European Space Agency signs Memorandum of Intent with Public Safety Communication Europe

Public Safety Communication Europe (PSCE) and the European Space Agency (ESA) have signed a Memorandum of Intent (MoI) to support the utilisation of satellite applications for Public Safety.
ESA and PSCE will work together under the new MoI towards establishing interoperable public safety communications systems.
The MoI will support the emergence of space-based applications in the Public Safety domain such as public safety services relying on secure mobile broadband communication solutions. These include applications within disaster preparedness, response and resilience, situational awareness, assessments of damages, navigation-based services for tracking and coordinating rescue forces on-site and for emergency vehicles.
"ESA Space Solutions and the 4S Strategic Programme Line will support through this agreement the emergence of solutions making use of secure satellite communications for institutional Public Safety user communities. This can be achieved as of today through existing satellite telecommunications infrastructures. In the future it will be possible to make use of new and innovative infrastructures with enhanced capabilities. Early pilots and demonstrations will showcase the unique benefits granted by satellites to the user communities and early adopters", says Rita Rinaldo, ESA
"The cooperation with ESA will help to explore complementary solutions that will contribute to cover capability gaps and needs for public safety. It is of extreme importance to improve public safety communication systems with cutting-edge and rapidly deployable solutions that will facilitate PPDR missions", explains Marie-Christine Bonnamour, PSCE.
The cooperation between ESA and PSCE will be activated as a first step through PSCE participation in the ongoing user studies on "Satellite Applications for Public Safety".
PSCE will contribute to the identification of the needs of public safety stakeholders such as emergency services, fire brigades and law enforcement.

Space ISAC Announces Initial Operating Capability for Threat Information Sharing

The Space Information Sharing and Analysis Center (Space ISAC) has announced a significant milestone, declaring the organization has reached Initial Operating Capability (IOC) following the launch of Space ISAC’s member portal and threat intelligence sharing platform. This capability will serve as the first of its kind, enabling commercial industry and international space partners to share timely, actionable information about space-based threats.
This milestone event marks just over one year since Space ISAC’s board of directors and leaders from U.S. government agencies met to discuss the timeline to achieve initial operating capability.
“Achieving IOC for the Space ISAC is one of the most critical milestones toward protecting the space critical infrastructure for the global space community. This platform for information sharing will bring our community together and align our efforts to increase the security and reliability of space systems,” said Frank Backes, Senior Vice President, Kratos Federal Space and Chairman of the Board at Space ISAC.
Space ISAC has selected Cyware to host the Space ISAC portal and threat intelligence sharing platform. The platform allows Space ISAC members to share threat data securely with next-generation partnership capabilities that meet the needs of the space industry’s rapidly evolving threat environment.
“Our team at Cyware believes it is mission-critical to support and empower cybersecurity sharing communities with the tools and resources needed to collaborate and share intelligence to improve security operations and maintain resiliency,” said Anuj Goel, CEO and co-founder of Cyware. “We are impressed by Space ISAC’s dedication to improving the defense capabilities of their membership. They are consistently seeking out the best opportunities to enhance threat intelligence sharing in an integrated and collaborative manner, that reduces cyber risk across space and other key industries where intelligence is critical.”
“It’s incredibly exciting to see the introduction of such a platform where commercial industry and international space partners will soon be able to share timely information about space-based threats,” said William O. Ferguson, Cyber Security Operations Manager for founding board member SES.
Space ISAC consists of 24 members and counting from the global space community. Johns Hopkins Applied Physics Lab, a founding board member of Space ISAC, leads a Space ISAC team that vets all new members to ensure that Space ISAC maintains the highest levels of trust and integrity within its membership base.
“We are thrilled to reach this milestone, a giant step in making all of us together smarter and safer than any of us alone. I hope that many others will join us in ensuring the resilience of the global space enterprise,” said Michael Ryschkewitsch, Head, Space Sector at Johns Hopkins Applied Physics Laboratory.
Andre Adelsbach, vice president of Group Information and Cyber Security for SES, added, “At SES, we realize the importance of safeguarding current and emerging space service technology, and welcome efforts that can be developed across the industry.”
Additionally, Space ISAC’s IOC includes hosting member events and facilitating working groups and task forces. These initiatives have created opportunities for Space ISAC members and partners to develop the functions of the ISAC and raise the entire space sector’s security posture. This includes an information sharing work group, an analyst work group, and task forces dedicated to small satellites and Space Policy Directive-5.
“As an ISAC we are responsible to coordinate across the entire space sector and communicate critical information sharing far and wide and for global space to create sector-wide situational awareness,” said Erin Miller, Executive Director, Space ISAC.

