Tag: criticalinfrastructureprotection

12 targeted for involvement in ransomware attacks against critical infrastructure

Agency News, Cyber Security CII sector, Industry News

A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries.

These attacks are believed to have affected over 1 800 victims in 71 countries. These cyber actors are known for specifically targeting large corporations, effectively bringing their business to a standstill.

The actions took place in the early hours of 26 October in Ukraine and Switzerland. Most of these suspects are considered high-value targets because they are being investigated in multiple high-profile cases in different jurisdictions.

As the result of the action day, over USD 52 000 in cash was seized, alongside 5 luxury vehicles. A number of electronic devices are currently being forensically examined to secure evidence and identify new investigative leads.

The targeted suspects all had different roles in these professional, highly organised criminal organisations. Some of these criminals were dealing with the penetration effort, using multiple mechanisms to compromise IT networks, including brute force attacks, SQL injections, stolen credentials and phishing emails with malicious attachments.

Once on the network, some of these cyber actors would focus on moving laterally, deploying malware such as Trickbot, or post-exploitation frameworks such as Cobalt Strike or PowerShell Empire, to stay undetected and gain further access.

The criminals would then lay undetected in the compromised systems, sometimes for months, probing for more weaknesses in the IT networks before moving on to monetising the infection by deploying a ransomware. These cyber actors are known to have deployed LockerGoga, MegaCortex and Dharma ransomware, among others.

The effects of the ransomware attacks were devastating as the criminals had had the time to explore the IT networks undetected. A ransom note was then presented to the victim, which demanded the victim pay the attackers in Bitcoin in exchange for decryption keys.

A number of the individuals interrogated are suspected of being in charge of laundering the ransom payments: they would funnel the Bitcoin ransom payments through mixing services, before cashing out the ill-gotten gains.
International cooperation

International cooperation coordinated by Europol and Eurojust was central in identifying these threat actors as the victims were located in different geographical locations around the world.

Initiated by the French authorities, a joint investigation team (JIT) was set up in September 2019 between Norway, France, the United Kingdom and Ukraine with financial support of Eurojust and assistance of both Agencies. The partners in the JIT have since been working closely together, in parallel with the independent investigations of the Dutch and U.S. authorities, to uncover the actual magnitude and complexity of the criminal activities of these cyber actors to establish a joint strategy.

Eurojust established a coordination centre to facilitate cross-border judicial cooperation during the action day. In preparation of this, seven coordination meetings were held.

Europol’s European Cybercrime Centre (EC3) hosted operational meetings, provided digital forensic, cryptocurrency and malware support and facilitated the information exchange in the framework of the Joint Cybercrime Action Taskforce (J-CAT) hosted at Europol’s headquarters in The Hague.

Leave a comment , , ,

Asia-Pacific implements radiocommunication updates

Agency News, Industry News, Telecomms sector

Countries across Asia and the Pacific need fair, transparent, and predictable spectrum policies to accelerate equitable digital transformation across the region, according to radiocommunication experts convened by the International Telecommunication Union (ITU) over the last two weeks.

Regulators, industry experts and academics met to discuss future Asia-Pacific radio-frequency spectrum requirements following Radio Regulations updates.

"Radiocommunication services profoundly transform the way we work, travel, do business and access public services, including education and health," said ITU Secretary-General Houlin Zhao. “The Regional Radiocommunication Seminars provide an excellent opportunity for our members to learn the practical application of the ITU Radio Regulations, so that people everywhere can take advantage of the social and economic opportunities brought about by the rapid growth of digital platforms."

The regional seminar, convened entirely online, covered the regulatory framework for both terrestrial and space services and the procedures for filing and recording frequency assignments in the Master International Frequency Register (MIFR).

Masanori Kondo, Secretary-General of the Asia-Pacific Telecommunity, welcomed the discussions as “an opportunity for regulators to widen and deepen their knowledge and insight in the field of spectrum management." He emphasized the need for Asia-Pacific countries to develop fair, predictable, and transparent spectrum management policies and regulations to keep their diverse and geographically extensive telecommunication sector functioning effectively.

