Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label cybersecurity risks. Show all posts
water system security
Cyber Hackers Cyber Security cybersecurity risks data security digital safety Environment IRGC Operational Technology water supply water system security

EPA Report Reveals Cybersecurity Risks in U.S. Water Systems

 

A recent report from the Environmental Protection Agency (EPA) revealed that over 70% of surveyed water systems have failed to meet key cybersecurity standards, making them vulnerable to cyberattacks that could disrupt wastewater and water sanitation services across the United States. 

During inspections, the EPA identified critical vulnerabilities in numerous facilities, such as default passwords that had never been updated from their initial setup. In response, the agency issued an enforcement alert, urging water system operators to improve their cybersecurity measures. Recommended actions include conducting an inventory of operational assets, implementing cybersecurity training programs, and disconnecting certain systems from the internet to enhance security. 

The EPA has announced plans to increase inspections of water infrastructure and, when necessary, take civil and criminal enforcement actions to address any imminent and substantial threats to safety. Under Section 1433 of the Safe Water Drinking Act, community water systems serving over 3,300 people are required to perform comprehensive safety assessments and update their emergency response plans every five years. 

The high failure rate reported by the EPA indicates potential violations of this section, highlighting missed opportunities to protect these essential services through risk and resilience evaluations. This alert follows a series of cyber incidents over the past year, where nation-state hackers and cybercriminal groups have targeted water systems. These attacks have included unauthorized access to water treatment control systems, manipulation of operational technology, and other forms of sabotage. The regulatory environment for U.S. water systems is complex, often involving state and local government oversight.

Many rural water operators, unlike their federal counterparts, lack sufficient resources to bolster their digital defenses. While the EPA has attempted to enforce stricter security mandates, these efforts have faced legal challenges from GOP-led states and industry groups. In October, the EPA rescinded a directive that would have required water providers to assess their cybersecurity measures during sanitation surveys. Nation-state adversaries, including Chinese and Iranian hacking groups, have frequently breached U.S. water infrastructure. 

China's Volt Typhoon group has been particularly active, infiltrating critical infrastructure and positioning themselves for further attacks. In one instance, Iranian Revolutionary Guard Corps-backed hackers targeted industrial water treatment systems, and more recently, Russia-linked hackers breached several rural U.S. water systems, posing significant safety risks. In March, the EPA and the National Security Council issued a joint alert, urging states to remain vigilant against cyber threats targeting the water sector. The alert emphasized that drinking water and wastewater systems are attractive targets for cyberattacks due to their critical role and often limited cybersecurity capabilities. 

Moreover, a Federal Energy Regulatory Commission (FERC) official recently testified about the vulnerability of dam systems to cyberattacks, indicating that new cybersecurity guidelines for dams could be developed within the next nine months. The EPA's report underscores the urgent need for improved cybersecurity measures in U.S. water systems to protect these vital resources from potential cyber threats.
Read more »
Phishing Prevention
Cyber Security cybersecurity risks data security edge computing Gen Z Millennials Multi-factor authentication Phishing Prevention

Cybersecurity Risks and Solutions for Millennials and Gen Z

 

Millennials and Gen Z are the most concerned generations about the risk of cyber attacks on their organizations. They also worry about potentially leaving their organizations vulnerable and feel less prepared to handle such cyber threats. Research from Ernst & Young LLP (EY US) indicates that 53% of US employees are concerned about their organization being targeted by cyber attacks, with 34% worried that their actions might make their organization vulnerable.

Among Millennials and Gen Z, 58% and 64% respectively fear losing their jobs if they leave their organization exposed to a cyber attack. This anxiety can negatively impact cybersecurity, as it may lead to unreported cyber incidents due to fear of repercussions. Considering that 68% of cyber attacks involve a non-malicious human element, such as clicking on a phishing email link, addressing this fear is crucial.

To boost cyber confidence and improve response to cyber attacks, here are five steps to enhance cybersecurity for both individuals and their organizations. Phishing, a common cyber attack method, involves hackers sending deceptive emails to trick recipients into clicking on a link, downloading a file, or performing other actions that compromise security. Variants of phishing include smishing (via text), vishing (via phone call), and quishing (via QR codes).

