Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Risks. Show all posts
Vendors
Breaches Clean Energy Cyber Security Energy IT Security Ransomware resilience Risks Supply Chain Vendors

Energy Sector Faces Heightened Supply Chain Risks Amid Growing Dependence on IT and Software Vendors

 

The energy industry is experiencing a sharp increase in supply chain risks, largely driven by its growing reliance on external vendors. According to a recent report, two-thirds of security breaches in this sector now originate from software and IT vendors.

The study, conducted by SecurityScorecard and KPMG, titled "A Quantitative Analysis of Cyber Risks in the U.S. Energy Supply Chain," draws attention to frequent threats, including ransomware attacks targeting traditional IT systems.

Researchers have emphasized that as the transition to cleaner energy picks up pace, and as the grid becomes more interconnected and software-reliant, vulnerabilities in the energy sector are expected to increase.

Ryan Sherstobitoff, senior vice president of threat research and intelligence at SecurityScorecard, stated, “The energy sector's rising dependence on third-party vendors exposes a significant vulnerability—its security is only as robust as its weakest link."

He added that this growing reliance on external vendors introduces considerable risks, urging the industry to strengthen cybersecurity defenses before a breach escalates into a national crisis.

The report highlighted that third-party risks account for nearly half of all breaches in the energy sector—significantly higher than the global average of 29%. Over 90% of organizations that experienced multiple breaches were attacked through third-party vendors.

Additionally, the report found that software and IT vendors were responsible for 67% of third-party breaches, while only a small number were linked to other energy companies. A notable portion of these incidents stemmed from the MOVEit file transfer software vulnerability, which was exploited by the Clop ransomware group last year.

The report also pointed out application security, DNS health, and network security as some of the most significant weaknesses in the sector.

The findings come at a time when the U.S. Department of Energy is convening with energy sector leaders to promote the Supply Chain Cybersecurity Principles, urging companies to focus on reducing risks posed by software and IT vendors, which represent the highest third-party threats.

As part of this effort, energy operators are encouraged to ensure new technology purchases are secure by incorporating initiatives like CISA’s "Secure by Design" and following the Department of Energy’s Supply Chain Cybersecurity Principles. The industry must also bolster security programs to defend against supply chain risks and geopolitical threats, especially from nation-state actors, and analyze ransomware attacks affecting foreign counterparts to improve resilience.

“The energy sector is a complex system undergoing a significant generational shift, heavily reliant on a stable supply chain," said Prasanna Govindankutty, KPMG's principal and cybersecurity leader for the U.S. sector.

He further explained that with rising geopolitical and technology-based threats, the industry is facing a level of risk exposure that could negatively impact both businesses and citizens. Organizations that can quantify these risks and implement mitigation strategies will be better equipped to navigate the energy transition.
Read more »
Vulnerabilities
connected gadgets Cyber Security Cyber Threats Data Privacy IoT Network Security Remote Work Risks Smart Devices Vulnerabilities

Unveiling the Unseen Cybersecurity Threats Posed by Smart Devices

 

The number of smart devices worldwide has surpassed the global population, with a continuous upward trend, particularly amidst remote and hybrid work settings. Ranjit Atwal, Gartner's senior research director, attributes this surge to the increase in remote work. As work mobility grows, the demand for connected devices like 4G/5G laptops rises, crucial for employees to work from anywhere.

Smart devices encompass gadgets connecting to the internet, like smart bulbs, speakers (e.g., Amazon's Alexa), and wearables such as the Apple Watch. They collect data, enhancing user experience but also pose security risks exploited by cybercriminals. Surprisingly, consumers often overlook security when purchasing smart devices, as shown by Blackberry's research.

In response, the European Union proposed the "Cyber Resilience Act" to enforce cybersecurity standards for all connected devices. Failure to comply may result in hefty fines. Margrethe Vestager from the European Commission emphasizes the need for market products to meet robust cybersecurity measures, likening it to trusting CE-marked toys or fridges.