ITU support and guidance
Participants discussed the current regulatory framework for international frequency management, ITU Radiocommunication (ITU-R) Recommendations, and best practices for spectrum use by both terrestrial and space services.

“Despite the challenges brought about by the COVID-19 pandemic, we continue to deliver high quality capacity building opportunities to our members, supporting them with all the information and tools they need to analyse and implement the Radio Regulations and promote efficient spectrum management," said Mario Maniewicz, Director of the ITU Radiocommunication Bureau.

RRS-21 Asia-Pacific also included basic training to prepare for technical examinations and gain familiarity with ITU tools to produce frequency notices.

Leave a comment , ,

Weather and climate extremes in Asia killed thousands, displaced millions and cost billions in 2020

Agency News, Industry News, Water sector

Extreme weather and climate change impacts across Asia in 2020 caused the loss of life of thousands of people, displaced millions of others and cost hundreds of billions of dollars, while wreaking a heavy toll on infrastructure and ecosystems. Sustainable development is threatened, with food and water insecurity, health risks and environmental degradation on the rise, according to a new multi-agency report coordinated by the World Meteorological Organization (WMO).

The State of the Climate in Asia 2020 provides an overview of land and ocean temperatures, precipitation, glacier retreat, shrinking sea ice, sea level rise and severe weather. It examines socio-economic impacts in a year when the region was also struggling with the COVID-19 pandemic, which in turn complicated disaster management.

The report shows how every part of Asia was affected, from Himalayan peaks to low-lying coastal areas, from densely populated cities to deserts and from the Arctic to the Arabian seas.

“Weather and climate hazards, especially floods, storms, and droughts, had significant impacts in many countries of the region, affecting agriculture and food security, contributing to increased displacement and vulnerability of migrants, refugees, and displaced people, worsening health risks, and exacerbating environmental issues and losses of natural ecosystems,” said WMO Secretary-General Prof. Petteri Taalas.

“Combined, these impacts take a significant toll on long term sustainable development, and progress toward the UN 2030 Agenda and Sustainable Development Goals in particular,” he said.

The report combines input from a wide range of partners including the United Nations Economic and Social Commission for Asia and the Pacific (ESCAP) and other UN agencies, national meteorological and hydrological services as well as leading scientists and climate centres.

Leave a comment , ,

NSA and CISA provide cybersecurity guidance for 5G cloud infrastructures

Agency News, Industry News, Telecomms sector

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a four-part series created by the Enduring Security Framework (ESF), a cross-sector, public-private working group which provides cybersecurity guidance that addresses high priority cyber-based threats to the nation’s critical infrastructure.

“This series provides key cybersecurity guidance to configure 5G cloud infrastructure,” said Natalie Pittore, Chief of ESF in NSA’s Cybersecurity Collaboration Center. “Our team examined priority risks so that we could provide useful guidance, disseminated in an actionable way to help implementers protect their infrastructure.”

The series builds on the ESF Potential Threat Vectors to 5G Infrastructure analysis paper released in May 2021, which focused specifically on threats, vulnerabilities, and mitigations that apply to the deployment of 5G infrastructures. Based on preliminary analysis and threat assessment, the top 5G cloud infrastructure security challenges were identified by ESF and a four-part series of instructional documents covering those challenges will be released over the next few weeks. Topics include securely isolating network resources; protecting data in transit, in use, and at rest; and ensuring integrity of the network infrastructure.

Part I focuses on detecting malicious cyber actor activity in 5G clouds to prevent the malicious cyberattack of a single cloud resource from compromising the entire network. The guidance provides recommendations for mitigating lateral movement attempts by malicious cyber actors who have successfully exploited a vulnerability to gain initial access into a 5G cloud system.
“This series exemplifies the national security benefits resulting from the joint efforts of ESF experts from CISA, NSA, and industry,” said Rob Joyce, NSA Cybersecurity Director. “Service providers and system integrators that build and configure 5G cloud infrastructures who apply this guidance will do their part to improve cybersecurity for our nation.”

