, have also been outlined in the report.

Leave a comment

Australia targeted of 'sophisticated state-sponsored' cyber attack

Cyber Security CII sector, Industry News

Scott Morrison, the country's prime minister, says the attacks have targeted all levels of the government - as well as political organisations, essential service providers and operators of other critical infrastructure.

"We know it is a sophisticated state-sponsored cyber actor because of the scale and nature of the targeting," he said at a news conference.

Mr Morrison has stopped short of naming the country responsible for this "malicious" activity, but warned: "There are not a large number of state-based actors that can engage in this type of activity."

This has been interpreted as a coded reference to China, which the Australian government reportedly suspects of being behind the attacks.

An advisory note posted on the government’s Australian Cyber Security Centre website describes the attack as a “cyber campaign targeting Australian networks”.

The advisory says the attackers are primarily using “remote code execution vulnerability” to target Australian networks and systems. Remote code execution is a common type of cyber attack in which an attacker attempts to insert their own software codes into a vulnerable system such as a server or database.

The attackers would not only try to steal information but also attempt to run malicious codes that could damage or disable the systems under attack.

Detecting this is hard, and would require advanced defensive measures such as penetration testing, in which trained security professionals known as “ethical hackers” try to hack into a system in an attempt to find potential vulnerabilities.

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks

Overview
This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Cyber Security Centre’s (ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.

Campaign summary
The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor.

The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of proof-of-concept exploit code, web shells and other tools copied almost identically from open source.

The actor has been identified leveraging a number of initial access vectors, with the most prevalent being the exploitation of public-facing infrastructure — primarily through the use of remote code execution vulnerability in unpatched versions of Telerik UI. Other vulnerabilities in public-facing infrastructure leveraged by the actor include exploitation of a deserialisation vulnerability in Microsoft Internet Information Services (IIS), a 2019 SharePoint vulnerability and the 2019 Citrix vulnerability.

The actor has shown the capability to quickly leverage public exploit proof-of-concepts to target networks of interest and regularly conducts reconnaissance of target networks looking for vulnerable services, potentially maintaining a list of public-facing services to quickly target following future vulnerability releases. The actor has also shown an aptitude for identifying development, test and orphaned services that are not well known or maintained by victim organisations.

When the exploitation of public-facing infrastructure did not succeed, the ACSC has identified the actor utilising various spearphishing techniques. This spearphishing has taken the form of:

  • links to credential harvesting websites
  • emails with links to malicious files, or with the malicious file directly attached
  • links prompting users to grant Office 365 OAuth tokens to the actor
  • use of email tracking services to identify the email opening and lure click-through events.

Once initial access is achieved, the actor utilised a mixture of open source and custom tools to persist on, and interact with, the victim network. Although tools are placed on the network, the actor migrates to legitimate remote accesses using stolen credentials. To successfully respond to a related compromise, all accesses must be identified and removed.

In interacting with victim networks, the actor was identified making use of compromised legitimate Australian web sites as command and control servers. Primarily, the command and control was conducted using web shells and HTTP/HTTPS traffic. This technique rendered geo-blocking ineffective and added legitimacy to malicious network traffic during investigations.

During its investigations, the ACSC identified no intent by the actor to carry out any disruptive or destructive activities within victim environments.

Leave a comment , ,

EU grants €38 million for protection of critical infrastructure against cyber threats

Agency News

The Commission announced today that it is committing more than €38 million, through Horizon 2020, the EU's research and innovation programme, to support several innovative projects in the field of protection of critical infrastructure against cyber and physical threats and making cities smarter and safer.

Mariya Gabriel, Commissioner for Innovation, Research, Culture, Education and Youth, said, "Over the past years we have offered our support to research and innovation actions in the area of cybersecurity that contribute to better protecting key infrastructure and the people living in European smart cities. I am pleased that today we are able to offer yet another significant amount of funding through Horizon 2020 towards security, privacy and threat mitigating solutions.”

Thierry Breton, Commissioner for Internal Market, added, "Securing network and information systems and enhancing cyber resilience are key for shaping Europe's digital future. As we are faced with a diverse array of cybersecurity threats, the EU is taking concrete measures to protect critical infrastructures, cities and citizens. More investments at EU and national level in innovative cybersecurity technologies and solutions are of paramount importance to strengthen EU's resilience to cyberattacks.

