Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label public safety. Show all posts
Vulnerabilities
CPS critical Cyber Security Cyberattack Cybersecurity Digital Infrastructure National Security public safety Supply Chain Vulnerabilities

Cyberattacks on Critical Infrastructure: A Growing Threat to Global Security

 

During World War II, the U.S. Army Air Forces launched two attacks on ball bearing factories in Schweinfurt, aiming to disrupt Germany’s ability to produce machinery for war. The belief was that halting production would significantly affect Germany’s capacity to manufacture various war machines.

This approach has a modern parallel in the cybersecurity world. A cyberattack on a single industry can ripple across multiple sectors. For instance, the Colonial Pipeline attack affected American Airlines operations at Charlotte Douglas Airport. Similarly, the Russian NotPetya attack against Ukraine spilled onto the internet, impacting supply chains globally.

At the 2023 S4 Conference, Josh Corman discussed the potential for cascading failures due to cyberattacks. The creation of the Cybersecurity and Infrastructure Security Agency’s National Critical Functions was driven by the need to coordinate cybersecurity efforts across various critical sectors. Corman highlighted how the healthcare sector depends on several infrastructure sectors, such as water, energy, and transportation, to provide patient care.

The question arises: what if a cyber incident affected multiple segments of the economy at once? The consequences could be devastating.

What makes this more concerning is that it's not a new issue. The SQL Slammer virus, which appeared over two decades ago, compromised an estimated one in every 1,000 computers globally. Unlike the recent CrowdStrike bug, Slammer was an intentional exploit that remained unpatched for over six months. Despite differences between the events, both show that software vulnerabilities can be exploited, regardless of intent.

Digital technology now underpins everything from cars to medical devices. However, as technology becomes more integrated into daily life, it brings new risks. Research from Claroty’s Team82 reveals that insecure code and misconfigurations exist in software that controls physical systems, posing potential threats to national security, public safety, and economic stability.

Although the CrowdStrike incident was disruptive, businesses and governments must reflect on the event to prevent larger, more severe cyber incidents in the future.

Cyber-Physical Systems: A Shifting Threat Landscape

Nearly every facility, from water treatment plants to hospitals, relies on digital systems known as cyber-physical systems (CPS) to function. These systems manage critical tasks, but they also introduce vulnerabilities. Today, billions of tiny computers are embedded in systems across all industries, offering great benefits but also exposing the soft underbelly of society to cyber threats.

The Stuxnet malware attack in 2014, which disrupted Iran's nuclear program, was the first major cyber assault on CPS. Since then, there have been several incidents, including the 2016 Russian Industroyer malware attack that disrupted part of Ukraine’s power grid, and the 2020 Iranian attempt to attack Israeli water utilities. Most recently, Chinese hackers have targeted U.S. critical infrastructure.

These incidents highlight how cybercriminals and nation states exploit vulnerabilities in critical infrastructure to understand weaknesses and the potential impact on security. China, for example, has expanded its objectives from espionage to compromising U.S. infrastructure to weaken its defense capabilities in case of a conflict.

The CrowdStrike Bug and Broader Implications

The CrowdStrike bug wasn’t a malicious attack but rather a mistake tied to a gap in quality assurance. Still, the incident serves as a reminder that our dependence on digital systems has grown significantly. Failures in cyber-physical systems—whether in oil pipelines, manufacturing plants, or hospitals—can have dangerous physical consequences.

Although attacks on CPS are relatively rare, many of these systems still rely on outdated technology, including Windows operating systems, which account for over 25% of vulnerabilities in the CISA Known Exploited Vulnerabilities Catalog. Coupled with long periods of technological obsolescence, these vulnerabilities pose significant risks.

What would happen if a nation-state deliberately targeted CPS in critical infrastructure? The potential consequences could be far worse than the CrowdStrike bug.

Addressing the vulnerabilities in CPS will take time, but there are several steps that can be taken immediately:

  • Operationalize compensating controls: Organizations must inventory assets and implement network segmentation and secure access to protect vulnerable systems.
  • Expand secure-by-design principles: CISA has emphasized the need to focus on secure-by-design in CPS, particularly for medical devices and automation systems.
  • Adopt secure-by-demand programs: Organizations should ask the right questions of software vendors during procurement to ensure higher security standards.
Although CPS drive innovation, they also introduce new risks. A failure in one link of the global supply chain could cascade across industries, disrupting critical services. The CrowdStrike bug wasn’t a malicious attack, but it underscores the fragility of modern infrastructure and the need for vigilance to prevent future incidents
Read more »
Weapon Detection
AI Detection AI Scanner AI technology public safety Technology Weapon Detection

Unraveling Evolv Technology's Alleged UK Government Testing Controversy

 

Evolv Technology, a prominent player in the field of AI-driven weapons-scanning technology, has found itself embroiled in controversy following revelations about its testing claims with the UK government. The company's scanners, heralded as "intelligent" detectors capable of identifying concealed weapons, have faced mounting criticism for potentially overstating their capabilities. 

