NIST Asks For Feedback In Terms Of Cybersecurity For The Water And Wastewater Utilities Sector

Posted in Commentary with tags on November 3, 2022 by itnerd

Yesterday, NIST put out a draft white paper asking for feedback from stakeholders in the water and wastewater utilities sector as to how best to secure this sector.

Here’s the abstract from the draft white paper.

The U.S. Water and Wastewater Systems (WWS) sector has been undergoing a digital transformation. Many sector stakeholders are utilizing data-enabled capabilities to improve utility management, operations, and service delivery. The ongoing adoption of automation, sensors, data collection, network devices, and analytic software may also increase cybersecurity-related vulnerabilities and associated risks.

The NCCoE has undertaken a program to determine common scenarios for cybersecurity risks among WWS utilities. This project will profile several areas, including asset management, data integrity, remote access, and network segmentation. The NCCoE will also explore the utilization of existing commercially available products to mitigate and manage these risks. The findings can be used as a starting point by WWS utilities in mitigating cybersecurity risks for their specific production environment. This project will result in a freely available NIST Cybersecurity Practice Guide.

You can read the draft white paper here. Chris Warner, OT Cybersecurity Consultant, GuidePoint Security adds this commentary:

“Water systems are unique and challenging to secure because many systems are over 50 years old, and it will take tremendous financial and human resources to replace or upgrade to stay in compliance with regulatory entities. Water SCADA systems have numerous physical sites that are diverse in architecture and challenging to ensure integrity and security for water treatment basins, distribution centers, storage towers/level management, drinking water distribution networks, real-time decentralized industrial wastewater treatment centers, and real-time flood control system monitoring. 

Now, the AWWA mandates over 180 standards of practice for water utilities, and many US States have their own regulations. Some states are now encouraging water utilities to align to the NIST CSF. The NIST CSF mainly focuses on the business, IT, and a limited amount of OT. Creating an overlay of the NIST 800-82 with the CSF specifically addresses SCADA systems.”

I’ll be keeping an eye on this as there needs to be change in this sector to address the threat landscape that we find ourselves in at present.

Leave a comment »

Today Is World Digital Preservation Day

Posted in Commentary with tags on November 3, 2022 by itnerd

World Digital Preservation Day (WDPD) is held on the first Thursday of every November. In honor of the day, the World Digital Preservation Coalition stated, “The DPC invites all data creators, curators and consumers from around the world to celebrate digital preservation by participating in a whole day dedicated to all of the benefits and opportunities enabled by the hard work of our dynamic and collaborative community. Continuing the theme ‘Data For All, For Good, Forever’ from another celebration – iPres 2022 – World Digital Preservation Day is an opportunity to showcase how digital preservation enables ‘digits to flourish.’”

Steve Santamaria, CEO of Folio Photonics offers up this commentary: 

“Digital data is the world’s most valuable resource and the storage, protection and preservation of this resource is crucial. Not only business, but a society’s advancement depends upon the ability to preserve, access, and analyze historical data. When our historical data is lost, we suffer. This is why we saw the Spanish friars burn nearly every book that existed in the pre-Columbian Mayan civilization during their conquest. Once data is lost, there is no way to determine how much value has been irrevocably lost.

Data preservation can be done several ways, but at its core it is a combination of the technology, organizational management, and proper resource planning. While data storage technology is only one aspect of the ongoing process known as preservation, it still plays a vital role. Having the appropriate data storage technology at the center of your preservation strategy is critical to ensure your data’s safety. Storage that is highly reliable, long-lived, easily accessible, and cost-efficient is crucial to any data preservation strategy. We have yet to see an ideal storage technology developed that strikes the right balance between these vectors. However, new technologies such as next-generation tape storage, advanced optical storage, and DNA storage are all currently being developed to sit at the center of data preservation strategies around the globe.”

Whether it is electronic health records, financial statements, HR documentation, architectural blueprints, retail buying trends reports, or movies and other entertainment content, as well as classified government documents (and the list goes on) – the critical importance of preserving digital data spans virtually every industry, around the world.

Leave a comment »

Bell Reports ‘Best-Ever’ Internet Subscriber Growth In Q3…. Gee I Wonder Why?

