Archive for April 22, 2023

CISA and Others Release Strategies for Protecting Smart Cities 

Posted in Commentary with tags on April 22, 2023 by itnerd

CISA and NCSC along with their equivalents in Canada, Australia and New Zealand have published Cybersecurity Best Practices for Smart Cities designed to help stakeholders build protections into new systems from the planning stage.

The document warns that due to the intrinsic value of the large data sets, not only are smart cities vulnerable to financially motivated cyber-criminals but with complex, automated supply chains, terrorists could paralyze critical services and even cause physical harm or loss of life.

While currently infrastructure services are separate, the challenge for defenders is that by integrating all systems into a single-network landscape, they will expand the digital attack surface for each participating organization, while making visibility and control more challenging for security teams.

Key recommendations are as expected and suggest that planners undertake:

  • Secure planning and design: principle of least privilege, MFA, zero trust architectures, prompt patching, device security, and protection for internet-facing services
  • Proactive supply chain risk management: covering the software supply chain, IoT and device supply chains, and managed/cloud service providers
  • Operational resilience: backing up systems and data, workforce training, and incident response and recovery

Carol Volk, EVP , BullWall(she/her)


   “This effort by the US and other nations is a commendable move towards promoting cybersecurity in the planning and design of smart city systems. It highlights the recognition of the inherent risks associated with large data sets in smart cities and the need for proactive measures to protect against cyber threats.

   “The emphasis on secure planning and design, proactive supply chain risk management, and operational resilience in the recommendations is crucial in ensuring the security of smart city systems. 

   “In particular, recognizing the risks of centralizing too much data in smart city systems is significant. Centralized data can become a single point of failure and will attract malicious actors like bees to honey. Governments must consider the balance between data centralization for operational efficiency and the need for data protection and privacy. Even the best planning will be thwarted by determined attackers, whether private or nation states. After watching ransomware attacks increasingly evade the best preventative measures, we need solid detection and containment layers as standard fare in these new network designs.”

Bryson Bort, Founder and CEO, SCYTHE had this to say:

   “I have worked smart city security in various countries since 2015. The joint country collaboration on best practices is particularly interesting in this case. The smart city of tomorrow promises a better way of life for its citizens with possibilities like re-routing traffic with sensors but must design for resilience and protective measures to assure the digital traffic doesn’t hit any potholes.”

Corey Brunkow, Dir of Eng Operations, Horizon3.ai follows up with this:

   “The CISA doc is pretty general but has links to useful information and has a section on Supply Chain Security Guidance which is critically important as the recent Toyota Supply Chain attack demonstrated.    This specific section from the UK NCSC addressing supply chain security guidance seems particularly relevant for best practices similar to what is needed.  

  1. Understand the risks
  2. Know who your suppliers are and build an understanding of what their security looks like
  3. Understand the security risk posed by your supply chain”

Roy Akerman, Co-Founder & CEO, Rezonate:

   “Smart cities are here, and we will see more and more cities adopt these practices – both with technology innovation as well as with government services. CISA recommendations are logical, yet they are far from reality. They may seem like basic functions yet today there are no vulnerability-free environments, the speed of patching is never real-time, zero-trust is a continuous journey, not a one and done. Smart city infrastructure will be distributed across many vendors and many teams, inevitably resulting in an increased attack surface that will lead to security breaches if not handled properly.

   “It is critical for the foundation of smart cities to be connected and based on strong automation, as with the private sector, resources are limited but effective security practices must be put in place to safeguard identity data. The approach must include both proactive measures and a defense-in-depth approach assuming compromise and readiness when a security breach occurs. Success will be evaluated by how fast they are able to get back online.”

Smart cities are going to be considered critical infrastructure in the not so distant future. Thus it’s good to see that there are these guidelines are out there to make smart cities as safe as possible.

Leave a comment »

Today Is Earth Day

Posted in Commentary on April 22, 2023 by itnerd

Earth Day, recognized on April 22 across the globe, is one of the most widely celebrated events to increase awareness and appreciation of the Earth’s natural environment, honor the environmental movement’s achievements, and highlight the need to protect Earth’s natural resources for future generations. 