Despite assertions of effectiveness, an in-depth investigation by BBC News has unearthed significant discrepancies in Evolv's claims and the actual testing process, raising questions about transparency, accountability, and the reliability of its technology. Evolv initially made headlines with claims that its AI weapons scanner underwent rigorous testing by the UK Government's National Protective Security Authority (NPSA). 

However, this assertion was swiftly debunked when it was revealed that the NPSA does not engage in the type of evaluations Evolv purportedly underwent. In response to mounting scrutiny, Evolv issued a statement acknowledging the misrepresentation of the testing process and subsequently revised its claims to align more closely with reality. This revelation has cast doubt on the veracity of Evolv's marketing claims and underscores the need for greater transparency and accuracy in the portrayal of its technology's capabilities. 

While an independent company, Metrix NDT, did conduct testing of Evolv's technology against NPSA specifications, it clarified that it did not provide validation of the system's effectiveness. This admission raises concerns about the accuracy and reliability of Evolv's scanners, particularly in detecting knives, explosives, and other concealed threats. Previous testing revealed inconsistencies in Evolv's performance, prompting calls for more transparency and accountability from the company regarding its testing procedures and results. 

Moreover, criticisms have been levied against Evolv regarding the efficacy of its technology in real-world scenarios. While the company claims its scanners can accurately identify concealed weapons based on their unique "signatures," questions remain about their reliability and effectiveness in diverse environments and operational conditions. 

The discrepancy between marketing claims and actual performance underscores the importance of independent verification and validation of security technologies to ensure their efficacy and reliability in safeguarding public safety and critical infrastructure. As Evolv navigates the fallout from this controversy, stakeholders across industries must remain vigilant in assessing the capabilities and limitations of emerging technologies. 

The evolving narrative surrounding Evolv's technology highlights the complexities of navigating the cybersecurity landscape and underscores the need for transparent communication, rigorous testing, and responsible marketing practices. By prioritizing transparency, accountability, and adherence to established standards, companies can foster confidence in their products and contribute to a safer, more secure future for all.
Read more »
UK Government
Apple criticism Cyber Security global privacy tools Investigatory Powers Act legislative amendments privacy-focused tech public safety Tech Firm UK Government

Apple Raises Concerns Over UK's Ability to 'Secretly Veto' Global Privacy Tools

 

Apple has strongly criticized the UK government's move to require pre-approval of new security features introduced by technology companies. Proposed amendments to the Investigatory Powers Act (IPA) 2016 suggest that if the UK Home Office rejects an update, it cannot be released in any other country without public notification. The government justifies these changes as necessary to balance technological innovation and private communications with public safety.

The Home Office expressed support for privacy-focused technology but emphasized the need to prioritize national security. A government spokesperson stated that decisions regarding lawful access to protect the country from threats must be made by democratic authorities and approved by Parliament. The proposed amendments are set to be debated in the House of Lords.

Apple condemned the proposed changes, labeling them as an "unprecedented overreach" by the UK government. The tech giant expressed deep concerns about the potential risks to user privacy and security. Apple argued that if enacted, the amendments could allow the UK to globally veto new user protections, hindering the company from offering enhanced security measures to customers.

The existing Investigatory Powers Act, criticized as a "snoopers charter," has faced opposition from Apple in the past. In July 2023, Apple threatened to withdraw services like FaceTime and iMessage from the UK to maintain future security standards. However, the proposed amendments extend beyond specific services to encompass all Apple products.

Civil liberties groups, including Big Brother Watch, Liberty, Open Rights Group, and Privacy International, jointly opposed the bill in January. They expressed concerns that the changes could compel technology companies to inform the government of any plans to enhance security or privacy measures, effectively turning private companies into tools of surveillance and undermining device and internet security.

These proposed amendments follow a review of existing legislation and encompass updates related to data collection by intelligence agencies and the use of internet connection records. The contentious debate over balancing privacy, security, and technological innovation is set to unfold in the House of Lords.
Read more »
Subscribe to: Posts (Atom)