Phishing attacks leverage psychological tactics to manipulate victims. Knowing how to respond to suspicious texts, emails, or calls is key to preventing these attacks. EY US research found that only 31% of Gen Z employees feel very confident in identifying phishing attempts, compared to 51% of Millennials, indicating a need for better employee training.

Here are some tips to identify and prevent phishing attacks:

1. Don't act immediately: Phishing emails often create a sense of urgency. Even if the email claims you must click a link or download a file, pause and evaluate its legitimacy.
2. Read the message carefully: Look for urgent language, differences from typical emails, grammatical mistakes, or unusual requests, such as resetting passwords or buying gift cards, which are signs of phishing.
3. Check the sender: Hackers may impersonate colleagues or executives. Verify the sender’s email address by hovering over the contact name and comparing it with known details. If unsure, contact the person directly.
4. Check the link: Hover over any links to reveal the actual URL. Be cautious, as hackers can create convincing fake websites. 
5. Report phishing attempts: Reporting suspected phishing attempts helps protect your organization by alerting others to potential threats.

Implementing these strategies can protect both individuals and organizations from phishing attacks.

Set Up Multi-Factor Authentication (MFA)
MFA enhances security by requiring users to verify their identity with a code sent via text, email, or an authentication app. This not only confirms legitimate logins but also alerts the company to unauthorized access attempts. The importance of MFA is highlighted by incidents like the cyber attack on Change Healthcare, where the lack of MFA on a Citrix profile allowed hackers to infiltrate their network. While MFA might not completely prevent cyber attacks, it can significantly delay them and provide early warnings.

Use Strong Passwords
Weak passwords are a common security risk, with research showing that 37% of people have risky workplace security habits and 39% use weak login credentials. Strong passwords are crucial as the first line of defense against unauthorized access. If remembering secure passwords is challenging, using a password manager can help generate and store strong passwords. Some regions, like the UK, are moving towards making weak default passwords illegal, a measure that may extend to workplace security in the future.
Read more »
security alerts
Cyber Security cybersecurity risks data security decentralized framework edge computing IoT vulnerabilities Network Security security alerts

Top Cybersecurity Risks in Edge Computing : Here's All You Need to Know

 

Managing a large number of endpoints poses considerable challenges, especially in handling security logs. Over half of chief information security officers find the volume of daily alerts overwhelming, and monitoring a decentralized framework further heightens cybersecurity risks.

Currently, 56% of security professionals dedicate at least 20% of their workday to reviewing and addressing security alerts. Moving storage and processing to the network's edge is likely to increase daily alerts, raising the risk of missing critical threats and wasting time on false positives.

1.Data Vulnerabilities
Securing every IoT device in a decentralized setup is less practical than in a centralized data center. Data at the edge is more susceptible to man-in-the-middle and ransomware attacks, such as sniffing attacks where unencrypted data is intercepted. Edge devices often lack the processing power for robust encryption, and encrypting data can slow down operations, conflicting with edge technology's primary goal.

2.Expanded Attack Surface
Edge computing, aimed at reducing latency, increasing bandwidth, and improving performance, requires placing devices near the network's edge, expanding the attack surface. Each device becomes a potential entry point for attackers. Research shows AI outperforms humans in this area, with one study noting an algorithm achieving a 99.6% recall rate for high-priority notifications and a 0.001% false positive rate, which is significant given the typical volume of alerts.

3.Device and User Authentication
Authenticating edge devices is crucial to ensure each endpoint is verified before accessing networks, preventing compromised machines from connecting and helping trace unusual activity back to specific devices.

4. Encrypting Network Traffic
While encryption is essential for cybersecurity, it can be too resource-intensive for widespread use in edge computing. To mitigate this, data classification should be employed to prioritize which endpoints and data require encryption. Encrypting data both at rest and in transit, using suitable key sizes, can balance security and performance. Edge computing's appeal lies in its ability to enable low-latency, high-efficiency, real-time operations by moving storage and processing to the network's boundary. However, this shift from centralized data centers comes with significant cybersecurity concerns.

