Author: rescue@crimefire.in

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
https://www.nist.gov/news-events/news/2023/03/your-cybersecurity-strategy-falling-victim-these-6-common-pitfalls
Here’s a pop quiz for cybersecurity pros: Does your security team consider your organization’s employees to be your allies or your enemies? Do they think employees are the weakest link in the security chain? Let’s put that last one more broadly and bluntly: Does your team assume users are clueless? 
Your answers to those questions may vary, but a recent article by National Institute of Standards and Technology (NIST) computer scientist Julie Haney highlights a pervasive problem within the world of computer security: Many security specialists harbor misconceptions about lay users of information technology, and these misconceptions can increase an organization’s risk of cybersecurity breaches. These issues include ineffective communications to lay users and inadequately incorporating user feedback on security system usability. 
“Cybersecurity specialists are skilled, dedicated professionals who perform a tremendous service in protecting us from cyber threats,” Haney said. “But despite having the noblest of intentions, their community’s heavy dependence on technology to solve security problems can discourage them from adequately considering the human element, which plays a major role in effective, usable security.”  
The human element refers to the individual and social factors impacting users’ security adoption, including their perceptions of security tools. A security tool or approach may be powerful in principle, but if users perceive it to be a hindrance and try to circumvent it, risk levels can increase. A recent report estimated that 82% of 2021 breaches involved the human element, and in 2020, 53% of U.S. government cyber incidents resulted from employees violating acceptable usage policies or succumbing to email attacks. 
Haney, who has a comparatively unusual combination of expertise in both cybersecurity and human-centered computing, wrote her new paper, “Users Are Not Stupid: Six Cyber Security Pitfalls Overturned,” to help the security and user communities become allies in mitigating cyber risks.  
“We need an attitude shift in cybersecurity,” Haney said. “We’re talking to users in a language they don’t really understand, burdening them and belittling them, but still expecting them to be stellar security practitioners. That approach doesn’t set them up for success. Instead of seeing people as obstructionists, we need to empower them and recognize them as partners in cybersecurity.” 
The paper details six pitfalls that threaten security professionals (also available in this handout), together with potential solutions:  
Haney stressed that not all security professionals have these misconceptions; there are certainly security teams and organizations making positive progress in recognizing and addressing the human element of security. However, these misconceptions remain prevalent within the community. 
Haney said that though the issue with neglecting the human element has been well known for years — her paper cites evidence from industry surveys, government publications and usable security research publications, as well as her research group’s original work — there is a gap between research findings and practice. 
“There has been a lot of research into this issue, but the research is not getting into the hands of people who can do something about it. They don’t know it exists,” she said. “Working at NIST, where we have a connection to all sorts of IT experts, I saw the possibility of bridging that gap. I hope it gets into their hands.”
Paper: Julie Haney. Users Are Not Stupid: Six Cyber Security Pitfalls Overturned. Cyber Security: A Peer-Reviewed Journal. March 2023.  
Webmaster | Contact Us | Our Other Offices

source

WASHINGTON—Subcommittee on Cybersecurity, Information Technology, and Government Innovation Chairwoman Nancy Mace (R-S.C.) will hold a hearing titled “Unpacking the White House National Cybersecurity Strategy” to delve into the cybersecurity strategy the Biden Administration released on March 2^nd. The strategy is intended to be a road map to strengthening federal cybersecurity and protecting Americans’ sensitive information.
“It is crucial to protect Americans from hackers and cybercriminals and defend against emerging threats and malicious actors. We look forward to hearing from the top White House cybersecurity official how this plan will help protect the nation’s critical infrastructure from bad actors like China, Russia, and North Korea; effectively partner with industry to increase cybersecurity standards, and ensure government systems are secure so that citizens’ confidential data remains safe,” said Subcommittee Chairwoman Nancy Mace.
WHAT: Hearing titled “Unpacking the White House National Cybersecurity Strategy”
DATE: March 23, 2023
TIME: 2:00 PM EST
LOCATION: 2154 Rayburn House Office Building
WITNESS: Kemba Walden, Acting Director, Office of the National Cyber Director
The hearing will be open to the public and press and will be livestreamed online at https://oversight.house.gov/.

source

Get a snapshot of the issues affecting the IT industry twice a week straight to your inbox

Follow us @informationweek to stay up-to-date with the latest news & insider information about events & more

Get a snapshot of the issues affecting the IT industry twice a week straight to your inbox

Follow us @informationweek to stay up-to-date with the latest news & insider information about events & more

Get a snapshot of the issues affecting the IT industry twice a week straight to your inbox

Follow us @informationweek to stay up-to-date with the latest news & insider information about events & more
As the metaverse advances and the difference between a cyber existence in the metaverse and current “real life” becomes less defined, the potential for malicious actors to perpetrate a range of criminal activity is likely to grow.

Currently, a growing issue concerns cyber-physical security, where digitally connected assets can be used to create physical acts of crime or terrorism — think Colonial Pipeline, Stuxnet, and others.

In the metaverse, such crimes could be easier to perform and potentially acted out on a much larger scale.

As these threats grow more concrete, governments and international law enforcement agencies are working on plans to not only “police” the metaverse but use virtual worlds to train law enforcement agents.

“Because cybercrime has the potential to impact the population at large, there is clearly a role for governments and the public sector to police and set guidelines and policies,” says Bud Broomhead, CEO at Viakoo.

He points to efforts by the US Government in the past few years to establish mandates and provide information, including CISA’s Known Exploited Vulnerability catalog, as an indicator there will more involvement by governments in general to prevent cybercrime.

“International regulations should focus on the potential for the metaverse to be a venue to act out crime on a massive cross-border scale,” Broomhead says.

Gartner director analyst Tuong Nguyen says governments and regulatory bodies must understand the implications of an increasingly digital world to effectively regulate or put proper guidance in place.

“Outside of this, it’s mainly a political issue,” he says. “How is cybercrime handled today? If you committed a crime in country A, live in country B, while all the digital assets and transactions for the crime were hosted in country C, who has jurisdiction and why?”

From his perspective, this is an example of how the topic of crime in the metaverse still needs to be addressed.

“They are in fact issues that exist pre-metaverse and will only become more common and exacerbated with the metaverse era,” he says.

Nguyen says the risks of cybercrime in the metaverse are very similar to what we have today with the internet and digital spheres in general.

“The issue is perpetuated because we’ll be faced with an unprecedented amount and degree of exposure and interaction with digital content,” he says. “This includes crimes around fraud, data manipulation, and stalking.”

For example, currently, you may have an identity tied to your email account, but this is one of many accounts you have on the internet.

As we move toward the metaverse era, the idea is that many of these accounts (identities) are harmonized so you can manage them more effectively. 

“The upside is having more personalized experiences, the downside is potential fraud that targets the ‘main’ account, or persona, or avatar, or whatever you call it,” Nguyen says.