IACIPP and Capitol Sign Agreement to Advance Worldwide Critical Infrastructure Awareness and Knowledge

Capitol Technology University and the International Association of Critical Infrastructure Protection Professionals (IACIPP) signed a Memorandum of Understanding (MOU) to develop a partnership that will extend efforts to improve the training and education of Critical Infrastructure Students and professionals. Both parties recognize a high demand for worldwide cooperation to increase the effectiveness of research, education, and activities in the critical infrastructure field of study. This MOU will facilitate the development of joint seminars, conferences, and training courses.
“As an Association we aim to deliver discussion and innovation— on many of the serious infrastructure, protection, management, and security challenges—facing both industry and governments. The ever changing and evolving nature of threats, whether natural through climate change or man-made through terrorism activities, either physical or cyber, means there is a continual need to review and update policies, practices, training, and technologies to meet these growing and changing demands,” said John Donlon QPM, Chairman IACIPP. “This partnership with Capitol Technology University enables both parties to develop and enhance objectives through education and training.”
A nation’s critical infrastructure provides the essential services that underpin a society. Proactive and coordinated efforts are necessary to strengthen and maintain secure, functioning, and resilient critical infrastructure— including assets, networks, and systems—that are vital to public confidence and a nation’s safety, prosperity, and well-being.
Critical infrastructure must be secure and able to withstand and rapidly recover from all hazards. Achieving this will require integration with the national preparedness system across prevention, protection, mitigation, response, and recovery.
The International Association of Critical Infrastructure Protection Professionals (IACIPP) is an international association of practitioners and professionals involved in the security, resilience and safety of critical infrastructure, both physical and information infrastructure.
The IACIPP is open to critical infrastructure operators and government agencies, including site managers, security officers, government agency officials, policy makers, research & academia. The Association also aims to share ideas, information, experiences, technology and best practices to enhance these objectives.
Capitol Technology University, located in Laurel, Maryland, is an independent institution that has focused on STEM education since 1927. Capitol Tech, the national winner of the 2020 SC Media Award for Best Cybersecurity Higher Education Program, offers hands-on courses taught by industry experts that lead to undergraduate and graduate degrees in emerging fields such as Mechatronics Engineering and Artificial Intelligence.