“Strong and vibrant partnerships are critical to the overall effort to reduce cyber risk. Along with our public and private partners in the ESF, CISA is proud to partner with NSA to present the Security Guidance series for 5G Infrastructure,” said Alaina Clark, Assistant Director for Stakeholder Engagement. “Protecting 5G cloud infrastructure is a shared responsibility and we encourage 5G providers, operators and customers to review the new guidance.”

5G cloud providers, integrators, and network operators share the responsibility to detect and mitigate lateral movement attempts within their 5G cloud infrastructure. This document provides best practices to secure the 5G cloud from specific cyber threats of lateral movement that could compromise a network.

Leave a comment , , ,

ESA and the City of Essen collaborate to protect urban and suburban areas with the power of space-applications

Industry News, Space Sector

The City of Essen and the European Space Agency (ESA) are cooperating to promote the development of space-applications in support of the development and the protection of urban environments in a sustainable manner. As a priority within the sustainable urban development, the focus will be on the natural green protection in urban and suburban areas, climate change challenges, biodiversity protection, sustainable urban mobility, circular economy, and support of growth of a sustainable green and digital economy by leveraging satellite and terrestrial networks.

The first joint initiative that has been launched through this cooperation is an Invitation To Tender for companies to propose space-based applications which can contribute to whether and to what extent green spaces can be effectively integrated into smart city planning and urban green management, be monitored regarding their status and their impact on the surroundings and preserved as natural capital to maximise benefits for all citizens. The City of Essen has been crucial for the definition of the key application areas.

The Lord Mayor of the City of Essen, Thomas Kufen, is looking forward to the cooperation and the opportunities it entails: “Urban green infrastructure improves water management during extreme precipitation events, has a positive impact on air quality, mitigates extreme summer temperatures, and provides recreational spaces. In times of climate change it is more important than ever in context of urban development, which must be rethought in a global context. The services developed with ESA will help us to observe, understand and sustainably adapt our local environment and its interdependencies.“

Rita Rinaldo, Head of the Partner/Thematic led Initiative of Space Solutions Programme in ESA, added: “working with the City of Essen gives us the opportunity to foster the development of space applications with the aim of making our cities greener, while boosting sustainability and infrastructure, protecting the environment and creating shared value for citizens. We are confident that this cooperation will showcase the potential of space to deliver green value thanks to innovative space-based solutions with environmental and socio-economic benefits at scale.”

Leave a comment , ,

WMO State of Climate in 2021: Extreme events and major impacts

Industry News, Water sector

The past seven years are on track to be the seven warmest on record, according to the provisional WMO State of the Global Climate 2021 report, based on data for the first nine months of 2021. A temporary cooling “La Niña” event early in the year means that 2021 is expected to be “only” the fifth to seventh warmest year on record. But this does not negate or reverse the long-term trend of rising temperatures.The report combines input from multiple United Nations agencies, national meteorological and hydrological services and scientific experts. It highlights impacts on food security and population displacement, harming crucial ecosystems and undermining progress towards the Sustainable Development Goals. It was released at a press conference on the opening day of COP26.

Global sea level rise accelerated since 2013 to a new high n 2021, with continued ocean warming and ocean acidification.

The report combines input from multiple United Nations agencies, national meteorological and hydrological services and scientific experts. It highlights impacts on food security and population displacement, harming crucial ecosystems and undermining progress towards the Sustainable Development Goals.

The provisional State of the Climate 2021 report was released at the start of the UN Climate Change negotiations, COP26, in Glasgow. It provides a snapshot of climate indicators such as greenhouse gas concentrations, temperatures, extreme weather, sea level, ocean warming and ocean acidification, glacier retreat and ice melt, as well as socio-economic impacts.

It is one of the flagship scientific reports which will inform negotiations and which will be showcased at the Science pavilion hosted by WMO, the Intergovernmental Panel on Climate Change and the UK Met Office. During COP26, WMO will launch the Water and Climate Coalition to coordinate water and climate action, and the Systematic Observations Financing Facility to improve weather and climate observations and forecasts which are vital to climate change adaptation.