He points out individual companies have similar responsibilities they do today, but due to the volume of personal data, the risk is proportionally higher. “All these organizations need to understand the roadmap that is the metaverse in order to adapt their strategies accordingly,” he says. “Just like they had to do with the internet.”

Andrew Barratt, vice president at Coalfire, says a major issue concerns what must be done to ensure that forensic evidence can be retained or obtained by law enforcement.

“It is well known that in-game voice chat has often been used by criminals to organize and communicate due to it not falling into any of the traditional communications windows,” he explains.
He says if someone is committing offenses in a metaverse, law enforcement must be able to ensure the evidence can be collected and the appropriate authorities can make use of it in the jurisdiction it applies.

“My suspicion is that cyber criminals will continue to operate as they do today, and the only targeting of metaverse uses will be if they can extract something of value,” Barratt says.

Broomhead points out the metaverse is already being used for training, including what to do in an active shooter situation — and is proving to be more effective than other forms of training.

“Likewise, the metaverse has the potential to be used more extensively for cybersecurity awareness training,” he says. “With policing, it can potentially be a very powerful tool for simulating, modelling, and assessing potential threats at a much high speed and more thoroughly than current approaches allow.”

In that way it can significantly reduce the “black swan” type events by assessing and judging even very unlikely situations for their potential cybercrime impact. 

Interpol secretary general Jurgen Stock recently said the global police agency is investigating how the organization could police crime in the metaverse — an endeavor that would also include agent training within virtual worlds.

“This is a start,” Nguyen says. “I’d like to see more organizations consider the broader aspect of the metaverse — not just VR. Most organizations are overly focused on VR and trying to force-fit value or a use case and missing on the broader potential benefit.”

For example, how would collaborative (multi-sourced) information help police do their job better.

“Maybe different sensor and sensing data in the environment, or near-real time video and content of an environment to help police make better informed decisions because they have a holistic view of the situation,” Nguyen says.

How to Tackle Cyberthreats in the Metaverse
How CIOs Can Prepare the Enterprise for the Metaverse
10 Ways IT Can Get Ready for the Metaverse
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

Deborah Klein thought she bought a safe and guaranteed investment through an online site, but as it turns out, it was an elaborate scam.
"To save that $100,000 it took working eight years, three days a week," Klein tells CTV News Ottawa, as she looks through stacks of paperwork representing a more than two-year record of her loss. "To put to my retirement and now it’s gone."
In April 2021, Klein was looking to invest a portion of her retirement to help with the cost of living. After conducting a search online, she thought she found what she was looking for.
"This GIC came up for Canada Life," Klein says. "Everybody knows Canada Life, it has been around for ages. I was in finance and I remember doing payrolls with benefits and everything."
Klein downloaded a detailed brochure to research and decided on a guaranteed investment certificate that offered a return of 3.13 per cent on a four-year term.
"I didn’t know it was a fake brochure and they asked you to leave an email and your name and they will get in touch," says Klein, which they did. "They said you have to talk to an advisor, so I talked to an advisor and they said you have to prove who you are, prove that the money is not used for laundering, then the application contract and then they get you to do the wire."
To Klein, this all seemed legitimate. She says she researched the company and saw it had recently purchased an Ireland-based firm. That made sense to her because the representatives she spoke with had an Irish accent.
Three weeks after she made the large-sum money transfer, it was pointed out to her that it may have been a fraud. 
And it was.
The website Klein had been navigating that whole time was a spoof, a cloned knockoff, designed to look identical and legitimate.
It’s a problem afflicting many financial institutions. 
"A spoof website … has the same logo as your bank or an insurance company or financial services organization that sells products, the graphics look spot on, the copy is professionally written, no errors," technology analyst Carmi Levy said.
"And unfortunately they are very, very good to the point that even if you do do your due diligence it can be very difficult to tell the differences between these not legitimate resources and a legitimate bank or institution."
In a statement, a spokesperson with Canada Life said that the company is aware of this incident and are deeply troubled by the distress it has caused.
"Our financial industry partners work closely with regulators and the authorities on these issues when they arise to protect consumers from becoming victims."
Which is getting more difficult each day. Cyber crimes are surging and in 2022, the Canadian Anti-Fraud Centre reported more than $500 million in losses, the majority are considered to be financial investment fraud.
"It’s devastating to see how much loss is occurring and how much funds are leaving Canada and being laundered overseas," OPP Det.-Const. John Armit said.
"We’re seeing with these investment scams where the fraudsters are using professional money mules and money launderers to move the funds out of Canada overseas,  which makes it difficult for law enforcement to investigate and get the funds back."
Armit says if you are a victim of cyber fraud, it’s important to call local police immediately. In some circumstances, overseas wire transfers can actually be reversed.
"Canada is trying to do its part to investigate these frauds but it’s limited on what reach we have around the world," said Det.-Const. Armit, adding that prevention begins with cyber awareness.
"Go to the Ontario Securities Commission or your local securities commission and look up are they registered and that will give you an indication of it they are legit or not."
Fraud continues to increase in #Ontario as new scams and schemes appear every day. Follow the #OPP and @canantifraud throughout March to learn about the latest scam techniques, get to #kNOwfraud and learn how to better protect yourself and your family. pic.twitter.com/lHM74qu1LB
Levy says there are some key indicators to prevent being victimized by cyber scams.
"The biggest mistake that people are making is that they are searching for things online then clicking those links … never Google search for financial products," Levy says.
"What you should be doing is going right to the main homepage of the bank or the insurance company or the financial services institution that you know and trust and take a closer look at the address of the website itself and then put it up to the actual website of the organization that you think you are dealing with.
"Read it very carefully, look for any differences in letters, maybe an additional letter or so, or it isn’t the same domain or they added something to the domain and then when you are messaging back and forth with these individuals look for the email addresses that they are using. Are these the email addresses from the domain of the institution? Criminals are raising their game; they are investing more and using increasingly sophisticated tools."
Klein says her investment is likely gone, but wants to share her story as a cautious tale to prevent others from making the same mistake.
"In the old way, you would go there and bring the money in person. So I’m saying, be careful out there, it’s really bad," Klein says. "Really make sure before you make any investments because you don’t want to go through what I did, it’s devastating.”
U.S. President Joe Biden arrived Thursday evening in Ottawa for a whirlwind 27-hour visit expected to focus on both the friendly and thorny aspects of the Canada-U.S. relationship, including protectionism and migration on both sides of the border.

Canada and the United States are negotiating a deal that could see asylum seekers turned back at irregular border crossings across the border, including Roxham Road in Quebec.

As the federal government looks to renegotiate the Safe Third Country Agreement with the U.S., an eastern Ontario mayor says his city needs more help from Ottawa to deal with the influx of asylum seekers arriving through irregular crossings like Roxham Road.

