LA Launches Cyber Resilience Center

Read Time:1 Minute, 54 Second

LA Launches Cyber Resilience Center

The Port of Los Angeles has opened a new Cyber Resilience Center (CRC) that will detect and protect against cyber-threats that could potentially impact cargo flow.

In addition to providing the port with an early warning system, the center will enable CRC stakeholders – such as tenants and cargo handlers – to quickly share threat indicators and better coordinate defensive responses.

A $6.8m agreement for International Business Machines Corporation (IBM) to design, install, operate and maintain the center was approved by the Los Angeles Board of Harbor Commissioners in December 2020. 

“Now more than ever, there’s a critical need for global supply chains to operate securely and undisrupted. We’re honored to partner with the Port of Los Angeles to design and build its Cyber Resilience Center, further strengthening its cyber preparedness,” said Wendi Whitmore, vice president, IBM Security X-Force in 2020.

She added: “As the Port of Los Angeles takes these significant steps to strengthen the cyber resilience of its ecosystem, we’re proud it selected IBM’s premier capabilities in threat intelligence, AI and cloud security to help achieve this.”

The new center’s opening is not the first significant cybersecurity effort undertaken by the Port of Los Angeles. Since 2015, the port has maintained an ISO 27001 certification. In 2014, the port established the nation’s first port-based Cyber Security Operations Center to proactively monitor the port’s digital environment for vulnerabilities and cyber-threats. 

The new CRC builds on the port’s pre-existing technology infrastructure to improve cyber information sharing quality, quantity and speed.

Port of Los Angeles executive director Gene Seroka said: “We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo.”

Around 20 participating stakeholders are now using the new CRC system and accessing IBM X-force Threat Intelligence. More groups are expected to join the system every six months. 

Through the CRC, stakeholders will be offered annual cybersecurity training and have the chance to participate in tabletop exercises.

Christopher McCurdy, general manager of IBM Security Services, said: “The Port of Los Angeles is setting a new industry standard with its first-of-its-kind initiative to increase cyber readiness across the maritime community.”

Read More

LA Launches Cyber Resilience Center

Read Time:1 Minute, 54 Second

LA Launches Cyber Resilience Center

The Port of Los Angeles has opened a new Cyber Resilience Center (CRC) that will detect and protect against cyber-threats that could potentially impact cargo flow.

In addition to providing the port with an early warning system, the center will enable CRC stakeholders – such as tenants and cargo handlers – to quickly share threat indicators and better coordinate defensive responses.

A $6.8m agreement for International Business Machines Corporation (IBM) to design, install, operate and maintain the center was approved by the Los Angeles Board of Harbor Commissioners in December 2020. 

“Now more than ever, there’s a critical need for global supply chains to operate securely and undisrupted. We’re honored to partner with the Port of Los Angeles to design and build its Cyber Resilience Center, further strengthening its cyber preparedness,” said Wendi Whitmore, vice president, IBM Security X-Force in 2020.

She added: “As the Port of Los Angeles takes these significant steps to strengthen the cyber resilience of its ecosystem, we’re proud it selected IBM’s premier capabilities in threat intelligence, AI and cloud security to help achieve this.”

The new center’s opening is not the first significant cybersecurity effort undertaken by the Port of Los Angeles. Since 2015, the port has maintained an ISO 27001 certification. In 2014, the port established the nation’s first port-based Cyber Security Operations Center to proactively monitor the port’s digital environment for vulnerabilities and cyber-threats. 

The new CRC builds on the port’s pre-existing technology infrastructure to improve cyber information sharing quality, quantity and speed.

Port of Los Angeles executive director Gene Seroka said: “We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo.”

Around 20 participating stakeholders are now using the new CRC system and accessing IBM X-force Threat Intelligence. More groups are expected to join the system every six months. 

Through the CRC, stakeholders will be offered annual cybersecurity training and have the chance to participate in tabletop exercises.

Christopher McCurdy, general manager of IBM Security Services, said: “The Port of Los Angeles is setting a new industry standard with its first-of-its-kind initiative to increase cyber readiness across the maritime community.”

Read More

New Mexico Files Cybersecurity Bills

Read Time:1 Minute, 48 Second

New Mexico Files Cybersecurity Bills

Lawmakers in New Mexico from both sides of the aisle have introduced new legislation to defend the state against cyber-threats. 

In the past six days, Republican senator Rebecca Dow and Democratic senator Michael Padilla have each filed a cybersecurity bill in a bid to ensure additional attack prevention measures are implemented in the country.

Dow’s bill (HB122), which was filed to a House committee on January 21, is centered around increasing the cybersecurity of public schools.

“The last thing we need while students are learning remotely is a cybersecurity breach. This further disrupts learning,” said representative Dow. 

She added: “Dollars need to go to improving student outcomes, not to paying ransoms.”