Three projects (SAFETY4RAILS, 7SHIELD and ENSURESEC) will work to improve prevention, detection, response and mitigation of cyber and physical threatsfor metro and railway networks, ground space infrastructure and satellites, as well as e-commerce and delivery services. Two additional projects (IMPETUS and S4ALLCITIES) aim at enhancing the resilience of cities' infrastructures and services and protecting citizens in case of security incidents in public spaces.

The projects are expected to start between June and October 2020 and will run for two years. The Research Executive Agency will manage the five selected projects and has finalised the preparation and signature of grant agreements with the beneficiaries.

The EU's financial contribution is provided in the form of grants that can be up to 100% of the project’s total budget. All projects were selected for funding under a competitive call for proposals Protecting the infrastructure of Europe and the people in the European smart cities, under the Societal Challenge 7 ‘Secure societies’ launched on 14 March 2019.

The support is part of the EU's commitment to build a strong cybersecurity culture and enhanced capabilities to resist and respond effectively to potential cyber threats and attacks.

Leave a comment , ,

Mass Care/Emergency Assistance Pandemic Planning Considerations Guide

Agency News, Health & Social Care

FEMA announces an advisory document to examine the unique considerations when developing mass care and emergency assistance plans associated with a pandemic scenario. The processes discussed can be implemented by the jurisdiction without federal assistance or when federal assistance is requested and available. In this document, “jurisdiction” refers to local, state, tribe or territory, insular area and federal governments.

Further details and to download the document visit www.fema.gov/media-library/assets/documents/188597

Leave a comment

FEMA offers Business Emergency Operations Center Quick Start Guidance

Agency News, Industry News

A Business Emergency Operations Center (BEOC) can provide a consistent integration point for private and public coordination for sustained response and recovery operations throughout the COVID-19 pandemic, with no requirement for physical contact. This quick start guidance provides foundational concepts for establishing a BEOC to support their response and recovery operations for COVID-19.

Business Emergency Operations Center Quick Start Guidance can be downloaded at https://www.fema.gov/media-library/assets/documents/188573

Leave a comment

Spotlight on incident reporting of telecom security and trust services

Agency News, Cyber Security CII sector, Industry News

ENISA, the EU Agency for Cybersecurity, released a new version of CIRAS, a tool for statistical analysis of cybersecurity incidents. Two new sets of EU data on cybersecurity incident were made available:

Telecom security incidents reported for the year 2019
Trust services security incidents for 2016-2019

The online visual tool, accessible to the public, now gives access to 8 years of telecom security incidents, and 4 years of trust services incident reports: a total of 1100 cybersecurity incidents. The new visual tool allows for analysis of multiannual trends.

Mandatory cybersecurity incident reporting is a corner stone of cybersecurity legislation in the EU. Cybersecurity incident reporting gives the national authorities in Europe vital information about the root causes and overall impact of major incidents. Every year national authorities send summaries of these major cybersecurity incidents to ENISA for aggregation and analysis at EU level. ENISA publishes statistics in yearly reports and gives access to aggregated and anonymised data in the online visual tool, to increase transparency about cybersecurity incidents. This online visual tool allows for custom analysis of trends and patterns. For example, the user is able to select a specific time-period or specific root cause categories and get custom statistics about detailed causes and assets affected. ENISA also maintains a private repository for the national authorities.

Background and legal base:

ENISA has been supporting the EU telecom security authorities with the implementation of EU wide telecom breach reporting, under Article 13a of the Framework directive since 2010.

Under this framework, ENISA develops procedures, templates, tooling and analysis and publishes an annual report with aggregated statistics about the telecom security incidents with significant impact since 2012.

ENISA has been supporting supervisory bodies in the EU with cybersecurity breach reporting for trust services under Article 19 of the eIDAS regulation since 2016. Besides, ENISA also started to support the NIS cooperation group with the cybersecurity incident reporting along the provisions of the NIS Directive.

ENISA will be publishing the detailed annual reports in the coming weeks.