Amid renewed questions over the pervasiveness of alleged interference by China in Canadian elections and affairs broadly, opposition MPs voted Thursday afternoon to affirm a parliamentary committee's call for the federal government to strike a public inquiry.

Five mischievous boys had to be rescued after they crawled through a storm drain tunnel in New York City and got lost, authorities said.

A majority of Canadians have seen a mistake on their grocery receipts in the last year, according to a new survey conducted by Agri-Food Analytics Lab at Dalhousie University.

An asteroid discovered just last week will pass closer to the Earth than the orbit of the moon this weekend, an occurrence so rare it happens only once in a decade, according to NASA.

The number of Canadians receiving employment insurance benefits are at record lows and down 44 per cent from last year, new figures from Statistics Canada show.

Two Kanien'keha:ka (Mohawk) sisters from Montreal are on a mission that is close to their hearts: to save their ancestors' first language by developing video games young and old can play.

The Tim Houston PC government remains firm in their promise they'll fix the health-care system by spending more taxpayer money on health than any previous government before.

A couple in Shepody, N.B., has lost everything after their home was destroyed by fire Wednesday afternoon.

Potato farmers on Prince Edward Island are taking the federal government to court due to the decision to restrict the movement of P.E.I. seed potatoes.

The Ontario government says it is on track to balancing the budget by 2025 despite having the largest spending plan in the province’s history.

Pharmacists in Ontario are being given the power to prescribe new medications.

An Ontario man said he was shocked when his truck was stolen not once but twice, and the second time it was taken he was surprised to discover he was no longer covered for theft.

For the first time, the owner of a building in Old Montreal has responded to questions about the fire — through his lawyer — addressing allegations that the building was unsafe.

The political class at the National Assembly has condemned the 'violent' and 'hateful' remarks that columnist Gilles Proulx allegedly made about Quebec solidaire MNAs during Richard Martineau's show on Qub radio in recent weeks.

The RCMP arrested an 18-year-old Montreal man Thursday on allegations he was going to commit a terrorism offence based on a tip from the FBI.

Fire crews were called to the scene of an active fire in the Greater Sudbury community of Chelmsford Thursday evening.

The second-degree murder trial of Robert Steven Wright resumed briefly Thursday morning, with the defence formally wrapping up its case.

The co-owners of a new liquidation store in North Bay, Samuel Quesnel and Chloé Boivenue, say they want to bring a treasure hunt shopping experience to the city.

The new provincial budget features items specific to southwestern Ontario, including a new English public elementary school in London, Ont. that will serve 556 students and include 88 licensed childcare spaces.

A young Strathroy, Ont. man believes there's a promising way forward in the effort to fight his disease. But, he's being told, right now, that path isn't open to him. Friends and family are stepping up to try and make a case for Kyle McPhee to receive immunotherapy treatments.

A special weather statement is in effect across southwestern Ontario. Environment Canada said freezing rain and strong winds are possible Saturday.

Mounties in Lac du Bonnet have recovered a gun stolen more than two years ago from an RCMP officer's home in Winnipeg.

Manitoba First Nation police have arrested a man connected with a shooting on March 19 on Long Plain First Nation that resulted in the community going on lockdown.

Manitoba’s labour force is growing at a rate to supply enough workers for available positions into 2026, according to the province’s labour market outlook.

The ‘Catch the Ace’ jackpot is still up for grabs in Hagersville. There was no winner Thursday night so the total prize money is now an estimated $1,526,067.

The resurrection of Zellers is officially underway with the Cambridge location opening its doors to eager shoppers who lined up ahead of the store's official reopening.

A restaurant in Ayr, Ontario wants to warn others in the industry about what they believe to be a fake catering scheme.

The City of Chestermere staff member charged with assaulting another staff member pled not guilty Thursday.

The Alberta Energy Regulator has cited an energy company for causing a series of earthquakes, including the largest recorded tremblor in the province's history.

Calgary police say $1.6 million worth of cocaine was seized from a New Brighton home earlier this month.

An alleged victim of a former staff member of Legacy Christian Academy can now be identified after she successfully petitioned in court to have a publication ban lifted.

In the weeks leading up to Wednesday’s provincial budget, school divisions in Saskatchewan were expecting funding levels to increase, with the province repeatedly touting its $1 billion surplus.

Closing arguments are set for next week in the first-degree murder case of a man accused of killing his girlfriend.

The Alberta Energy Regulator has cited an energy company for causing a series of earthquakes, including the largest recorded tremblor in the province's history.

The homicide section is now investigating the death of a 43-year-old woman found on Whitemud Drive earlier this week.

Edmonton Police Service investigators believe the 16-year-old boy who fatally shot two EPS officers is the same person who shot a Pizza Hut employee.

Security cameras have captured a woman smearing and throwing human feces at a downtown Vancouver building more than once this month.

Following a court appearance Thursday, a B.C. woman facing more than 20 charges – including manslaughter – in connection with alleged druggings of men who used escort services was remanded into custody.

The man killed in West Vancouver earlier this week was a retired urologist who was involved in several legal disputes over valuable real estate, CTV News has learned.

The Mayor of Regina calls tourism slogans that were rolled out as part of a rebrand last week “sexist” and “wrong.”

A recent report from the province’s privacy commissioner says the Métis Addictions Council of Saskatchewan Inc. (MACSI) failed to take appropriate steps after patient treatment files were discovered in a recycling bin.

A location for the site of the new joint-use Harbour Landing Elementary School has been confirmed.

CTV News Programs
Local News
© 2023 All rights reserved. Use of this Website assumes acceptance of Terms & Conditions and Privacy Policy