Dow’s proposed legislation would require the introduction of a School Cybersecurity Program for the statewide education technology infrastructure network by the end of fiscal year 2026. 

“It will cost about 43 million dollars to address the needs of all 87 school districts, and that’s based on a cybersecurity task force that we requested them to investigate and report back to us,” said Dow, “Now it’s time for us to fund that.”

Representative Padilla’s proposed legislation (HB98), filed on January 19, would allocate $1m to create an Office of Cybersecurity within New Mexico that would include a team of cybersecurity experts led by a chief officer. 

Padilla said the office would act as “a repository for all best practices” and would “save districts money, time, and energy.”

“You have a place to better spend the dollars that are utilized and available to fight cybersecurity attacks,” said the senator. 

On or before September 1 2022, the cybersecurity office would be required to develop and present to the governor and the appropriate legislative interim committee a preliminary five-year statewide cybersecurity plan. 

“The preliminary plan shall include an assessment of cybersecurity services for governmental agencies and public educational institutions across the state compared to the standards established by various federal requirements for research grants or education or cybersecurity assistance programs,” states the bill.

Input for the plan would be requested from each local and tribal government within New Mexico.

Read More

New Mexico Files Cybersecurity Bills

Read Time:1 Minute, 48 Second

New Mexico Files Cybersecurity Bills

Lawmakers in New Mexico from both sides of the aisle have introduced new legislation to defend the state against cyber-threats. 

In the past six days, Republican senator Rebecca Dow and Democratic senator Michael Padilla have each filed a cybersecurity bill in a bid to ensure additional attack prevention measures are implemented in the country.

Dow’s bill (HB122), which was filed to a House committee on January 21, is centered around increasing the cybersecurity of public schools.

“The last thing we need while students are learning remotely is a cybersecurity breach. This further disrupts learning,” said representative Dow. 

She added: “Dollars need to go to improving student outcomes, not to paying ransoms.”

Dow’s proposed legislation would require the introduction of a School Cybersecurity Program for the statewide education technology infrastructure network by the end of fiscal year 2026. 

“It will cost about 43 million dollars to address the needs of all 87 school districts, and that’s based on a cybersecurity task force that we requested them to investigate and report back to us,” said Dow, “Now it’s time for us to fund that.”

Representative Padilla’s proposed legislation (HB98), filed on January 19, would allocate $1m to create an Office of Cybersecurity within New Mexico that would include a team of cybersecurity experts led by a chief officer. 

Padilla said the office would act as “a repository for all best practices” and would “save districts money, time, and energy.”

“You have a place to better spend the dollars that are utilized and available to fight cybersecurity attacks,” said the senator. 

On or before September 1 2022, the cybersecurity office would be required to develop and present to the governor and the appropriate legislative interim committee a preliminary five-year statewide cybersecurity plan. 

“The preliminary plan shall include an assessment of cybersecurity services for governmental agencies and public educational institutions across the state compared to the standards established by various federal requirements for research grants or education or cybersecurity assistance programs,” states the bill.

Input for the plan would be requested from each local and tribal government within New Mexico.

Read More

Cyber-Attack on Global Affairs Canada

Read Time:1 Minute, 55 Second

Cyber-Attack on Global Affairs Canada

Cyber-criminals have attacked the federal government entity responsible for Canada’s diplomatic and global relations. 

Global Affairs Canada was hit on Wednesday – one day before the Canadian Centre for Cyber Security issued a cyber-threat bulletin urging critical infrastructure operators to strengthen their defenses against known Russian-based cyber-threat activity.

“The Canadian Centre for Cyber Security encourages the Canadian cybersecurity community – especially critical infrastructure network defenders – to bolster their awareness of and protection against Russian state-sponsored cyber threats,” stated the bulletin.

Confirmation of the attack came on Monday via the Treasury Board of Canada, which said that “mitigation actions were taken” in response to the incident. 

The digital assault left some diplomats without access to certain online services, according to news source The Star

Canada’s federal government has not said who it believes is responsible for the attack.

In a statement to ABC News, the Treasury Board said: “We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage. We encourage all government and non-government partners to use cyber security best practices.”

The attack came as the United States Department of Homeland Security warned that the US response to a possible Russian invasion of Ukraine could make the US a target of cyber-attacks by the Russian government and its proxies.

A DHS Intelligence and Analysis bulletin sent to law enforcement agencies around the country and viewed by ABC News said: “We assess that Russia would consider initiating a cyber-attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security.” 

Commenting on the bulletin, Tim Erlin, VP of strategy as Tripwire said: “The cybersecurity industry has gotten used to tossing around the idea of ‘nation-state’ adversaries, but I think we’ve yet to see cyber-attacks used in concert with a full-fledged military campaign.  

“DHS’s warning sets that expectation that something has changed in the threat profile and that organizations should be prepared for a change in the types of attacks they see.”