Security vulnerabilities in smart devices pose threats, as seen in TP-Link's smart lightbulb. Exploiting these vulnerabilities could grant hackers access to networks, risking data and enabling potential malware deployment. Even smart homes face numerous entry points for hackers, as illustrated by investigations conducted by Which?, showcasing thousands of hacking attempts in a week.

Mirai botnet targets smart devices, using brute-force attacks to gain access via weak passwords. In a concerning case, a Google Home speaker was turned into a wiretap due to vulnerabilities, highlighting the potential risks associated with unsecured devices.

Securing home networks becomes paramount. Strategies include:

1. Purposeful Device Selection: Opt for devices that suit your needs, avoiding unnecessary interconnected gadgets.
2. Router Security: Update router settings, change default passwords, and enable automatic firmware updates.
3. Password Management:Use password managers to create strong and unique passwords for each account.
4. Multi-Factor Authentication (MFA): Employ MFA to add layers of verification during logins.
5. Wi-Fi Network Segmentation: Create separate networks for different devices to isolate potential threats.
6. Virtual Private Networks (VPNs):Invest in VPNs to encrypt online activities and protect against cyber threats on unsecured networks.

Implementing these measures strengthens overall cybersecurity, safeguarding personal data and devices from potential breaches and threats.
Read more »
Security
Cyber Security Data Issues Risks Safety Security

Businesses Must Stay up With Cybercriminals, as They Become More Sophisticated

 

As much as we may want to tune out when we hear about cybersecurity, it is an issue that cannot be ignored. Cybercrime is a constant threat to businesses and individuals alike, and the risks are too great to simply accept and move on. While it may seem like we have already heard enough about it, the reality is that we can never be too vigilant when it comes to protecting ourselves against cyber threats. 

One of the biggest risks is the so-called "day zero attack," which exploits previously unknown weaknesses in software. These attacks can be incredibly damaging, especially if the software is widely used. That's why it's crucial that we make cybersecurity a top priority and stay vigilant in our efforts to identify and mitigate vulnerabilities. Unfortunately, many people take a "been there, done that" approach to cybersecurity, assuming that they've already taken all the necessary steps to protect themselves. 

But the truth is that new threats are constantly emerging, and unless we stay up to date and remain proactive in our approach to cybersecurity, we risk leaving ourselves open to attack. In short, we can never hear enough about cybersecurity. It is a constant and ever-evolving threat that requires constant attention and vigilance. By staying informed and proactive, we can better protect ourselves and our businesses from the damaging effects of cybercrime.

Some may argue that this type of warning seems overly dramatic and pessimistic, but consider the following scenario: An employee receives a notification on their laptop to update a software application with crucial security upgrades to mitigate against vulnerabilities. However, due to a looming deadline, they repeatedly ignore the notification. Eventually, a malicious actor finds an open door into the system and exploits the vulnerability, all because the employee didn't prioritize cybersecurity.

Sadly, this scenario is more common than we'd like to think. While South Africa has made significant progress in catching up with the rest of the world regarding cybersecurity, there are still challenges to overcome. One such challenge is the difficulty of convincing boards to invest in a non-revenue-generating department such as cybersecurity.

While it may be tempting to downplay the importance of cybersecurity and assume that we're doing enough to protect ourselves, the reality is that the threats are constantly evolving and require our ongoing attention and vigilance. By prioritizing cybersecurity and investing in the necessary resources and infrastructure, we can better safeguard our businesses and personal information from the ever-present dangers of cybercrime.

Even if a business decides to outsource its security needs, it still requires a certain level of expertise in-house. In the past, it was common to rely on instinct and hope for the best, but now there are industry standards and best practices that have been mandated for businesses in all sectors. Adhering to these standards requires significant time, money, and resources investments. While cybersecurity is not a revenue-generating department, failure to invest in it can put the entire business at risk.