source

Climate Change
Global Climate Agreements: Successes and Failures
Backgrounder by Lindsay Maizland November 4, 2022 Renewing America
Myanmar
Myanmar’s Troubled History
Backgrounder by Lindsay Maizland January 31, 2022
Health
How Tobacco Laws Could Help Close the Racial Gap on Cancer
Interactive by Olivia Angelino, Thomas J. Bollyky, Elle Ruggiero and Isabella Turilli February 1, 2023 Global Health Program
Ukraine
How Does the War in Ukraine End
Virtual Event with Philip M. Breedlove, Charles A. Kupchan and Alina Polyakova March 15, 2023
Social Issues
Social Justice Webinar: Social Safety Nets
Virtual Event with Chris Howard, Chris Howard and Arohi Pathak February 23, 2023 Religion and Foreign Policy Webinars
Americas
C.V. Starr & Co. Annual Lecture on China: Frayed Relations—The United States and China
Virtual Event with Ivan Kanapathy, Bonny Lin and Stephen S. Roach February 13, 2023 C.V. Starr & Co. Annual Lecture on China
As George Orwell might have said, when it comes to understanding the impact of cyber threats in different parts of the world: all regions are equal, but some are more equal than others. No region can afford to be complacent about cyber threats from criminals, “hacktivists,” or hostile states. Developing countries such as those in Latin America are expected to respond effectively to cyber threats, but so far the global cybersecurity debate has neglected some of the structural factors that make this difficult.
While cybersecurity in the region made headlines last year, after a pair of ransomware attacks on Costa Rica crippled the country’s medical, government, and commercial systems, too often the issue does not get the attention it deserves–both internationally and across the region. Recent reporting about an alleged ransomware attack suffered by the government of Saint Kitts and Nevis demonstrates that the problem isn’t going away.
More on:
Cybersecurity
Latin America
Structural barriers to a global conversation
There are at least three reasons why the region is overlooked. First, there are few incentives for threat intelligence companies to prioritize Latin America over larger markets. Second, there is a tendency in cybersecurity to focus only on high-visibility threat actors, rather than emerging ones. Third, disparities in development across the region mean that the cybersecurity needs of different countries can vary significantly.
These and other factors combine to produce an incomplete picture of threats and vulnerabilities in Latin America–all of which adds to the lack of political notoriety the agenda has received regionally. While technical cooperation has indeed increased through activities at Latin America and Caribbean Internet Address Registry (LACNIC), Organization of American States (OAS) and others, political initiatives remain ad-hoc and country-based. If Latin America is to take cybersecurity seriously, it needs to invest in a concerted dialogue for sustainable development with cyber at the heart of it. But dealing with structural challenges will also require better understanding of the threat landscape both from within and outside the region.
How can we raise the profile and political priority of cybersecurity in the region despite these barriers? What should countries in Latin America (and others) do to improve cybersecurity and resilience?
Cyber insecurity in Latin America
More on:
Cybersecurity
Latin America
The fact is that the region faces many of the same cyber threats as others, ranging from apparently global hackers-for-hire to groups more ostensibly aligned to the interests of specific states with strategic interests in the region. This is unsurprising, as the region’s relatively peaceful inter-state relations do not reduce the perennial temptation of states to spy on each other–and, as recent history has shown, on their citizens.
It is neither new nor rare for Latin America’s governmental and other sectors to be targeted in cyberspace.  Threat actors have been operating in the region for many years now–both those that originate from the region and those based outside it. Chinese and North Korean groups have been targeting the region’s governments, nongovernmental organizations, and private companies reportedly since 2017–and other groups such as Dark Caracal and El Machete have reportedly been active in the region since at least the early 2010s.
And yet, unlike more developed countries, many of the region’s governments are ill-prepared and under-resourced to deal with the growing costs and wider impacts of these incidents. 
A very public example of the inadequacy of current governmental safeguards was the widely-reported Guacamaya hack-and-leak campaign in October 2022. This campaign targeted several defense and security institutions throughout Latin America, including revelations about a large surveillance program run by the Mexican government. The apparent ability of so-called ‘hacktivists’ to break into what should have been highly-secure defense and national security systems demonstrated that governments and citizens alike are vulnerable in this domain.
More can and should be done, systematically, to integrate existing knowledge and expertise within the region to counter cyber insecurity.
Progress in adversity
The Organization of American States (OAS) was the first regional body in the world to start developing a cyber strategy, in 2003. It remains a key player in regional cybersecurity capacity-building and an important point of contact for donor states, non-profits, and others to contribute to cybersecurity initiatives in Latin America. But implementing a coordinated approach to improving cybersecurity is hard enough domestically, let alone at the regional or global level–especially in a region with such varying levels of digitalisation and development.
Fast forward two decades since the region’s first cybersecurity efforts and it is still grappling with institutional and political barriers to enhancing cybersecurity. According to the International Telecommunications Union (ITU) Global Cybersecurity Index (GCI): twenty eight countries in the region provided no incentives to improve private sector cybersecurity (only Africa ranked lower regionally); seventeen countries lacked a national cybersecurity strategy that addressed critical infrastructure and resilience; and fourteen countries lacked a national computer incident response team.
Some progress has been made, but outcomes are very uneven. Brazil has jumped from 70th to 18th in the ITU GCI, after having passed a data protection law, established a data protection authority, and developed a national cyber strategy. Other countries in the region, however, such as Bolivia (140^th) and Nicaragua (165^th), slid even further down the other end of the table. And, as repeated hacks of public and private sector networks in Brazil demonstrate, neither institutional nor policy developments are in themselves sufficient to protect citizens and consumers from cybercrime.
As incidents like the ransomware attacks on Costa Rica’s government systems have demonstrated in the last year, not only are there still severe capacity gaps that leave countries in the region exposed to serious threats, but the region also features increasingly prominently as a target.
Latin American countries’ pathways to cyber resilience are far from linear. Despite challenges, they have nonetheless reaffirmed their commitments to norms for responsible state behavior in cyberspace, nine of them acceded to the Budapest convention that enhances mechanisms for transnational cooperation in fighting cybercrime, and OAS member states have agreed on a series of Cyber Confidence Building Measures since 2017 that seek to promote greater exchange of information on initiatives and incidents from across the region.
These initiatives are commendable and welcome, but also insufficient to the challenge. The region’s continuing trend of major governmental cyber crises is strong evidence that coordinated effort at the national and regional levels must be intensified. Part of the solution is to better understand what has worked–and what has obstructed further progress–in the region’s 20 years of cyber capacity-building experience.
Getting priorities straight
Latin America cannot solve its cyber insecurity on its own, nor should it face it alone. The region’s most cyber-capable countries, such as Brazil and Chile, should embrace a more active leadership role improving regional cybersecurity cooperation, including through the OAS as the region’s pre-eminent cyber capacity-building forum. Welcome initiatives would include more integrated threat-information sharing and incident response assistance, as well as better inclusion of the region’s non-profits and local companies in the field. There are global networks of expertise and assistance, but raising the political prioritisation of cybersecurity must start within the region itself and be sustained with strategic patience.  
Beyond governmental efforts, think tanks and academia should develop a public repository of incidents, bibliographies–such as the one produced by the Latin American Cybersecurity Research Network–and bring the region’s existing expertise into wider global conversations in cooperation with other sectors. These would be the next steps in raising the profile and real-world impact of cyber research produced in Latin America.
The region stands to benefit significantly from expanding digital access and skills. That is true in social interaction, economic activity, and the provision of public services. But improved cybersecurity must be an integral feature of this process, or else the darker side of cyber insecurity will continue to blight the region’s citizens, consumers, companies, and governments. Closing the region’s cybersecurity gaps will require re-invigorated governmental leadership, but it will only succeed through coordinated effort with other stakeholders, and deeper cyber awareness amongst policymakers, legislators, companies, and civil society.
 