Erlin warned that simply issuing an alert “doesn’t magically remove the obstacles that are preventing organizations from implementing solid security controls.”

Read More

Cyber-Attack on Global Affairs Canada

Read Time:1 Minute, 55 Second

Cyber-Attack on Global Affairs Canada

Cyber-criminals have attacked the federal government entity responsible for Canada’s diplomatic and global relations. 

Global Affairs Canada was hit on Wednesday – one day before the Canadian Centre for Cyber Security issued a cyber-threat bulletin urging critical infrastructure operators to strengthen their defenses against known Russian-based cyber-threat activity.

“The Canadian Centre for Cyber Security encourages the Canadian cybersecurity community – especially critical infrastructure network defenders – to bolster their awareness of and protection against Russian state-sponsored cyber threats,” stated the bulletin.

Confirmation of the attack came on Monday via the Treasury Board of Canada, which said that “mitigation actions were taken” in response to the incident. 

The digital assault left some diplomats without access to certain online services, according to news source The Star

Canada’s federal government has not said who it believes is responsible for the attack.

In a statement to ABC News, the Treasury Board said: “We are constantly reviewing measures to protect Canadians and our critical infrastructure from electronic threats, hacking, and cyber espionage. We encourage all government and non-government partners to use cyber security best practices.”

The attack came as the United States Department of Homeland Security warned that the US response to a possible Russian invasion of Ukraine could make the US a target of cyber-attacks by the Russian government and its proxies.

A DHS Intelligence and Analysis bulletin sent to law enforcement agencies around the country and viewed by ABC News said: “We assess that Russia would consider initiating a cyber-attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security.” 

Commenting on the bulletin, Tim Erlin, VP of strategy as Tripwire said: “The cybersecurity industry has gotten used to tossing around the idea of ‘nation-state’ adversaries, but I think we’ve yet to see cyber-attacks used in concert with a full-fledged military campaign.  

“DHS’s warning sets that expectation that something has changed in the threat profile and that organizations should be prepared for a change in the types of attacks they see.”

Erlin warned that simply issuing an alert “doesn’t magically remove the obstacles that are preventing organizations from implementing solid security controls.”

Read More

Merck Wins Insurance Lawsuit re NotPetya Attack

Read Time:1 Minute, 2 Second

The insurance company Ace American has to pay for the losses:

On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

Merck suffered US$1.4 billion in business interruption losses from the Notpetya cyber attack of 2017 which were claimed against “all risks” property re/insurance policies providing coverage for losses resulting from destruction or corruption of computer data and software.

The parties disputed whether the Notpetya malware which affected Merck’s computers in 2017 was an instrument of the Russian government, so that the War or Hostile Acts exclusion would apply to the loss.

The Court noted that Merck was a sophisticated and knowledgeable party, but there was no indication that the exclusion had been negotiated since it was in standard language. The Court, therefore, applied, under New Jersey law, the doctrine of construction of insurance contracts that gives prevalence to the reasonable expectations of the insured, even in exceptional circumstances when the literal meaning of the policy is plain.

Merck argued that the attack was not “an official state action,” which I’m surprised wasn’t successfully disputed.

Slashdot thread.

Read More

Merck Wins Insurance Lawsuit re NotPetya Attack

Read Time:1 Minute, 2 Second

The insurance company Ace American has to pay for the losses:

On 6th December 2021, the New Jersey Superior Court granted partial summary judgment (attached) in favour of Merck and International Indemnity, declaring that the War or Hostile Acts exclusion was inapplicable to the dispute.

Merck suffered US$1.4 billion in business interruption losses from the Notpetya cyber attack of 2017 which were claimed against “all risks” property re/insurance policies providing coverage for losses resulting from destruction or corruption of computer data and software.

The parties disputed whether the Notpetya malware which affected Merck’s computers in 2017 was an instrument of the Russian government, so that the War or Hostile Acts exclusion would apply to the loss.

The Court noted that Merck was a sophisticated and knowledgeable party, but there was no indication that the exclusion had been negotiated since it was in standard language. The Court, therefore, applied, under New Jersey law, the doctrine of construction of insurance contracts that gives prevalence to the reasonable expectations of the insured, even in exceptional circumstances when the literal meaning of the policy is plain.

Merck argued that the attack was not “an official state action,” which I’m surprised wasn’t successfully disputed.

Slashdot thread.

Read More

UK Government Announces New Cyber Strategy to Protect Public Sector

Read Time:2 Minute, 35 Second

UK Government Announces New Cyber Strategy to Protect Public Sector

The UK government has unveiled its first ever cybersecurity strategy, which aims to protect essential public sector services from being shut down by hostile threat actors.