Posted in Commentary with tags on November 3, 2022 by itnerd

It’s Q3 results season for Canada’s “big three” telcos and I’ve been waiting for this for a while as I want to see what effect that the great Rogers outage back in July had on the “big three”. Bell was the first to come to the table with their results and you can see that they had one hell of a Q3. Here’s a quote attributed to Mirko Bibic, President and CEO of BCE and Bell Canada from the press release:

“We’re seeing clear demand from Canadians for differentiated fibre Internet services and fast, reliable wireless networks. We experienced over 400,000 net activations across our wireline and wireless networks, with our highest-ever number of total mobile phone net additions, and we also gained a significant share of Internet subscriber growth with over 95,000 new net fibre-to-the-home customers this past quarter, up 33% over last year and our best-ever result.

While I am sure that Bell won’t say that Rogers was the reason behind this growth, it was likely a factor. Along with the fact that they are rolling out fibre as fast as they possibly can. Which then leads to customers signing up with Bell as they have a much better Internet offering. And the Rogers outage and customers not being happy about that also likely drove people to Bell. Leaving the boys in red in no position to compete against Bell. I want to see what numbers Telus puts up because if they have similar growth, it will be clear that Rogers is in deep trouble. Thus stay tuned as this will get interesting to watch.

2 Comments »

Silverfort To Provide Acrisure Cyber Services Clients With Compliant Identity Protection

Posted in Commentary with tags on November 3, 2022 by itnerd

Silverfort, a unified identity protection leader, today announced a partnership with Acrisure Cyber Services (ACS). ACS is a division of Acrisure, a global fintech that operates a top-10 global insurance broker that also provides cyber services, real estates services and asset and wealth management.  Silverfort is known for helping organizations of all sizes meet an increasingly rigorous identity and access management compliance burden emerging in cyber insurance policies.  

The increasing sophistication of cyber attacks continues to expose the IT infrastructures of organizations, which is driving up cyber insurance premiums. As a result, underwriters are increasingly mandating that Multi Factor Authentication (MFA) is applied with far greater depth than before to inhibit threat actors’ movements as they propagate attacks.  

ACS will deliver Silverfort as part of its “Security as a Service” model, sitting alongside other technologies intended to provide companies of all sizes with full compliance to a range of carrier policies. Alongside Silverfort, this stack of technologies also covers endpoint security, vulnerability detection and management, backup and disaster recovery, security awareness training and email security.  

Silverfort will help enable ACS clients to comply with requirements by seamlessly extending MFA to previously unprotectable resources. Organizations will be able to enforce MFA across all on-prem and cloud resources including on email, remote network access tools, network infrastructure, directories, servers, workstations and even on legacy protocols that allow ransomware attacks to spread. It will also allow customers to automatically discover, monitor and secure the automated Service Accounts commonly used in data breaches, without having to modify them. 

More information on how Silverfort helps companies comply with emerging cybersecurity insurance standards can be found here. Further details on Acrisure Cyber Services can also be seen here.

Leave a comment »

Hackers Abuse Microsoft Customer Voice in Phishing Campaign… Legitimate Microsoft Links Used to Bypass Security Filters

Posted in Commentary on November 3, 2022 by itnerd

Researchers at Avanan, a Check Point Software Company, have released a report discussing how hackers are impersonating Microsoft’s Dynamic 365 Customer Voice to send credential harvesting pages.

In this attack, victims are presented with an email from the survey feature in Dynamics 365, notifying them that a new voicemail from a customer has been received. Using a legitimate Customer Voice link from Microsoft, end users are encouraged to listen to the voicemail by clicking on the provided link that instead redirects them to a phishing page. 

You can read the full report here.

Leave a comment »

Hackers Using Vendor Fraud Techniques to Bypass Microsoft Office Email Security: Armorblox

Posted in Commentary with tags on November 3, 2022 by itnerd

Armorblox today announced the addition of Armorblox Vendor and Supply Chain Attack Protection to the company’s cloud-delivered email security platform to protect organizations from the biggest challenge in today’s threat landscape: vendor email compromise and the ensuing supply chain attacks. 