Unfortunately, this is a hard pill to swallow for many local businesses, as the costs of implementing these measures can be significant. It may also be difficult to find and retain the necessary scarce skills. A small or medium-sized business may need to hire up to five new employees, while a larger organization may need closer to 10.

Furthermore, the concept of "zero trust" has become increasingly popular in recent years. While this approach may work well for large corporations, it can be challenging to strike a balance between security and usability. The only truly zero trust environment is an analog one, where air-gapped processes are completely out of reach of cybercriminals. Once a system is connected to the internet, there is always a risk of infection, no matter how many security measures are in place.

The majority of the exploits we read about are caused by a relatively small number of vulnerabilities. A well-publicized ransomware attack, for example, could be the end result, but it would most likely have been accomplished through one of a tiny group of vulnerabilities that had not yet been patched or fixed with an update.

Looking ahead to 2023 and beyond, the one certainty is that threat actors will continue to search for vulnerabilities. The criminal underworld's research and development teams are hard at work, sharing exploits and communicating broadly about the best ways to attack. This sophisticated collaboration feeds an ongoing increase in ransomware attacks.

The primary concern going forward is how we deal with an increase in sophistication, regardless of the means used by the criminal or the vulnerability they seek to exploit. While we have been fortunate so far in being able to differentiate between legitimate and scam emails, advances in technology, particularly artificial intelligence, could make this more difficult in the future.

To combat this, businesses and individuals need to understand their overall attack surface, including vulnerabilities in PCs, laptops, and mobile devices, as well as available VPNs and services. Once a business has a comprehensive understanding of its attack surface, it should use third parties to perform penetration tests and vulnerability scans and stay on top of its cloud security obligations.

Alongside investments like a dedicated Security team and the assistance of third-party partners, ongoing user cybercrime education and awareness strategies will remain one of the most important investments for any business. All organizations should also be moving along the continuum of a zero trust strategy, finding the balance between security and usability. Ultimately, each user is responsible for security.
Read more »
Supply Chain
Cyber Security NCSC Researcher Risks Russia Supply Chain

NCSC Suggests to Reconsider Russian Supply Chain Risks

 

One of the UK's top security agencies has encouraged the public sector, critical infrastructure (CNI), and other institutions to rethink the hazards of any "Russian-controlled" elements of their supply chain. 

There is no evidence that the Russian government is preparing to compel private providers to harm UK interests, according to Ian Levy, technical director of the National Cyber Security Centre (NCSC). That doesn't rule out the possibility of it happening or happening in the future, he continued. 

"Russian law already contains legal obligations on companies to assist the Russian Federal Security Service (FSB), and the pressure to do so may increase in a time of war. We also have hacktivists on each side, further complicating matters, so the overall risk has materially changed. The war has proven many widely held beliefs wrong and the situation remains highly unpredictable. In our view, it would be prudent to plan for the possibility that this could happen. In times of such uncertainty, the best approach is to make sure your systems are as resilient as you can reasonably make them,” Levy argued. 

All UK public sector organisations, those supplying services to Ukraine, CNI enterprises, organisations performing the activity that could be regarded as being in opposition to Russian interests, and high-profile institutions whose compromise would be a PR success for the Kremlin are all covered by the new NCSC guidelines. 

Levy continued, “You may choose to remove Russian products and services proactively, wait until your contract expires (or your next tech refresh), or do it in response to some geopolitical event. Alternatively, you may choose to live with the risk. Whatever you choose, remember that cybersecurity, even in a time of global unrest, remains a balance of different risks. Rushing to change a product that’s deeply embedded in your enterprise could end up causing the very damage you’re trying to prevent.” 

Even those companies which aren’t likely to be a target should remember that global sanctions could impact the availability of any Russian technology services. There was some good news from the NCSC. Levy said individuals using Kaspersky products could continue to do so relatively safely. He claimed that “massive, global cyber-attacks” are unlikely to be launched due to the conflict.
Read more »
Subscribe to: Posts (Atom)