WMO boosts regional cooperation in Asia-Pacific

The Typhoon Committee, which symbolizes the successful cooperation between WMO and the United Nations Economic and Social Commission for Asia and the Pacific, holds its 53rd annual session, woth participants from the National Meteorological and Hydrological Services (NMHSs) and national Disaster Risk Reduction (DRR) agencies who will exchange information on achievements of the past session, review activities of the Members, as well as operational and research collaborations, with the clear focus on reducing the number of lives lost and damage to property caused by tropical cyclones and typhoons.
On top of the disruption and catastrophic impacts caused by COVID-19, the Asia-Pacific region was hit by successive hazards in 2020, including tropical cyclones, floods, droughts, sand and dust storms and heatwaves. 23 named tropical cyclones of tropical storm intensity or above formed over the western North Pacific and the South China Sea.
The strongest tropical cyclone of the season was Super Typhoon Goni (2019). It made landfall over northern Philippines on 1 November and caused catastrophic damage. A minimum pressure of 912.1 hPa was reported in Virac and a maximum gust of 198 km/h was reported in Legaspi City. 25 people died and 399 injured, and the social and economic loss was estimated to be over 17 billion Philippines Peso, according to a report from the Philippines national meteorological and hydrological service PAGASA.
Two major tropical cyclones hit the Korean Peninsula within a few days in early September, with Typhoon Maysak making landfall near Busan on 3 September, followed by Haishen on 7 September. Maysak brought 1037 mm of rainfall over two days to a site on Jeju Island, and wind gusts on the island up to 165.6 km/h, with high waves of more than 8 m. The damage costs of Mayask and Haishen reaches over 200 million USD, with a possible recovery cost of 548 million USD, according to a report submitted to the Typhoon Committee by the Korea Meteorological Administration. Both tropical cyclones led to significant flooding on the Korean Peninsula and in western Japan, and 41 lives were lost when a ship sank off western Japan during the passage of Maysak.
Sustainable Development
Although countries across the region have committed to achieving the Sustainable Development Goals (SDGs) by 2030 — to ensure that ‘no one is left behind’ – this will remain a challenge if their populations remain susceptible to disasters that threaten to reverse hard-won progress towards the SDGs.
Building on the success of the Typhoon Committee, WMO continues to work with countries in the region, often in partnership with other United Nations entities, to build greater resilience to natural disasters that wreak a heavy economic and human toll.
In particular, WMO and UNESCAP in 2020 focused on implementing collaborative activities under their Memorandum of Understanding (MoU). These activities highlight the synergistic benefits that are derived from both organisations’ work on building resilience to climate and disaster risks and the promotion of impact-based early warning services and systems.
This MoU was renewed by Ms Armida Salsiah-Alisjahbana, Under-Secretary-General of the United Nations and Executive Secretary of UNESCAP and Prof. Petteri Taalas, Secretary-General of WMO on 21 September 2019 during the UN Climate Summit held in New York, based on their aligned values and objectives and desire to work together in areas of mutual interest.
A Joint Workshop on Strengthening Multi-Hazard Early Warning Systems and Early Actions in Southeast Asia was organized by WMO and hosted by UNESCAP in Bangkok, Thailand from 18 to 20 February 2020. Participants reached a consensus on developing a coordinated Southeast Asia-wide framework for strengthening the hydro-meteorological disaster risk management and capacity development of National Meteorological and Hydrological Services.
The Regional Climate Outlook Fora (RCOFs) have been guided and supported by WMO and its partners to promote collaboration, knowledge and information sharing on seasonal climate prediction and its likely implications for the most impacted socio-economic sectors since the late 1990s. The potential to add further value to the outputs of RCOFs through impact-based products was introduced by UNESCAP during the South Asian Seasonal Climate Outlook Forum (SASCOF), the Forum on Regional Climate Monitoring, Assessment and Prediction for Asia (FOCRAII) and the East Asia winter Climate Outlook Forum (EASCOF).
Looking ahead, with its official membership in the United Nations’ Regional Collaborative Platform in Asia and the South-West Pacific, WMO will build on the achievements of 2020 and further expand regional cooperation in the broader context of sustainable development. In 2021, the partnership will continue its critically important mission to build resilience to climate and disaster risk; and promote the social and economic benefits of impact-based early warning services in the Asia Pacific region. WMO’s longstanding and manifold regional initiatives and capacity development programmes in Asia-Pacific will now be further enhanced.

ENISA release new report and training material to fight cybercrime and improve cooperation

