Public meeting on cybersecurity agenda on the 20th - United Nations Security Council to cut off the source of funds in North Korea
South Korea's UN Ambassador, Hwang Jung-guk, announced a public meeting on cyber attacks to be held on the 20th as the country alleges that North Korea is using funds from cyber attacks to develop nuclear weapons and missiles. Mr. Hwang emphasized the increasing threat to international peace and security posed by cyber attacks and urged for dialogue with North Korea and humanitarian assistance to the country. Additionally, a resolution calling on Israel to stop the attack on Rafa in Gaza is being discussed by Arab countries, and the timing of the vote is undecided.
Microsoft warns of increased cyber attacks on TO devices
It's important to protect operational technology (OT) devices connected to the Internet due to a recent rise in cyber attacks. According to Microsoft, these attacks highlight the urgent need to enhance OT device security. Attackers can tamper with critical parameters in industrial processes, causing malfunctions and interruptions. OT systems' lack of security mechanisms and direct connection to the Internet make them easy targets. To mitigate these threats, organizations should reduce the attack surface and implement zero-trust practices for their OT systems.
Russia Aims Cyber Operations at Summer Olympics
Two Russian state-aligned threat actors, Storm-1679 and Storm-1099, have been conducting online influence operations to undermine the upcoming Olympic Games in Paris. The goal of these operations seems to be to harm the reputation of the International Olympic Committee and stoke fears around potential violence at the Summer Games. There are concerns about the potential for direct cyberattacks during the Games. Russia's influence campaigns against the 2024 Olympics include spreading fake news, doctored images, and AI-aided videos on social media. The security of the Games will require immense international coordination, emphasizing physical security and training staff for potential cyberattack scenarios.
How Zero Trust Supports Cyber Resilience for Healthcare Organizations
In order to enhance cyber resilience, IT and organizational leaders need to prioritize critical processes for business continuity and disaster recovery planning. For healthcare organizations, patient care is of utmost importance, and any process crucial for patient well-being should be restored swiftly for rapid recovery from a cybersecurity incident.
New comprehensive Homeland Security cyber incident reporting rules
The extensive new rules for cybersecurity incident reporting are on the way and they will cover a lot. The issuing agency is the Cybersecurity and Infrastructure Security Agency. The enabling legislation is CIRCIA: the Cyber Incident Reporting for Critical Infrastructure Act. To find out more about the recent hearing that took place on the voluminous rule making, the Federal Drive with Tom Temin talked with cyber policy expert Bob Metzger, a partner at the law firm, Rogers, Joseph O’Donnell.
Marine Corps Launches Talent Acquisition Pilot for Cyber, Signals Intel
Manpower and Reserve Affairs has launched the Marine Corps Talent Acquisition Pilot (MCTAP) program to recruit highly skilled individuals for critical roles in the 1721 Cyberspace Warfare Operator and 2629 Signals Intelligence Collection Manager MOS. The program starts in June 2024 and allows talented individuals to join at a rank matching their education and experience. Applicants without prior Marine Corps experience will need to complete recruit training, while former Marines won't be required to retrain. Interested individuals are encouraged to apply for this opportunity to serve the nation.
U.S. Naval War College hosts Cyber Innovation Workshop
The U.S. Naval War College hosted the third annual Cyber & Innovation Policy Institute’s Summer Workshop in Newport, R.I. The event focused on military innovation and cooperation, highlighting the importance of defense science and technology collaboration with allies and partners. It also emphasized the need to demonstrate U.S. reliability in deterring conflicts and streamline the process of developing new warfighting capabilities through wargaming exercises. The workshop is part of NWC’s efforts to advance research, education, and outreach in support of the U.S. Navy’s modernization initiatives and to address the growing threat of cyberattacks. The college aims to provide essential analysis of emerging technologies and military innovation to inform decision-makers and educators.
NIST Selects Analygence for $125M Cyber Vulnerability Processing Support Contract
Maryland-based cybersecurity company Analygence has been awarded a five-year, $125 million contract from the National Institute of Standards and Technology (NIST) to help process a backlog of cyber vulnerabilities for inclusion in the National Vulnerability Database. NIST aims to clear the backlog by the end of fiscal year 2024. Analygence has previously supported federal customers such as the Naval Air Warfare Center and Cybersecurity and Infrastructure Security Agency.
At-Bay expands Cyber & Tech E&O coverage to businesses with up to $5bn in revenue
At-Bay, a cyber insurance provider, has expanded its Cyber and Tech E&O Excess & Surplus coverage to businesses with up to $5 billion in revenue, offering aggregate limits up to $10 million. This includes other coverage enhancements. The company aims to better serve mid-market to large businesses with its enhanced Cyber and Tech E&O surplus capabilities. At-Bay's insurance policies provide comprehensive first- and third-party coverage on both primary and excess lines. Additionally, At-Bay's surplus Cyber and Tech E&O policy provides access to At-Bay Stance Exposure Management, which includes Stance Advisory Services. Michael Drummond, Head of Cyber and Tech E&O at At-Bay, remarked, "We are proud to expand our coverage capabilities to larger enterprises, offering comprehensive insurance coverage to more mid-market businesses. Our experienced underwriters handle complex risks, and our in-house DFIR team manages high-stakes incidents on behalf of Fortune 500 companies. Our enterprise-grade Managed Detection and Response solution provides 24/7 cybersecurity monitoring through our Security Operations Center." A recent report released by At-Bay showed a 64% year-over-year increase in ransomware claims in the United States between 2022 and 2023, primarily driven by a surge in indirect ransomware incidents.
Government of Canada releases statement on malicious cyber activity
The Ministers of Public Safety, Foreign Affairs, and National Defence issued a statement on Canada's efforts to protect against cyber threats from foreign states like China, Russia, Iran, and North Korea. These threats target government, private sector, and individuals, and pose serious risks to national security and democracy. Canada is working with allies to address these threats and urges cybersecurity awareness and protection.
Cyber attack preparedness is necessary. Modern war disinformation is also a threat.
Professor Yoko Hirose of Keio University presented at the "Yomiuri Biz Forum Chubu," emphasizing the importance of addressing cyber attacks and improving information literacy in modern warfare. Hybrid warfare, combining cyber attacks, propaganda, and force, is a significant threat, with Russia, China, Iran, and the United States actively using this method. It can be understood in three stages: non-lethal tactics, military threats, and the use of force. Cyber attacks are the main focus in phase 1. Sanctions are now part of hybrid warfare, as seen in Russia's invasion of Ukraine, leading to global economic repercussions. Japan needs to strengthen its defenses against cyber attacks and improve its information literacy to counter disinformation and fake news.
US identifies stealth Chinese cyber threat 'prepositioning' in critical infrastructure
U.S. warns of stealthy Chinese cyber threat targeting critical infrastructure, highlighting the risks posed by the Volt Typhoon hacking group.
Pakistan-linked cyber groups target Indian government and military
The cybersecurity landscape in India is becoming increasingly hostile, with a sharp rise in ransomware and other cyberattacks targeting various sectors. A recent report by Seqrite, in collaboration with the Data Security Council of India (DSCI), sheds light on the growing threat and sophistication of these attacks. Ransomware attackers are constantly updating their tactics to bypass traditional security measures. Seqrite's report indicates a concerning trend where one in every 650 security detections is linked to ransomware incidents.
Σχόλια