Leave a comment , ,

CISA Releases New Tool to Help Organizations Guard Against Insider Threats

Agency News, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA) has released an Insider Risk Mitigation Self-Assessment Tool, which assists public and private sector organizations in assessing their vulnerability to an insider threat. By answering a series of questions, users receive feedback they can use to gauge their risk posture. The tool will also help users further understand the nature of insider threats and take steps to create their own prevention and mitigation programs.

“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said CISA Executive Assistant Director for Infrastructure Security David Mussington. “CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats. Taking some small steps today can make a big difference in preventing or mitigating the consequences of an insider threat in the future.”

Insider threats can pose serious risk to any organization because of the institutional knowledge and trust placed in the hands of the perpetrator. Insider threats can come from current or former employees, contractors, or others with inside knowledge, and the consequences can include compromised sensitive information, damaged organizational reputation, lost revenue, stolen intellectual property, reduced market share, and even physical harm to people. CISA has a number of tools, training, and information on an array of threats public and private sector organizations face, including insider threats.

Leave a comment , ,

Broadband Commission calls for people-centred solutions to achieve universal connectivity

Agency News, Industry News, Telecomms sector

More than a year and a half into the COVID-19 pandemic, amid relentless global demand for broadband services, the Broadband Commission for Sustainable Development has reaffirmed its call for digital cooperation, innovation with information and communication technologies (ICTs), and collaborative approaches to secure universal connectivity and access to digital skills.

The Commission's State of Broadband Report 2021​, released during the meeting, outlines the impact of pandemic policies and calls for a concerted, people-centred push to close the world's persistent divide. In the world's least developed countries (LDCs), no more than a quarter of the population is online.

"Digital cooperation needs to go beyond access to broadband," said H.E. President Paul Kagame of Rwanda, Co-Chair of the Commission. “We also need to close the gap in the adoption and use of affordable devices and services, in accessible content, and in digital literacy."

More than 50 Commissioners and special guests, representing government leaders, heads of international organizations and private sector companies, civil society and academia, affirmed that people-centred solutions must be at the heart of building a sustainable path towards universal broadband.

Commission co-Chair Carlos Slim, Founder of Carlos Slim Foundation and Grupo Carso, added: “To achieve our universal connectivity goal, we need to work together. We need to build a digital future that is inclusive, affordable, safe, sustainable, meaningful and people centred. We need to support infrastructure and to deal with affordability and relevant content to ensure usage. For that to happen, it requires concerted efforts."

Connectivity for sustainable development
The Annual Fall Meeting, held in a virtual format, underscored the need to accelerate digital connectivity to fulfil the United Nations Agenda for 2030, centred on 17 Sustainable Development Goals.

“The absence of digital skills remains the largest barrier to Internet use," noted Audrey Azoulay, Director-General of the United Nations Educational, Scientific and Cultural Organization (UNESCO) and co-Vice Chair of the Commission. “Digital education must therefore be as much about gaining skills as about developing the ability to think critically in order to master the technical aspects and be able to distinguish between truth and falsehood."

“UNESCO's Media and Information Literacy curriculum, launched in Belgrade, Serbia, in April, provided a key tool to boost skills," she added.

A newly released Commission report on distance and hybrid learning cites the need to foster digital skills along with expanding broadband infrastructure.

[Source: ITU]
Leave a comment ,

TSA checkpoint at Capital Region International Airport gets new credential authentication technology unit

Agency News, Industry News, Transport sector

A credential authentication technology (CAT) unit has been installed and is in use at the Transportation Security Administration checkpoint at Capital Region International Airport (LAN).

“The new credential authentication technology unit enhances our detection capabilities for identifying fraudulent ID documents and improves the passenger’s experience by increasing efficiency during the checkpoint experience,” said Michigan TSA Federal Security Director Steve Lorincz. “The CAT unit also reduces touchpoints at the checkpoint, which benefits both officers and travelers during this pandemic.”

Passengers will approach the travel document checking station at the checkpoint and listen to the instructions of the TSA officer, who will insert the personal identification into the scanner for authentication.