As companies invest in more tools to defend against cyber threats of all kinds, hackers are staying one step ahead, by exploiting the trusted relationship between vendors and clients. With the addition of Vendor and Supply Chain Attack Protection to its email security platform, Armorblox eliminates the guesswork for organizations of all sizes around safe vendor and third-party communications across Microsoft Office 365, Microsoft Exchange, and Google Workspace environments. Armorblox NLU-based analysis and organization-specific custom models continuously monitor and assess the risk of over 50,000 vendors, proactively stopping vendor fraud attempts and supply chain attacks and further aligning with the company’s mission of helping organizations communicate without compromise.

Email-based financial fraud attacks have a higher chance of slipping past legacy email security solutions due to their increased sophistication. According to the 2022 Armorblox Email Security Threat Report2 out of 5 (44%) financial fraud attempts happened as wire fraud, invoice fraud, or vendor fraud over email. The Armorblox Vendor and Supply Chain Attack Protection delivers the layer of defense organizations need to secure their user and business data and protect the company and employees from sophisticated, targeted attacks such as financial fraud, look alike domains, or hijacking payment-related email threads.

Customers benefit from Armorblox Vendor Compromise and Supply Chain Attack Protection in a number of ways, including:

  • Enhanced Detection: Protect against vendor fraud attempts and supply chain attacks on the organization such as invoice fraud, look alike domains, or hijacking payment-related email threads.
  • Continuous Monitoring: Immediate protection against compromised accounts with around-the-clock monitoring and risk analysis of over 50,000 vendors. 
  • Improved Security Posture: Prevent loss of money, sensitive credentials, or confidential data over email with continuous risk assessment of vendors and third-party contacts, based on behavior models.

To learn more about the capabilities of Armorblox Vendor Compromise and Supply Chain Protection, visit this blog post: https://www.armorblox.com/blog/protecting-against-vendor-fraud-and-supply-chain-attacks

Leave a comment »

iRobot’s Holiday Gift Guide For 2022

Posted in Commentary with tags on November 2, 2022 by itnerd

iRobot, the leading global consumer robot vacuum company, offers the perfect gifts that’ll check everyone off your   shopping list. Whether  it be for  tech-lovers, those with  four-legged furry friends,  or someone who can  use  the extra  free time in their busy schedule, iRobot’s innovative robot mops and vacuums are great  options to gift.  Here are three gift options for you:

  • THE  2-IN-1 VACUUM (NEWLY LAUNCHED):  Roomba Combo j7+  ($1399. 99 CAD)  is the world’s most advanced 2-in-1 vacuum and mop combo to date. It has a mop that senses carpet then fully retracts to the top of the robot — completely away from your carpet to avoid wet carpet messes. Powered by iRobot OS 5.0, the vacuum has more control over how you clean.
  • THE SMARTEST VACUUM YET:  Roomba j7+ ($999.99 CAD) is a collaborative cleaning partner that delivers superior cleaning performance. The Roomba j7+ offers unique PrecisionVision Navigation that identifies and avoids common obstacles such as cords and pet  waste (see P.O.O.P promise) and gets smarter with each use. You can also forget about vacuuming for months at a time with the Clean Base Automatic Dirt Disposal that allows the j7+ to empty itself for up to 60 days .
  • MOP WITH EASE: Braava jet m6 ($599.99 CAD)  is ideal for multiple rooms and large spaces, and helps tackle all of life’s messes on hard floors. Simply attach a mopping or sweeping pad and the robot automatically takes it from there to give you fresh, clean floors. It also learns and maps your home, so it can clean when and where you want. 

You can also look at irobot.ca for other gift options as well.

Leave a comment »

White House Declares November To Be Critical Infrastructure Security and Resilience Month

Posted in Commentary with tags on November 2, 2022 by itnerd

The White House who is very focused on cybersecurity has declared November to be Critical Infrastructure Security and Resilience Month:

This month, we recommit to improving the resilience of our Nation’s critical infrastructure so it can withstand all hazards — natural and manmade.  By building better roads, bridges, and ports; fortifying our information technology and cybersecurity across sectors, including election systems; safeguarding our food and water sources; moving to clean energy; and strengthening all other critical infrastructure sectors, we will lay the foundation for long-term security and prosperity.