In a speech in London today, Chancellor of the Duchy of Lancaster Steve Barclay announced £37.8m in funding to help local authorities boost their cyber-resilience. This will protect essential services and data, such as housing benefits, voter registration, electoral management, school grants and the provision of social care.

Barclay announced a raft of other initiatives to go alongside this funding commitment. This includes a new Government Cyber Coordination Centre (GCCC) to better coordinate responses to attacks on public sector systems and a cross-government vulnerability reporting service to enable security researchers and the public to easily report issues they identify with public sector digital services. In addition, a more detailed assurance regime will be implemented across central government departments.

The strategy is designed to combat surging cyber-attacks on the UK public sector in recent years. Notable examples include the ransomware attacks on Redcar & Cleveland and Hackney Councils in 2020, causing significant disruption and recovery costs. The government revealed that of the 777 incidents managed by the National Cyber Security Centre (NCSC) between September 2020 and August 2021, around 40% targeted the public sector.

Barclay also stated that Britain is now the third most targeted country in the world in cyberspace from hostile states.

He outlined: “Our public services are precious, and without them, individuals can’t access the support that they rely on.

“If we want people to continue to access their pensions online, social care support from local government or health services, we need to step up our cyber-defenses.

“The cyber-threat is clear and growing. But the government is acting – investing over £2bn in cyber, retiring legacy IT systems and stepping up our skills and coordination.”

Commenting on the announcement, Andrew Kays, CEO at Socura, said: “Following other recent government cyber announcements, the UK security industry will welcome the strategy and the understanding that modern public services are completely reliant on digital technology. The UK is highly targeted, and it is important that, as a nation, we defend our ability to support our citizens and the services they rely on. I would question whether £37.8m is enough to help local authorities improve cyber-resilience, given their current level of resources and the threats they face. It may prove to be a drop in the ocean, but at the £2bn investment overall is a significant sum.”

The initiative follows the publication of the UK government’s national cyber strategy at the end of last year.

In a separate announcement today, the Department for Digital, Culture, Media and Sport (DCMS) launched the International Data Transfer Expert Council, which will provide independent advice to the government on facilitating free and secure cross-border data flow following the UK’s departure from the EU. The council is meeting for the first time today and comprises leading academics and industry figures, including Google, Mastercard and Microsoft.

Read More

UK Government Announces New Cyber Strategy to Protect Public Sector

Read Time:2 Minute, 35 Second

UK Government Announces New Cyber Strategy to Protect Public Sector

The UK government has unveiled its first ever cybersecurity strategy, which aims to protect essential public sector services from being shut down by hostile threat actors.

In a speech in London today, Chancellor of the Duchy of Lancaster Steve Barclay announced £37.8m in funding to help local authorities boost their cyber-resilience. This will protect essential services and data, such as housing benefits, voter registration, electoral management, school grants and the provision of social care.

Barclay announced a raft of other initiatives to go alongside this funding commitment. This includes a new Government Cyber Coordination Centre (GCCC) to better coordinate responses to attacks on public sector systems and a cross-government vulnerability reporting service to enable security researchers and the public to easily report issues they identify with public sector digital services. In addition, a more detailed assurance regime will be implemented across central government departments.

The strategy is designed to combat surging cyber-attacks on the UK public sector in recent years. Notable examples include the ransomware attacks on Redcar & Cleveland and Hackney Councils in 2020, causing significant disruption and recovery costs. The government revealed that of the 777 incidents managed by the National Cyber Security Centre (NCSC) between September 2020 and August 2021, around 40% targeted the public sector.

Barclay also stated that Britain is now the third most targeted country in the world in cyberspace from hostile states.

He outlined: “Our public services are precious, and without them, individuals can’t access the support that they rely on.

“If we want people to continue to access their pensions online, social care support from local government or health services, we need to step up our cyber-defenses.

“The cyber-threat is clear and growing. But the government is acting – investing over £2bn in cyber, retiring legacy IT systems and stepping up our skills and coordination.”

Commenting on the announcement, Andrew Kays, CEO at Socura, said: “Following other recent government cyber announcements, the UK security industry will welcome the strategy and the understanding that modern public services are completely reliant on digital technology. The UK is highly targeted, and it is important that, as a nation, we defend our ability to support our citizens and the services they rely on. I would question whether £37.8m is enough to help local authorities improve cyber-resilience, given their current level of resources and the threats they face. It may prove to be a drop in the ocean, but at the £2bn investment overall is a significant sum.”

The initiative follows the publication of the UK government’s national cyber strategy at the end of last year.

In a separate announcement today, the Department for Digital, Culture, Media and Sport (DCMS) launched the International Data Transfer Expert Council, which will provide independent advice to the government on facilitating free and secure cross-border data flow following the UK’s departure from the EU. The council is meeting for the first time today and comprises leading academics and industry figures, including Google, Mastercard and Microsoft.

Read More

News, Advisories and much more

Exit mobile version