In recognition of Earth Day, I have some commentary from some industry leaders. Staring with  Jason Lohrey, Founder and CEO of Arcitecta:

“It is critical to act now – and decisively – to protect our environment. Arcitecta and its employees join with the many individuals and organizations across the globe to boost awareness of the preciousness of our environment, deploying initiatives to help protect it, and taking actions that encourage those we do business with to help preserve our planet.  

When purchasing products and services, we must focus on sourcing from organizations that minimize their environmental footprint, such as using renewable energy, minimizing the use of polluting transport, and sustainable production that considers the full product life-cycle. At Arcitecta we proactively seek out companies to do business with that are demonstrably taking measures to implement sustainability initiatives.   

More specifically, Arcitecta utilizes the minimum amount of hardware, and the most energy efficient hardware in the development of its data management software systems. We have installed solar panels on our buildings to power our office needs and to return significant excess power to the electricity grid. Our philosophy is to limit business travel as much as possible, to encourage the use of public transport and cycling, to provide charging stations for our employees’ electric cars, which an increasing number of them have.  

Next up is Molly Presley, SVP of Marketing at Hammerspace weighs in on this timely and important topic.

“As nations around the globe strive to meet sustainability goals and reduce their climate impact, the technology industry is coming under increasing pressure to both use data to innovate and identify more efficient solutions while, at the same time, reducing the impact of those same IT technologies. The fight to make positive change for the environment is a forefront focus of enterprises and governments that continuously use technology to create positive change while navigating new policies, standards, laws, and regulations that drive significant changes in their ways of doing business. 

Within the data computing and data storage industry, there are tremendous and rapidly increasing technological advancements; however, organizations experience significant workflow challenges and inefficiencies when data gets trapped in storage silos and locations. Compute infrastructure requires significant power, and it is difficult to move data to geographies that have more efficient and available energy. It is also incredibly inefficient to have numerous copies of the same data stored in power-consuming storage systems that must live in air-conditioned data centers. To meet sustainability goals, organizations need data to be freely available to their teams anywhere as a global resource, unbound by location and data silos. 

Automated data orchestration in a cross-platform global namespace across silos, sites, and clouds is emerging as a game-changer in this area. Typically, organizations need more power to accomplish everything they need to do. However, even when power is available in specific locations, it can be much more expensive to access and heavier on the environment to generate it. The capability to enable transparent, automated data orchestration, even on live data, enables workflows to achieve unprecedented efficiencies, leveraging any combination of on-premises and cloud resources. In addition, it creates an agile environment that can adapt to changing requirements to better meet tight deadlines and budgets.  

In summary, when energy and power are not available and very expensive, bundling content into files and efficiently orchestrating it to other areas using available, lower-cost, more efficient compute is a win-win – you achieve a more cost-effective, energy-efficient solution and a greener approach.”

Hopefully these comments from industry leaders can help you to make your own impact on Earth Day as we only have one planet and we have to do our best to take care of it.

Leave a comment »

Marinette Marine Shipyard Ransomware Attack Delays Operations

Posted in Commentary with tags on April 22, 2023 by itnerd

According to US Naval Institute News, on April 12th the Fincantieri Marinette Marine shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate fell victim to a ransomware attack last week that has disrupted operations across the shipyard.

On the morning of the attack, large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group. The compromised data is used to feed instructions to the shipyard’s computer numerical control (CNC) manufacturing machines, resulting in devices like welders, cutters, bending machines and other computer-controlled tools being offline for several days. 

As of yesterday afternoon, it is believed that some of the CNC machines at Marinette are again operational, and repair and construction operations continue, but email and some networked operations remain off-line for now.

Based on information from the Navy, it’s unclear if the attackers stole any data.

Carol Volk, EVP , BullWall had this to say:

   “This ransomware attack on the Fincantieri Marinette Marine shipyard disrupted operations across the shipyard by rendering data on network servers unusable, impacting critical CNC manufacturing machines. This highlights the potential impact of cyber attacks on industrial control systems and the need for robust detection mechanisms to identify and respond to such threats promptly. Even if data theft did not occur, the disruption caused by the attack can have significant operational and financial implications.