The proclamation is an interesting read and I will give my thoughts in a second. First I’d like to share the thoughts of Craig Burland who is the CISO of Inversion6:

“This announcement continues a trend of active participation by the US government in cybersecurity.  Last week, CISA announced the Cross-Sector Cybersecurity Performance Goals.  The head of CISA has been working hard to build public-private partnerships to boost our collective defense.  CMMC is coming in 2023.  These are all positive steps that will help increase the mind-share cybersecurity occupies in corner offices and board rooms, especially for those that do business with the US government.  With the interdependency of the global supply chain and global economy, it’s in everyone’s best interest to do business securely.”

My thoughts go something like this. This administration is clearly focused on increasing America’s cybersecurity readiness. That’s a noble and required goal given the times that we live in. And initiatives like these will help to make sure that cybersecurity is at the forefront of every American company, and citizen.

Leave a comment »

Commvault Decreases Gap in Data Governance, Risk, and Compliance with Metallic File & Object Archive

Posted in Commentary with tags on November 2, 2022 by itnerd

Commvault, a global enterprise leader in data management across on-premises, cloud, and SaaS environments, today announced a new approach to data protection with the launch of Metallic® File & Object Archive, a Data Management as a Service (DMaaS) solution designed to lower storage costs, while cost-effectively transforming how organizations navigate the world of Governance, Risk, and Compliance (GRC).

Global and industry GRC-related regulations are constantly changing, creating gaps in an organization’s ability to manage data across live and backup sources, resulting in a lack of visibility and insights, data sprawl, and greater opportunities for data vulnerabilities. Coupled with major shortages in IT staff and strict budget constraints, organizations are struggling, using multiple solutions to meet compliance guidelines and keep their data protected.

Announced at Commvault Connections 2022 and available next quarter, Metallic File & Object Archive directly addresses the need for deep insights into critical data with archive modeling delivered as SaaS with air gapped protection. It is a comprehensive solution for cost-effective data placement leveraging data insights, access controls, tagging, metadata search, audit trails, and reports to help manage compliance needs over a large amount of unstructured data. The result is a lower cost solution that helps reduce the risk of non-compliance. 

With predictable cost modeling, actionable data insights, flexible bring your own storage options, and compliance-ready operations, Metallic File & Object Archive enables organizations to lower costs, meet compliance needs, and reduce management overhead with the simplicity of SaaS.

Metallic File & Object Archive will be discussed in more detail during the Connections session, “More Data, More Risk? Introducing Our Latest SaaS-Delivered Data Service.” Register here to listen in and attend the interactive experience.

To learn more about Metallic File & Object Archive and how it can help lower costs, reduce risks, and support an organization’s GRC strategy, please visit metallic.io/file-object-archive.

Leave a comment »

BlackFog October State Of Ransomware Report Is Out

Posted in Commentary with tags on November 2, 2022 by itnerd

BlackFog’s monthly State of Ransomware Report for October is out and the key findings for the month of October from Dr. Darren Williams, CEO and Founder, BlackFog are:

  • October saw the highest number of confirmed ransomware attacks in the 3 years that BlackFog has been collecting data with a total of 44 publicized attacks. This highlights the limitations of existing traditional cybersecurity solutions and the general lack of preparedness by most organizations.
  • This month saw the largest increase in attacks on the Technology sector with an increase of over 29%. As in previous months we have also seen large increases in attacks on sectors with the lowest levels of protection in place, namely Healthcare, Education and Government with increases of 20%, 16% and 12% respectively.
  • The most dramatic changes in ransomware variants this month were BlackCat with an increase of 47% and LockBit with an increase of 39%. This reflects the effectiveness of these variants and specifically the data destruction capabilities of BlackCat that we became aware of in September.
  • While we continue to see PowerShell increase utilization to 85% we note this month that data exfiltration is now involved in 89% of all successful attacks.

Today’s full report can be found here: https://privacy.blackfog.com/wp-content/uploads/2022/11/BlackFogRansomwareReport-Oct-2022.pdf

Leave a comment »

« Older Entries
Newer Entries »