Louise Marie Hurel is a Research Fellow at the Royal United Services Institute for Security and Defense (RUSI), PhD Researcher at the London School of Economics and Political Science, and founder of the Latin American Cybersecurity Research Network (LA/CS Net).
Dr. Joe Devanny is a Lecturer in the Department of War Studies at King’s College London and currently a British Academy Innovation Fellow.
The views expressed in the article are solely the authors’ and do not necessarily reflect the viewpoints or opinions of organizations they are affiliated with.

source

Use the CRI to assess your organization’s preparedness against attacks, and get a snapshot of cyber risk across organizations globally.
Content added to Folio
Risk Management
With phishing attacks at an all-time high, phishing as a service (PhaaS) is turning this once-skilled practice into a pay-to-play industry. Understanding the latest attack tactics is critical to improving your email security strategy.
By: Jon Clay March 02, 2023 Read time:  ( words)
Save to Folio
According to Verizon, 78% of organizations experienced email-based ransomware attacks in 2021, with 15 million phishing messages containing malware being directly linked to later-stage ransomware. The arrival of the COVID-19 pandemic saw a dramatic rise in phishing attacks, with Trend Micro data showing a whopping 137.6% growth in 2020 alone.
Part of the proliferation of email-based attacks can be linked to the rise in the growing trend of the overarching notion of crime as a service (CaaS). Comprised of malicious actors with different specialized skills, these expert crime groups include ransomware as a service (RaaS), access as a service (AaaS), and most recently PhaaS.
While email remains to be the most common initial attack vector for cybercriminals, due to ease in nature, phishing attacks cost enterprises nearly $15 million USD annually. This is due to phishing attacks evolving in such a short period of time from simple advanced-fee scams to sophisticated advanced social engineering made possible by PhaaS. Effective attack surface risk management (ASRM) must start with proactive defense of initial attack vectors.
Learn more about crime as a service (CaaS) groups:
What is phishing as a service (PhaaS)?
Like RaaS or AaaS, this attack technique allows virtually anyone with even an entry-level knowledge of the cybersecurity landscape, to benefit from a phishing attack—often monetarily and often via email-based entry. Cybercriminals act as a “service provider” on behalf of others in exchange for a payment (often as little as $15 USD a day) and/or a portion of a ransomware payout. Alternatively, wannabe scammers can purchase a “phishing kit” for as little as a flat $40 USD fee (with some providers reportedly offering even steeper discounts as part of Black Friday deals).
These kits include the capabilities and tools required to launch a phishing attack, often including email templates, spoof website templates, contact lists of potential targets, detailed instructions on how to execute an attack, as well as access to “customer support.”
New technology like ChatGPT makes phishing more accessible. The AI chatbot has already proven its ability to write emails indistinguishable from a human, with perfect spelling and grammar as well as faster turnaround to news being shared publicly. Also, its built-in translation capabilities enable attackers with limited English skills to “write” convincing, high-quality phishing emails.
As reported by CNBC, Cody Mullenaux, a 40-year-old small business owner from California, was scammed out of more than $120,000 USD from a team of cybercriminals operating off of a phishing kit.
While banks in the United States of America are required to reimburse stolen funds to customers during such attacks, the Electronic Fund Transfer Act that governs these laws does not protect victims of wire-transfer scams, leaving Mullenaux unable to recoup his losses.
As shown by Cody Mullenaux’s case, PhaaS has made access to ransomware attacks more accessible than ever by removing the barrier of entry for malicious actors. This means more cybercriminal activity and an increased chance of your company falling victim.
Email security best practices
With the new threat of PhaaS only exasperating what was already a ransomware epidemic, your organization requires more than just native email security. A layered security approach, integrated with a broader platform, is your best defense against targeted threats. In 2021, Trend Micro detected and blocked over 33 million malicious emails that slipped past native defenses.
A typical layered security approach combines these four tactics to thwart attacks and mitigate cyber risk:
1. Email gateway
To protect your employees and your assets from potential attacks above and beyond native defenses, you need advanced filtering and protection. An email gateway featuring defenses powered by artificial intelligence (AI), machine learning (ML), and behavioral analysis within a single dashboard will reduce manual tasks for overstretched security teams. AI-assisted capabilities like authorship analysis (ex. Writing Style DNA) study the writing style of your company’s management team and can flag suspected spoof emails before they reach your employees.
2. Cloud app security
When it comes to the evolving world of cybersecurity, 100% protection does not exist. For those instances where a malicious email does penetrate defenses, Cloud Application Security Broker (CASB) will remove the flagged communication from all mailboxes across the environment. In addition, advanced CASB tools can prevent compromised email accounts from spreading phishing messages to other employees and peers.
3. Education
Phishing simulations like Trend Micro™ Phish Insight provide you with the tools to educate and test your users on the latest methods used in the most common phishing campaigns. These real-world simulations make use of templates extracted from actual phishing scams.
4. Secure web gateway (SWG)
By inspecting traffic between employees and the internet, an SWG uses ML to identify spoof websites that have the ability to spread ransomware across your organization. The addition of an acceptable use policy (AUP) can further mitigate risk by restricting access to any unsanctioned apps where users are asked to input personal information.
Next steps
Leveraging a layered security approach that is a part of a unified cybersecurity platform and backed by broad third-party integrations and extended detection and response (XDR) capabilities provides your team with high-resolution visibility and reporting capabilities. This allows for greater visibility across your attack surface, so you can better detect and respond to even the stealthiest phishing attacks.
Jon Clay
VP, Threat Intelligence