   “While preventative measures are crucial, it is important to acknowledge that motivated cybercriminals are constantly evolving their tactics and can often stay one step ahead. As such, detection and containment capabilities should be considered as “must have” defenses in addition to preventative measures.”

Roy Akerman, Co-Founder & CEO, Rezonate follows with this:

   “In addition to seeing ransomware groups with financial gain as thier main goal, we also see ransomware applied as a way to divert attention when attackers are creating a “smoke screen” with different objectives in mind, such as propagating through the network and creating backdoors for other more lucrative motivations. Especially here, in the case of the U.S. Navy where there is an increased risk of ransomware being the first visible risk while other true intentions remain stealthy.”

Hopefully the Navy figures out what happened and if the attackers stole the data. Because this will indicate how bad this ransomware attack truly is. Which given what this shipyard does, is something that we all have the right to know.

Leave a comment »

Europe’s Air-Traffic Agency Under Attack from Pro-Russian Hackers 

Posted in Commentary with tags on April 22, 2023 by itnerd

Via the Wall Street Journal, the news is out that pro-Russian hackers attacking Europe’s air-traffic Agency:

“The cyberattack on the agency’s website started on April 19, a spokeswoman for the European Organisation for the Safety of Air Navigation, also known as Eurocontrol, said, adding that it wasn’t affecting the agency’s air-traffic control activities.”

Of particular interest to us was this commonsense bit of information:

“Systems used for aviation safety are subject to stringent cyber-protection protocols and aren’t connected to external networks that could allow hackers to access them directly, the official said.”

David Mitchell, Chief Technical Officer, HYAS had this comment:

   “It is important for critical OT systems like Air Traffic Control, power & water to be air-gapped from other IT systems — primarily because OT systems can often be decade(s) old and do not have the normal software update cycle of IT systems. Due to the nature of interactions with resources on the Internet or internal IT environments, it is very difficult to isolate newer systems and software to an air gapped environment while maintaining functionality.”

Jan Lovmand, CTO, BullWall follows up with this:

   “Air-gapping, biometrics, and other methods of breaking the flow of data can be effective tools in preventing malicious actors from breaking into sensitive data networks, especially in high-security environments such as aviation safety systems. Air-gapping, which involves physically isolating critical systems from external networks, can provide a strong layer of defense against cyber-attacks. By keeping critical systems completely disconnected from external networks, the risk of unauthorized access or data breaches is significantly reduced.

   “Biometrics, such as fingerprint or retina scans, can add an additional layer of security by requiring unique physiological characteristics for access. This can help prevent unauthorized access to sensitive systems and data, as biometric data is difficult to replicate or spoof.

   “Other methods of breaking the flow of data, such as using one-way data diodes or unidirectional gateways, can also be effective in preventing data leaks or unauthorized access. These technologies allow data to flow in one direction only, preventing any backflow of information that could be exploited by hackers.

   “While these measures can be effective in protecting sensitive data networks, they also have limitations. Air-gapping can be challenging to implement in complex networks, as it requires physical separation and can hinder communication and data exchange between systems. Biometrics, although highly secure, can also face issues such as false positives or false negatives, leading to potential access errors. 

   “A comprehensive defense strategy should incorporate multiple layers of security, including network segmentation, access control, data encryption and reliable backup and ransomware containment systems, in the event that all else fails, to provide robust protection against cyber threats.”

Roy Akerman, Co-Founder & CEO, Rezonate concludes with this:

   “It is a common practice across different government agencies to apply completely air-gapped systems and total separation from wiring, to network, to software and mission critical systems. While there’s no silver bullet protection, as we are proven often, OT (Operational Technology) infrastructure like water, gas and electricity supply, military and air-traffic, and other deemed critical services apply the most stringent access and functional operation. 

   “The focus for the past few years, with nation state attacks on countries infrastructures and a near constant attack on countries as part of the global geopolitics, has increased both the risks as well as the readiness and practices implemented.”

These attacks on critical infrastructure are going to be the norm going forward. Thus defences on this infrastructure need to be on point. Otherwise these attacks will be successful which hurts us all.

Leave a comment »