Root causes of telecom security incidents

Over the last 4 years, the most common root cause of telecom security incidents is system failures (412 out of 637 incidents). The second most common root cause is human errors with nearly a fifth of total incidents (19%, 119 incidents in total). Natural phenomena are the third root cause with 11% while only 4% of the incidents are categorized as malicious actions.

Root cause categories of trust services security incidents

Over the 4 years of trust services security incident reporting, the most common root cause is System failures (60%). Around a fifth of the reported incidents were due to human errors and a fifth of the incidents were flagged as malicious actions. Natural phenomena are not a common root cause in this sector. This sector operates differently than the telecom one. With large-scale aboveground infrastructure for the mobile networks, the telecom sector is more vulnerable to natural phenomena.

Leave a comment

Telos ID to provide Transportation Security Administration (TSA) with improved background checks for airport workers

Industry News, Telecomms sector

Telos ID has announced that the Port of Seattle has contracted with Telos ID to provide Transportation Security Administration (TSA)-approved Designated Aviation Channelling (DAC) services for processing worker background checks at Seattle-Tacoma International Airport (SEA).

Telos ID’s DAC services improve data integrity, increase the efficiency of credentialing operations and reduce costs. DAC services enable submissions of workers’ biographic and biometric data to conduct background checks, including subscriptions to the FBI Rap Back program, for individuals working in secure areas of U.S. commercial airports. Telos ID has been supporting SEA with DAC services since 2016, and with recent selection to continue services, will do so for an additional ten years. SEA uses the DAC via integration with its identity management system (IdMS).

“The DAC services deployment at Seattle-Tacoma International Airport is notable for its size and scope, specifically the integration with SEA’s IdMS, enabling efficient biographic, biometric, and Rap Back transmissions,” said Dawn E. Lucini, vice president of aviation security, Telos ID. “With a large badge holder population, we have streamlined the TSA-required aviation worker background check process, while upholding the high security and customer service standards at SEA.”

As an encrypted, web-based solution, Telos ID’s DAC services meet TSA and Department of Homeland Security (DHS) requirements for handling personally identifiable information and biometrics. Its modular design supports each airport’s and air carrier’s needs, and users can perform multiple functions on one platform.

Leave a comment

EUROPOL Launches European Financial and Economic Crime Centre

Industry News

Today Europol launched the new European Financial and Economic Crime Centre (EFECC). The Centre will enhance the operational support provided to the EU Member States and EU bodies in the fields of financial and economic crime and promote the systematic use of financial investigations. The new EFECC has been set up within the current organisational structure of Europol that is already playing an important part in the European response to financial and economic crime and will be staffed with 65 international experts and analysts.

Economic and financial crimes are a highly complex and a significant threat affecting millions of individual EU citizens and thousands of companies in the EU every year. In addition: money laundering and criminal finances are the engines of organised crime, without them criminals would not be able to make use of the illicit profits they generate with the various serious and organised crime activities carried out in the EU. According to previous reports by Europol, 98.9% of estimated criminal profits are not confiscated and remain at the disposal of criminals.

Furthermore, the COVID-19 pandemic in Europe has provided ample evidence that criminals are quick to adapt their criminal schemes to changing conditions to exploit fears and vulnerabilities. Economic stimuli such as those proposed in the wake of the COVID-19 pandemic will be targeted by criminals seeking to defraud public funding. To effectively disrupt and deter criminals involved in serious and organised crime, law enforcement authorities need to follow the money trail as a regular part of their criminal investigations with the objective of seizing criminal profits.

Leave a comment

COVID-19 pandemic highlights submarine cables as critical infrastructure

Industry News, Telecomms sector

“Submarine cables are crucial infrastructure and have been vital in helping us get through this pandemic together,” said Keith Schofield, General Manager, International Cable Protection Committee.

For many years now, the submarine cable industry has been at the heart of international connectivity, providing data avenues that span continents and unrivalled capacity. Despite this, the industry’s fundamental contribution to the telecoms sphere is often overlooked.

But now, during the coronavirus pandemic, the critical nature of the subsea cable industry has come to the fore, proving once and for all that they are undeniably critical infrastructure all over the world. But responding to the demands of the crisis has not been easy.

[Source: Total Telecom]
Leave a comment
1 49 50 51 52 53 54