source

Dismissing the anticipatory bail of a man booked in an online fraud case, the Punjab and Haryana High Court has said that it was unfortunate that the “maximum number of cyber criminals operate” from India, “bringing a terrible name to the nation”.
The petitioner-accused, Mohammad Jubair, had been arrested for his alleged involvement in an online fraud wherein he allegedly pretended to be working for an insurance company and duped the complainant, who works in the Central Reserve Police Force, of Rs 14,46,662.
Hearing the petition on February 22, the bench of Justice Anoop Chitkara said, “Besides being middle-aged or old, most victims are simple, honest, and truthful people who believe these thugs [fraudsters] to be like them. They do not know any technology except some basic features of smartphones, and this little knowledge makes them vulnerable to cyber-thugs. Unfortunately, the maximum number of cyber criminals operate from our country, bringing a terrible name to the nation.”
The counsel for the state opposed the bail and stated that the petitioner’s custodial interrogation is required to trace the other accomplices and recover the money. He submitted that if the investigator gets evidence against those accused, who have been granted bail, the state shall file applications to cancel the bail orders.
After an FIR was registered in March 2022 at Pehowa police station in Kurukshetra district under Section 420 (cheating) of the Indian Penal Code – charges under several other IPC sections were subsequently added – a police investigation revealed the involvement of other accused, allegedly from Noida-based Haxar Insurance Service Private Limited company.
The investigation further revealed that the call centre operated by the company would allegedly target unsuspecting people and get money from their accounts transferred into accounts in the states of Chhattisgarh and Telangana. The investigation further pointed towards the involvement of Jubair after Rs 1,17,170 was transferred into his account from the account of co-accused Rishikesh Tiwari.
Hearing the matter, the high court held, “The modus operandi of these call centre thugs is that operating in a pack, one gets in touch with a vulnerable suspect through malicious links sent through phishing or by making calls on their numbers. They get access to these numbers from the dark web, where another set of criminals keeps selling people’s personal information, like their mobile numbers, e-mails, and even Aadhaar numbers, bank account details, PAN, passport details, date of birth, etc. They interact as per a specifically designed transcript. After taking such victims in confidence, they would pass on the call to their accomplices by referring to them as their managers.”
Justice Chitkara added, “Whenever these thugs find that the victim is slipping away, they bring another gang member by referring [to] them as a senior manager, who would again entrap the person. They also prefer female gang members to speak to the male victims. They work and operate in criminal conspiracy and target to siphon money from the victim’s accounts. All these thugs who attend such calls or become instrumental in the cycling of the funds, prima facie, are fully aware of the motive and style of the gang’s operations, which is to rob the susceptible victim of as much money as possible and continue to do so until such a person runs out of liquidity.”
The high court said that prima facie, there is sufficient evidence to connect the petitioner with the proceeds of crime and his operating as a conduit and an active member of gangs of cyber fraudsters. “The evidence indicates that the petitioner and his accomplices operate as online thugs. The sly way the petitioner’s accomplice, in connivance of the petitioner and other thugs, conned, tricked, deceived, swindled, and defrauded the gullible complainant pointed out the dangerous indicator that the thugee [fraud] has revived, and if not sternly dealt with now, it might upsurge, revisiting the history,” the court added.
Dismissing the bail plea, the high court said Jubair’s custodial interrogation is required to find out the involvement of other co-accused and the role of the management of the company.
The high court also made it clear that in case the investigator finds sufficient evidence connecting those accused who have been granted bail, it shall be permissible to file an application for cancellation of such bail by referring to such evidence.
Bengal bypoll: Blow to TMC, Congress wrests Muslim-dominated bastion



Jagpreet Singh SandhuJagpreet Singh Sandhu is a senior correspondent with The Indian Expres… read more

source

The drive towards a more digital future is key to the prosperity of manufacturing. However, digital transformation heralds a new era of connectivity which brings with it rising levels of cyber vulnerability. Indeed, the last few years has seen manufacturing overtake financial services as the most cyber attacked industry. Joe Bush reports.
With over 11 billion IoT devices worldwide in 2021 (rising to an estimated 29 billion by the end of the decade), we’re certainly no strangers to connectivity and the potential dangers of poor cyber security or hacking. While in years gone by the family PC may have been the only internet connected device in the house, now the average home can boast lights, speakers, phones, games consoles, children’s toys, cars and even fridges and washing machines as being smart, internet connected devices.
This is great for making our lives easier and more entertaining, but every connected device represents an avenue of attack for malicious actors with mischief in mind or devious designs on our data. By the end of 2021, cyber attacks cost the global economy an estimated $6tn, a figure which is estimated to almost double by 2025. Of course, cyber crime is nothing new, and we as consumers have long been aware of best practice around making our devices safe and secure, whether that be through firewalls, anti-virus software or password authentication.
However, what of manufacturing? A sector that in some instances is still in the early stages of digital transformation and as such, is perhaps not fully aware of the dangers that can be ushered through the doors of the plant or factory with the deployment of emerging, digital technology. To say nothing of the growing sophistication of the various threat actors at large.
There’s no doubt that smart factories, driven by technology, are the future of manufacturing and can lead to improved productivity and performance via increases in factory output, utilisation and labour productivity. This will also lead to the creation of a hyperconnected supply chain which offers a digital thread throughout the business and a real-time view of product lifecycles.

