I found the article, “Combatting security threats to our nation’s critical water infrastructure”, on securitymagazine. It addresses how utilities are transforming by incorporating information technology (IT) and operational technology (OT) into their management and operations to assist with meter reading, leak detection, and other operational goals. Additionally, control systems manage chemical feeds, pumps and other aspects of water treatment and movement. Unfortunately, the adoption of new technologies gives a passage for new attacks which have the potential to interrupt and cause inconvenience to water supply and wastewater treatment, impact public health and the environment, undermine the economy, and put our national security at risk. In fact, Dragos, a cybersecurity firm, reports hundreds of ICS incidents over the last decade across multiple sectors. According to a June survey report by the Water Sector Coordinating Council, 40% of utility managers do not address cybersecurity in their risk management plans. The article asserts that recent ICS attacks could have likely been prevented by “limiting access to sensitive systems, not sharing passwords, and removing access for former employees.” Furthermore, it suggests investing in cybersecurity and building a culture of cybersecurity awareness by updating equipment, modern business applications, hiring of cybersecurity professionals, and regular staff training on best practices, and participating in information-sharing networks. The article brought to my attention a four-step methodology for “preventing sabotage” known as the Consequence-driven Cyber-informed Engineering (CCE).
How the CCE works:
– “CCE begins with the assumption that if a critical infrastructure — a water system or power plant, for instance — is being targeted by highly skilled adversaries, then the target will be sabotaged.
1. Created by Idaho National Laboratory (INL), the methodology first examines where failures could occur and then looks at adversaries’ capabilities. …
2. This is followed by a discussion of how an attack might take place.
3. The final phase has the target evaluating changes to mitigate at the time of the attack”
NIST CSF represents a set of cybersecurity practices, outcomes, and
technical, operational, and managerial security controls (referred to as Informative
References) that support the five risk management functions – Identify, Protect, Detect,
Respond, and Recover
Governments, industry sectors, and organizations around the world are increasingly
recognizing the NIST Cybersecurity Framework (CSF) as a recommended cybersecurity
baseline to help improve the cybersecurity risk management and resilience of their
systems. This paper evaluates the NIST CSF and the many AWS Cloud offerings public
and commercial sector customers can use to align to the NIST CSF to improve your
cybersecurity posture. It also provides a third-party validated attestation confirming AWS
services’ alignment with the NIST CSF risk management practices, allowing you to
properly protect your data across AWS.
“This new ransomware encrypts your data and makes some nasty threats, too”
Cybercriminals are distributing a new form of ransomware which is called Yanluowang to attack victims. They will not only encrypt the network, but also threaten to launch a distributed denial-of-service (DDoS) attack without paying the ransom. Harass employees and business partners. Yanluowang sent a ransom letter to the victim, telling the victim that they had been infected with ransomware, and told them to send a contact address to negotiate payment of the ransom. They will call employees and business partners. They also suggest that if the victim does not cooperate, they will return an additional attack or even delete the encrypted data, so it is lost forever.
I found the article, “Combatting security threats to our nation’s critical water infrastructure”, on securitymagazine. It addresses how utilities are transforming by incorporating information technology (IT) and operational technology (OT) into their management and operations to assist with meter reading, leak detection, and other operational goals. Additionally, control systems manage chemical feeds, pumps and other aspects of water treatment and movement. Unfortunately, the adoption of new technologies gives a passage for new attacks which have the potential to interrupt and cause inconvenience to water supply and wastewater treatment, impact public health and the environment, undermine the economy, and put our national security at risk. In fact, Dragos, a cybersecurity firm, reports hundreds of ICS incidents over the last decade across multiple sectors. According to a June survey report by the Water Sector Coordinating Council, 40% of utility managers do not address cybersecurity in their risk management plans. The article asserts that recent ICS attacks could have likely been prevented by “limiting access to sensitive systems, not sharing passwords, and removing access for former employees.” Furthermore, it suggests investing in cybersecurity and building a culture of cybersecurity awareness by updating equipment, modern business applications, hiring of cybersecurity professionals, and regular staff training on best practices, and participating in information-sharing networks. The article brought to my attention a four-step methodology for “preventing sabotage” known as the Consequence-driven Cyber-informed Engineering (CCE).
How the CCE works:
– “CCE begins with the assumption that if a critical infrastructure — a water system or power plant, for instance — is being targeted by highly skilled adversaries, then the target will be sabotaged.
1. Created by Idaho National Laboratory (INL), the methodology first examines where failures could occur and then looks at adversaries’ capabilities. …
2. This is followed by a discussion of how an attack might take place.
3. The final phase has the target evaluating changes to mitigate at the time of the attack”
Link to article: https://www.securitymagazine.com/articles/96263-combatting-security-threats-to-our-nations-critical-water-infrastructure
NIST CSF in the AWS Cloud
NIST CSF represents a set of cybersecurity practices, outcomes, and
technical, operational, and managerial security controls (referred to as Informative
References) that support the five risk management functions – Identify, Protect, Detect,
Respond, and Recover
Governments, industry sectors, and organizations around the world are increasingly
recognizing the NIST Cybersecurity Framework (CSF) as a recommended cybersecurity
baseline to help improve the cybersecurity risk management and resilience of their
systems. This paper evaluates the NIST CSF and the many AWS Cloud offerings public
and commercial sector customers can use to align to the NIST CSF to improve your
cybersecurity posture. It also provides a third-party validated attestation confirming AWS
services’ alignment with the NIST CSF risk management practices, allowing you to
properly protect your data across AWS.
Link:
https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework_CSF.pdf
“This new ransomware encrypts your data and makes some nasty threats, too”
Cybercriminals are distributing a new form of ransomware which is called Yanluowang to attack victims. They will not only encrypt the network, but also threaten to launch a distributed denial-of-service (DDoS) attack without paying the ransom. Harass employees and business partners. Yanluowang sent a ransom letter to the victim, telling the victim that they had been infected with ransomware, and told them to send a contact address to negotiate payment of the ransom. They will call employees and business partners. They also suggest that if the victim does not cooperate, they will return an additional attack or even delete the encrypted data, so it is lost forever.
https://www.zdnet.com/article/this-new-ransomware-encrypts-your-data-and-makes-some-nasty-threats-too/