Passengers will not have to hand over their boarding pass (electronic or paper), thus reducing a touchpoint. Instead, they should have their boarding pass ready in the event that the TSA officer requests visual inspection. The CAT unit will verify that the traveler is prescreened to travel out of the airport for a flight that day; however, a boarding pass may be requested for travelers under the age of 18 and/or those without IDs or with damaged IDs.

“We are pleased that TSA is taking steps to enhance the technology to ensure the safety and security of our travelers here at the Capital Region International Airport (LAN),” said Nicole Noll-Williams, president and CEO of the Capital Region Airport Authority.

Even with TSA’s use of CAT, travelers still need to check-in with their airline in advance and bring their boarding pass to their gate agent to show the airline representative before boarding their flight.

This technology will enhance detection capabilities for identifying fraudulent documents at the security checkpoint. CAT units authenticate several thousand types of IDs including passports, military common access cards, retired military ID cards, Department of Homeland Security Trusted Traveler ID cards, uniformed services ID cards, permanent resident cards, U.S. visas, and driver’s licenses and photo IDs issued by state motor vehicle departments.

Leave a comment , ,

CAPSI, ISIO and SASA aim to curb collateral damage biological threat and tailing threats

Industry News

CAPSI [Central Association of Private Security Industry], ISIO [International Security Industry Organization] and SASA [Security Association of South Africa] are on mission to curb the collateral damage of the active mutating biological threat and tailing threats.

The health community has sent the protocols for infection testing (chemically and electronically), the social movement of people and hygiene. It is in-fact the private security industry that implements the protocols on the ground by investing in the equipment, manages the flow and behaviour of social movement besides ensuring that people sanitize before entering sites.

However, the private security industry does much more, because there is crime related to the pandemic and the economic meltdown that is resulting from such, definitely causing more havoc to the mix.

The private security industry, being frontliners, do experience aggressive and violent incidents that leads to life impacting and deadly outcomes. The medical fraternity do nurse infected people and therefore use appropriate protocols, but the security practitioners on the ground have no idea who is infectious, and a massive risk to the public at large.

The alliance is working together on a goal directed plan of action that is designed, by capacity building specific stake holders that will drive the methodology world-wide. In the understanding that the entire world needs to be inoculated at the same time, with the same potency of vaccine, dictates that the entire security force that numbers in the millions must work together at the same time, using the same security protocols for biological threat security.

Based on intensive research and application, the respective security industries will be promoting security protocols for biological threat security. These protocols are geared towards procedure of using the technology, equipment besides layering the workforce on the ground by skillsets.

The Chairman of CAPSI, Mr Kunwar Vikram Singh states “ This collaboration between CAPSI, ISIO and SASA to protect humanity from biological weapons in the form of deadly viruses will prove a most serious life saving initiative which governments and corporate must endorse and apply immediately. CAPSI has already discussed this dangerous aspect with the Indian Ministry of Home Affairs and also signed a MoU with Rashtriya Raksha University (National Security University), to commence Bio Security education. This trustworthy HIM tool with security protocols for biological threat security is required to secure and limit the level of collateral damage’’.

The Chairman of SASA, Mr Franz Verhufen, states that it is of critical importance that the private security industry “leads from the front”, thereby protecting the national economy and the entire populations of their respective countries, which can only succeed if they, as a whole, work together in the campaign to reinforce the national governments in their respective countries, to curb and eliminate this deadly threat.

SASA and its members, who collectively employ in excess of 100,000 registered security officers, believe that, with effective technology and using security protocols for biological threat security, they can definitely make a significant contribution in this battle against the pandemic.

Juan Kirsten, Director General of ISIO firmly says ‘’the Private Security Industry is larger than any navy, military unit, or policing agency, collectively using the same protocols, and therefore must be utilised to its full potential by being goal directed and working in concert because it is already doing the job on the ground.’’

The philosophy and methodology is outlined in the tools that can be found on https://www.human-investigation-management.com/cbts-certified-for-biological-threat-security which is endorsed by CAPSI, ISIO and SASA.

Leave a comment , , , ,
1 16 17 18 19 20 30