However, before manufacturers get too excited about digital transformation, it is vital that the cyber risks involved are known and understood, as Rob Hayes, Director at Deloitte explained: “To harness the business benefits and opportunities presented by technological developments, the cyber risks need to be better understood as many organisations are moving to a hyperconnected business without understanding the real risk to themselves and others.
“Hyperconnectivity increases the blast radius of an attack, which means that a cyber incident at a manufacturer is often not an isolated event. Compromising one area could impact the entire organisation, and consequently all of its business partners. Many incidents we have responded to have either been caused by or impacted other organisations in the supply chain. This can be detrimental for organisations with highly stringent quality assurance standards as their products risk being rendered completely unsellable.”
Back in 2018 a Make UK report highlighted the susceptibility of manufacturers to cyber risk, revealing that 41% of companies did not believe they had access to enough information to even assess their true cyber risk; 45% felt they did not have access to the right tools for the job; while 12% admitted they had no technical or managerial mitigation processes in place. This created a nervy environment where manufacturers were apprehensive about investing in digital technologies – and this back when manufacturing was only the third most targeted sector.
Fast forward and the events of recent years have shown how vulnerable manufacturing supply chains can be; a fact that has not gone unnoticed by cyber attackers. Downtime can be catastrophic within the manufacturing space, and that operational risk has been exacerbated by the challenges of the pandemic, war in Ukraine etc.. As such, a successful cyber attack has the potential to be seriously disruptive to manufacturing supply chains which are already under pressure.
Malicious actors are looking to capitalise on that vulnerability and it’s no surprise that 2021 saw manufacturing outpace the finance and insurance sectors in the number of cyber attacks for the first time in five years. Indeed, subsequent research late last year by Make UK, in partnership with Blackberry, revealed that nearly half of Britain’s manufacturers have been a victim of cyber crime over the last 12 months. Therefore, along with other challenges around energy and political instability, increasing cyber risk looks set to be one of the key business challenges of 2023.
To be cyber secure means constantly trying to hit a moving target. IBM’s X-Force Threat Intelligence Index 2022 shows that as defences grow stronger, malware gets more innovative. Attackers are increasingly using cloud-based messaging and storage services to blend into legitimate traffic, and some groups are experimenting with new techniques in encryption and code obfuscation to go unnoticed.
And in the world of connected supply chains, it may even be business partners who put you at risk. Triple extortion is an increasingly popular tactic of encrypting and stealing data, while also threatening to expose the data publicly and engage in a distributed denial of service (DDoS) attack against the affected organisation, unless a ransom is paid.
Ransomware gangs are also looking to their primary victim’s business partners to pressure them into paying a ransom to prevent their own data leakages or business disruptions caused by a ransomware attack.
Malware targeting Linux environments also rose dramatically in 2021; a surge that IBM predicts is possibly correlated to more manufacturing organisations moving into cloud-based environments, many of which rely on Linux for their operations.
Neil Matthews, Managing Director of MSP, a leading manufacturer of stampings and springs, claimed that the sector is currently falling short in terms of providing adequate protection against cyber attacks, and has urged manufacturers to start putting security at the top of their agendas both for themselves and their upstream customers.
He commented: “While cyber security affects every company in all industries, the manufacturing industry overall is particularly vulnerable, prone to cyber attacks and can face considerable challenges such as theft of IP.
“Malware and ransomware attacks are increasingly using sophisticated new tricks to infiltrate and exploit weaknesses. These attacks can result in a loss of competitive advantage, denial of access or damage to operational systems including production facilities. Significantly, it can also negatively impact a manufacturer’s trading reputation, leading to a loss of customers or suppliers.”
Manufacturing had a reported 23.2% share of cyber attacks and a further 33% increase in the number of incidents caused by vulnerability exploitations from 2020 to 2021. In that same period, 63% faced losses of up to £5,000, with 22% revealing a cost to their business of between £5,000 and £25,000. Neil added that with nearly half of British manufacturers having fallen victim to cyber crime since 2018, the industry can no longer adopt the notion that ‘it won’t happen to us’.
“As manufacturing businesses grow increasingly digital, it is now more important than ever that companies’ cyber security is just as proactive, because reactive improvements are too late, and damages will already have occurred.
“Vulnerabilities like single-layered protection, lack of firewall implementation, lack of protection to broadband connections and others can all be easily exploited by cyber criminals when the reality is that these vulnerabilities can be easily fixed and remote working infrastructures strengthened.
“The increasing tech-native nature of criminals, who have similarly adapted to the changing landscape of technology, and the lucrative nature of data, means that manufacturing experts agree that cyber security can no longer be taken for granted. Instead, we firmly believe it should become an integral element of all company’s strategies and plans for the future.”
There is certainly no silver bullet solution to cyber security issues, particularly due to its ‘moving target’ nature as mentioned earlier. However, as Rob explained, manufacturers can get off to a good start by adopting a ‘zero-trust’ security model and building incident response capabilities into their operations.
The level of connectivity within manufacturing organisations and the wider supply chain will continue to head in the same direction, and therefore, strong prevention, detection and response capabilities will be vital to reduce the negative impacts of hyperconnectivity and minimise the level of recovery required. Rapid recovery capabilities are also essential to limiting disruptions and getting operations back to the levels required for a viable business.
“Smart factories and digital supply networks need an approach that breaks down the perceptions of traditional ‘business-disabling’ cyber and brings them closer to something that is aligned with the principles of the digital supply chain,” said Rob. “We believe that the zero-trust security model could have significant potential, the core principle of which is ‘never trust, always verify’. The zero-trust model moves away from the traditional ‘perimeter-based’ concept that constrains business freedom, to one where trust is created between individual resources and customers.
“The zero-trust strategy is therefore uniquely placed to provide agility and scalability while minimising the costs and complexity of cyber management. This is important when moving to a borderless model where traditional technology boundaries no longer exist. It allows data to move freely as it interacts with the business across the digital thread. Accomplishing free movement of data is the prerequisite to realising a smart factory and its digital supply chain.”
We’re on a digital transformation journey and while cyber security is now on the agenda, we are some way off being an exemplar. We have put in place what we consider to be appropriate tools for our current systems, and these will be enhanced as we grow and implement our digital transformation strategy.
Greater connectivity will inevitably mean greater risk of attack, and this will be addressed as we build our next generation systems.
Cyber security has always appeared on MPE’s risk register but in recent years the consideration of this has become increasingly important. We now undertake an annual review of systems. This is carried out by an independent third party, so that we may gain the UK government approved Cyber Essentials certification. This certification is now required when bidding for and being awarded certain government funded work.
It is clear that in the future, cyber essentials certification or its equivalent will be increasingly demanded by clients. This alone means that manufacturers will have to invest a certain level of resource/time/ cost toward attaining and maintaining such accreditation. In addition, as more and more systems become reliant upon IT and digitally connected to the world outside the respective manufacturer, any negative impact from a cyber attack or event will become increasingly significant.
Cyber security has always been a top priority. However, this is increasing in our manufacturing processes as we adopt a more data driven approach. This is exemplified by our Digital Factories initiative which is delivering a new data-driven approach to design and manufacturing and building in secure by design from the outset.
The range of threats are increasing, so organisations need to be more aware and respond appropriately. That is why we are investing in our cyber capabilities and developing our Cyber Advantage product in the UK. We are also a National Cyber Security Centre Certified Cyber organisation and have a dedicated team of specialists making sure we deliver appropriate security across our organisation.
The cyber threat is going to increase as the drive towards increasing connectivity and use of data to drive efficiency continues. However, this presents opportunities for those organisations who adopt an approach to cyber security based around cyber resilience and secure by design, where security can act as a genuine business enabler and allow organisations to take advantage of new technologies without exposing themselves to unacceptable levels of risk.
As a key supplier to the MoD, emergency services and the nuclear industry, security has always been one of Babcock’s highest priorities and cyber security is a critical element of that. Increased connectivity in manufacturing has added to the threats we face, however, our understanding of the risks is well established and our protocols defined. We apply the same rigorous security processes to a sensor in the manufacturing environment as to a laptop connected to our network.
It takes significant dedication and effort from our information services, information assurance and security teams to maintain our networks and the information assets that Babcock use to securely deliver our work for our customers. People are considered our best defence and we are all comprehensively trained to spot and prevent cyber-attacks.
The threat landscape is constantly changing and the range and complexity of connected devices is increasing. Vulnerabilities in systems and applications are continuously being found, and while we wait on vendors to develop and test updates and patches, they remain vulnerable. In addition, cyber threat actors never cease looking for vulnerabilities and learning how to exploit them.
Industry Interview: Rob Clifford, Chief Data Officer for BAE Systems Maritime and Land Division
How are attitudes towards cyber security changing within manufacturing?
Increasing connectivity and the market facing nature of the manufacturing sector is creating more vectors of attack. And increasingly, an awareness of outside influences disrupting manufacturing processes through technology has risen through the chain of command.
Research suggests that the awareness and impact of cyber attacks on the manufacturing industry has increased in recent years so it’s easy to conclude that manufacturing is acutely exposed to cyber crime. Attitudes are hardening and it’s a topic that people don’t equivocate about. There’s a balance to be had as it’s important that manufacturers don’t become embroiled in the topic to the extent that they take a step backwards in terms of innovation and development, while at the same time recognising the existential risks that exist and take appropriate steps to manage them.