The European Union Agency for Cybersecurity releases a new report and training material to support the cooperation among CSIRTs, Law Enforcement Agencies (LEAs) and their interaction with the judiciary.
The publications are designed to help tackle the challenges of this complex multi-stakeholder cooperation. The report, the handbook and the toolset are a set of deliverables complementing each other as follows:
- The report analyses roles, duties, competences, synergies and potential interferences across Computer Security Incident Response Teams (CSIRTs) - in particular, national and governmental ones, LE and judiciary (prosecutors and judges);
- The handbook helps a trainer explain these concepts through different scenarios;
- The toolset consists of exercises meant for trainees based on the handbook’s scenarios.
The report proposes a methodology to analyse the legal and organisational framework defining the roles and duties, the required competencies of CSIRTs and LE. It also identifies synergies and the potential interferences that may occur while engaging in the activities needed to respond to incidents of criminal nature and in fighting cybercrime.
In addition, it presents a detailed analysis focusing on Czechia, France, Germany, Luxembourg, Norway, Portugal, Romania, and Sweden. The methodology proposed can be used for a more comprehensive future analysis covering additional countries as it is based on:
- desk research;
- subject matter expert interviews;
- the segregation of duties (SoD) matrix.
This SoD matrix is also available in the ENISA repositories in GitHub, as well as the documentation on the Reference Security Incident Taxonomy Working Group (RSIT).
The RSIT working group will meet today as part of the 62nd TF-CSIRT Meeting. These are two other examples of the efforts ENISA engages in to contribute to building a bridge between CSIRTs and LE communities.
Main conclusions of the 2020 report on CSIRTs and LE cooperation include:
- The communities already engage in a number of actions meant to:
  - Avoid interferences wherever possible;
  - Create effective partnerships;
  - Use their synergies to support each other.
- However, interferences may still happen in the process of incident handling and cybercrime investigations, mainly because of the difference in purpose and mandate of each of these communities, i.e. incident mitigation (CSIRTs) compared with evidence preservation and criminal prosecution (LE and the judiciary).
- Joint training activities are organised mainly in community pairs, being either CSIRT and LE or LE and the judiciary. Such activities rarely involve the three communities. The joint training activities help the wider development of the competences required to respond to cybercrime.
- Overall, the 2019 pandemic of the COVID-19 virus did not have any significant impact on cooperation and exchanges between the three communities and their ability to function. Interaction even increased in some instances. For example, daily dialogues became more frequent in order to ensure that each community was kept informed as the situation evolved.
The response to cybercrime requires the cooperation of all actors involved. In this response, CSIRTs, LE and the judiciary perform each a different role and seek different objectives. Helping CSIRTs, LE and the judiciary understand their roles, duties and competences reciprocally will allow a closer cooperation while building on synergies and hence avoid possible interferences.
ENISA has been collecting input from the communities and compiling reports to shed light on the different aspects of the cooperation. These efforts are meant to further enhance the cooperation between CSIRTs and LE and their interaction with the judiciary, In addition, the Agency has been developing training material and co-organising the annual ENISA-EC3 workshop on CSIRT-LE Cooperation. The last edition of this event took place on 16 September 2020.
This new report and training material build on the work already completed in the area over the past. It contributed to the implementation of the ENISA programming document 2020-2022. The work conducted by ENISA in this area is planned to continue in 2021.

Cybercriminals Favourite VPN Taken Down in Global Action

The virtual private network (VPN) Safe-Inet used by the world’s foremost cybercriminals has been taken down in a coordinated law enforcement action led by the German Reutlingen Police Headquarters together with Europol and law enforcement agencies from around the world.
The Safe-Inet service was shut down and its infrastructure seized in Germany, the Netherlands, Switzerland, France and the United States. The servers were taken down, and a splash page prepared by Europol was put up online after the domain seizures. This coordinated takedown was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).
Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime.
This VPN service was sold at a high price to the criminal underworld as one of the best tools available to avoid law enforcement interception, offering up to 5 layers of anonymous VPN connections.
Law enforcement were able to identify some 250 companies worldwide which were being spied on by the criminals using this VPN. These companies were subsequently warned of an imminent ransomware attack against their systems, allowing them to take measures to protect themselves against such an attack.
The service has now been rendered inaccessible.
Investigations are ongoing in a number of countries to identify and take action against some of Safe-Inet’s users.
International police cooperation was central to the success of this investigation as the critical infrastructure was scattered across the world.
Europol’s European Cybercrime Centre (EC3) supported the investigation from the onset, bringing together all the involved countries to establish a joint strategy and to organise the intensive exchange of information and evidence needed to prepare for the final phase of the takedown.