Major Cybersecurity Risks of Edge Computing

Despite its benefits, edge computing brings five primary cybersecurity risks.

1. IoT-specific vulnerabilities: Internet-connected devices are prone to man-in-the-middle attacks and botnets due to limited built-in security controls. In 2022, IoT attacks surpassed 112 million, up from 32 million in 2018, posing significant risks as encryption is resource-intensive and often insufficiently supported by these devices. The process of encrypting data also slows operations, countering the primary advantage of edge technology.

2. Expansive attack surface: To reduce latency, increase bandwidth, and improve performance, edge devices must be placed near the network's edge, expanding the attack surface. Each device becomes a potential entry point for attackers.

3. New budget limitations: Edge computing's complexity requires substantial investments in telecommunications and IT infrastructure. Even with a significant upfront investment, maintenance and labor costs can strain budgets, leaving less room for handling failures, recovery, or deploying additional defenses.

Mitigation Strategies for Edge Computing Risks

Strategic planning and investments can help overcome numerous cybersecurity risks associated with edge computing.

1. Utilize authentication controls: Multi-factor authentication, one-time passcodes, and biometrics can prevent unauthorized access, reducing the risk of data breaches caused by human error, which accounts for 27% of such incidents.

2. Deploy an intrusion detection AI: A purpose-built intrusion detection system using deep learning algorithms can recognize and classify unknown attack patterns and cyber threats. Such AI can manage most endpoints without integration into each one, offering scalability and ease of deployment, making it ideal for edge computing environments.
Read more »
Security Concerns
Chinese-made surveillance cameras Cyber Security cybersecurity risks Dahua data vulnerabilities Hikvision National Security NATO alliance Romanian military sites Security Concerns

Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations

 

A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications.

Valued at under $1,000, an employee of the Romanian Defense Ministry purchased an eight-port switch and two surveillance cameras from Hikvision, a Chinese company with purported ties to the Chinese military. Notably, both the United States and Britain have blacklisted Hikvision due to identified data and security vulnerabilities.

Although there is currently no evidence of breaches at the Deveselu military base, an investigation by RFE/RL's Romanian Service revealed that Hikvision and Dahua, another Chinese company partly owned by the government, supply surveillance equipment to at least 28 military facilities and numerous other public institutions involved in national security across Romania.

While Romanian authorities assert that the equipment is used in closed-circuit systems without internet connectivity, experts argue that vulnerabilities in firmware could still pose risks, enabling remote access, data interception, and network attacks. Despite these concerns, Romania does not impose restrictions on the use of Hikvision or Dahua equipment, unlike some NATO allies such as the United States and Britain.

Both Hikvision and Dahua refute allegations of being security risks and claim to promptly address vulnerabilities. However, critics like Romanian parliament member Catalin Tenita argue that existing legislation could justify banning these companies' products.

The Romanian Defense Ministry maintains that its surveillance systems are secure, emphasizing strict testing and evaluation procedures. Similarly, the Deveselu Naval Facility, operated by U.S. forces, declined to comment on Romanian military purchases but emphasized their commitment to regional security.

NATO, while not formally banning third-country equipment, encourages vigilance against potential security risks. Secretary-General Jens Stoltenberg cautioned against reliance on Chinese technology in critical infrastructure, echoing concerns about Hikvision and Dahua's involvement.

Despite assurances from Romanian authorities, the history of vulnerabilities associated with Hikvision and Dahua equipment raises concerns among experts. Romanian institutions, including law enforcement and intelligence agencies, defend their procurement decisions, citing compliance with national legislation and technical specifications.

Some Romanian lawmakers, like Senator Adrian Trifan, advocate for further investigation and scrutiny into the prevalence of Hikvision and Dahua equipment in national security sites, underscoring the need for immediate clarification and review of procurement procedures.
Read more »
Subscribe to: Posts (Atom)