Within manufacturing the advent of IoT and connectivity has seen an acute threat to critical infrastructure reflected not just within businesses, but in terms of a national and transnational concern. In the US, there’s the IoT Cybersecurity Act of 2021 and in the UK, the Product Security and Telecommunications Infrastructure Act 2022, plus we have the National Cyber Security Centre.
It’s a subject that’s now part of the firmament and forms the backbone of the critical infrastructure of UK manufacturing.
Does BAE have personnel dedicated to cyber security?
Cyber is standalone, but also has the relevant connections into the broader information, management and technology (IM&T) and engineering spaces. It is a pan-sector issue and we have a senior individual who leads a discrete programme of work, both in terms of remediation and improvement, while keeping a watchful eye on the space as it develops.
There’s also working level, operational activity as well. Critically, we make sure that cyber security is not merely relegated to an IT issue; it’s much broader than that. And in the manufacturing space, it’s essential that the people doing the delivery, building the equipment, maintaining and supporting it, are just as aware and informed about the risks of cyber, and the opportunities to mitigate it, as the people who are involved in the technical and academic work.
How is BAE mitigating against cyber attacks?
Cyber security is an interesting topic, as it covers a broad spectrum from very bespoke, niche, technical risks that might be faced by different organisations, through to some fairly pragmatic elements of security that you’d expect everyone to take seriously. For BAE, education, planning and tighter orchestration of our data estate is at the top of the table. It’s important to take practical steps around updating your infrastructure, making sure you maintain your legacy systems and they remain secure.
As mentioned, there’s also a balancing act between tolerance of risk and being risk averse. One of the most pernicious side effects of cyber attacks is that they cause businesses to stand rigid and conclude that safety will be assured if everything is locked down. That might be the case, but that in turn will stifle momentum, innovation and progress, which is at the heart of the UK manufacturing industry, and why we’ve got such a profound tradition.
Critically, when we talk about cyber threats and attacks, we inevitably get into a conversation about technology. Yes, there’s a huge technology element involved, but many of the most effective attacks occur due to a lack of social awareness, so education and training is vital.
Whether it be watering hole attacks, infected USB sticks or spear phishing attacks; they’re all linked to a human element, and people are risk vectors too. Of course, the technology is important, but equally integral is making sure an organisation’s people are up to date.
How challenging are legacy systems as an attack vector?
It’s an ongoing challenge, and it always will be. If nothing ever changed within an organisation, then there would be no dynamism or progression and the benefits of Industry 4.0 and connectivity would not be realised.
However, with legacy systems it’s important that manufacturers are aware that you can’t just make a transition to something new and forget about the system being replaced. Historically in the UK, there have been some challenges associated with legacy systems.
We had the WannaCry ransomware attack a few years ago, and some of the worst affected industries have been those where legacy systems have been exposed. Manufacturers need to have a grasp on where data sits (and where the risk is), while also making sure that if patching or improving the estate is being considered, then all the ingress and egress points are being captured.
What is the potential impact of a cyber attack?
There’s a spectrum of severity but of course, for the manufacturing industry, we’re talking about stopping or slowing production, or otherwise making it harder to get back to the optimum levels of output that existed prior to the attack. Manufacturers are always looking for efficiency and the improvement of quality, so anything that interrupts or disrupts that is going to present a challenge.
You could also look at the law of unintended consequence. An impact to one part of the system, particularly in a high assurance and complex manufacturing space, might create a ripple effect and have an impact somewhere else in a way that might not be expected.
There’s a huge amount of dependency when delivering very complex platforms and systems, so manufacturers need to make sure they understand how their businesses fit together. And of course, it’s not just the attack itself. What also requires consideration is the chilling effect that cyber intrusion and disruption present; that can stymie innovation and deter investment in new areas because of the concern of what’s lurking outside the light of the campfire; there’s a fear of the unknown and that can cause you to move at a slower pace.
The balance of risk needs to be sensibly split. I genuinely think connected systems and data are good for the industry, but they need to be accompanied by a complete awareness of the risk/benefit equation. Yes, be innovative and connect your data, but do so in a logical manner that doesn’t expose you to more risk than is actually needed.
Is cyber security becoming more challenging as connectivity increases and malicious actors become more sophisticated?
Statistically, evidence would suggest cyber attacks are still on an upward trajectory in the manufacturing sector. And in terms of scale, it’s not that hard to launch a cyber attack (albeit it’s harder to make an attack successful). However, all these risks have to be combated and time and money has to be invested in making sure businesses are properly insulated from them. However, sophistication is no guarantee that an attack will be successful.
Indeed, we’ve seen some very large institutions, both in the UK and internationally, brought down by what on the surface are quite unsophisticated techniques. Again, there’s a slight misnomer behind the word ‘cyber’, where it is often assumed there must be, for example, some incredibly complex data mining going on. In the majority of cases however, the attack’s success is often down to, as discussed previously, those human factors or because the legacy estate hasn’t been attended to sufficiently and has been left vulnerable as a result.
What’s important here is forward planning and having the right tempo behind your training so it is calibrated effectively. Are things becoming more challenging as they become more connected? The answer is yes. But the real challenge is to make sure that your training and mitigations are keeping pace with the scale of expansion.
What does the future look like in terms of cyber security and the challenge it presents manufacturers?
As a data person, I’d say one of the things manufacturers should be up to speed with regardless is understanding their data ecosystem, from both a technology and business perspective. Where is the data that matters to you? Where is it sourced from? Where is it stored? And how is its quality validated? You need to understand the relative value of the information you hold. Once you’ve done that you can start to think about how to protect it?
Another big issue, and it’s ongoing, is getting comfortable with the shift from open access to all data to very tightly managed permissions models. IoT is exciting because it opens up connectivity; the whole system can talk to itself, and you can get information moved around the manufacturing floor and workspaces as you want.
That’s great. But does that mean that all data has to be opened up? There needs to be a close focus on identity management; a clear understanding of who needs to see what, when and how, and what is the appropriate level of granularity of information that you share? That’s something all businesses will need to become proficient at.
In terms of cyber security, manufacturers will need to compartmentalise their businesses in such a way that it can work to effectively deliver products and operations without leaving attack vectors open. The most damaging cyber attacks find a fairly routine way into the business, but in doing so can access the crown jewels and move freely around systems and processes.
As we make our businesses more sophisticated and complex, in some ways, we need to get back to more simplistic principles of command and control. In a positive sense, IoT is going to provide more information to us, and when orchestrated with the cloud, there’s an opportunity to perhaps de-risk the manufacturing space.
Some reports have claimed that the advent of cloud is a precursor to cyber risk in the manufacturing industry. I’m not sure that’s entirely the case. In many instances, utilisation of cloud will provide better security than many people have on their premises already.
Obviously, in most organisations, a hybrid approach is the appropriate way forward as not all information will need to be in the public cloud. However, you can reduce some of your risk by managing the cloud estate effectively and allowing some of its more enhanced security to protect your estate.
For more stories on Digital Transformation click here.

source

source

GONE PHISHING: Cyber crime on rise in Canada, and it’s proving costly  Toronto Sun
source