Tag Archive for: center

Learning from Ghana’s Multistakeholder Approach to Cyber Security – Africa Center for Strategic Studies

/in


Ghana’s inclusive approach to developing a national cybersecurity strategy offers a model for how to rapidly build cyber capacity without undermining the safety of citizens.

Ghana's Joint Cybersecurity Committee

The inauguration of Ghana’s Joint Cybersecurity Committee. (Photo: Cyber Security Authority)

As internet penetration has exponentially grown, African countries have become more exposed to cyber-related threats. Increasingly organized malicious actors deploy increasingly sophisticated forms of malware that threaten critical maritime and energy infrastructure, cause billions of dollars in annual losses, disrupt internet access, and steal sensitive information from governments, politicians, businesspeople, citizens, and activists across the continent. Most African countries have experienced at least one publicly documented disinformation campaign, a majority of which are sponsored by external actors.

Unfortunately, most African countries have yet to establish foundational cybersecurity policies to confront these threats. A majority have yet to author a national cybersecurity strategy, to set up institutions capable of responding to major cybersecurity incidents, or to define an approach to international cooperation in cyberspace.

“Ghana has placed a citizen-centric, multistakeholder approach at the core of its efforts to address the country’s cybersecurity challenges.”

Ghana is not most African countries. It is 1 of only 12 nations in Africa to possess both a national cybersecurity strategy and national incident response capabilities. It is also one of only four to have ratified both the Budapest and Malabo Conventions, two major treaties aimed at addressing the international dimensions of cyber-related threats.

Just as impressively, Ghana has placed a citizen-centric, multistakeholder approach at the core of its efforts to address the country’s cybersecurity challenges. Civilians are in leadership roles in shaping most aspects of cybersecurity policy and strategy, from defining interagency responsibilities to developing incident response capabilities. Other countries across the continent have much to learn from Ghana’s approach, which has brought tremendous growth in cyber capabilities, enabled…

Source…

New center brings U-EPIC research power to the energy transition – @theU

/in


In a world in transition away from fossil fuels, the need for reliable and affordable renewable energy is clear. But there’s so much more that goes into the energy transition than just the technology needed to provide clean energy. How will students prepare for a workforce and industry that’s still coming into focus? How can the clean energy enterprise equitably support economic development and prosperity among all members of the community?

To address those questions, the University of Utah has launched the new Utah Energy & Power Innovation Center (U-EPIC), an interdisciplinary research center. With a team that includes engineers, social scientists, climate scientists and computer scientists, U-EPIC’s mission is to “innovate the future of equitable, sustainable and resilient power and energy infrastructure.”

Learn more about the center here.

Solving the serious challenges of our time

Ensuring clean, equitable and affordable energy is one of the biggest challenges of our time, says Masood Parvania, associate professor of Electrical & Computer Engineering and director of U-EPIC.

“We are given an unprecedented once-in-a-lifetime opportunity to shape the transition of energy industry to utilize clean, sustainable, and distributed sources of energy, while ensuring that the benefits of this transition, including air quality, economic development, employment opportunity, and access to clean energy are equitably distributed within the society,” he says. “Nobody and no community should be left behind in this transition.”

Achieving these goals requires interdisciplinary research, such as improving the resilience of energy infrastructure in the face of more frequent wildfires and hurricanes. U-EPIC researchers focus on four research topics:

Learn more about U-EPIC research programs here.

Benefitting student workforce preparation

Through a collaboration between U-EPIC and the Energy and Geoscience Institute at the University of Utah, students will be able to earn a Resilient Energy Certificate designed to “address the local workforce requirements of the changing energy landscape, meeting the increasing demand for specialized energy workers.”

To train students, “U-EPIC…

Source…

Georgia voting equipment breach at center of tangled tale

/in


ATLANTA – The tale of breached voting equipment in one of the country’s most important political battleground states involves a bail bondsman, a prominent attorney tied to former President Donald Trump’s attempts to overturn the 2020 presidential election and a cast of characters from a rural county that rarely draws notice from outsiders.

How they all came together and what it could mean for the security of voting in the upcoming midterm elections are questions tangled up in a lawsuit and state investigations that have prompted calls to ditch the machines altogether.

Details of the unauthorized access of sensitive voting equipment in Coffee County, Georgia, became public last month when documents and emails revealed the involvement of high-profile Trump supporters. That’s also when it caught the attention of an Atlanta-based prosecutor who is leading a separate investigation of Trump’s efforts to undo his loss in the state.

Since then, revelations about what happened in the county of 43,000 people have raised questions about whether the Dominion Voting Systems machines used in Georgia have been compromised.

The public disclosure of the breach began with a rambling phone call from an Atlanta-area bail bondsman to the head of an election security advocacy group involved in a long-running lawsuit targeting the state’s voting machines.

According to a recording filed in court earlier this year, the bail bondsman said he’d chartered a jet and was with a computer forensics team at the Coffee County elections office when they “imaged every hard drive of every piece of equipment.”

That happened on Jan. 7, 2021, a day after the violent insurrection at the U.S. Capitol and two days after a runoff election in which Democrats swept both of Georgia’s U.S. Senate seats.

The trip to Coffee County, about 200 miles south of Atlanta, to copy data and software from elections equipment was directed by attorney Sidney Powell and other Trump allies, according to deposition testimony and documents produced in response to subpoenas.

Later that month, security camera footage shows, two men who have participated in efforts to question the results of the 2020 election in several states spent days…

Source…

Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool

/in


tool-stix-icon

Synopsis

With cyberattacks such a common occurrence, analysts must be able to stay ahead of the curve by investigating files and indicators of compromise quickly and efficiently. The EclecticIQ Intelligence Center (IC) is the perfect tool to facilitate investigations like these. This post will describe how EclecticIQ’s Intelligence & Research analysts used the IC to investigate the potential maliciousness of files leveraging NATO-themed phishing lures, and how they operationalized this intelligence by feeding it into the EclecticIQ Endpoint Response (ER) security tool.

The Need for Targeted Collection: The Benelux Region’s Unique Concerns About Cyber Threats

If past attacks are any indicator of future risk, Belgium, the Netherlands, and Luxembourg (collectively Benelux) region of Europe is an attractive target for cyber threat actors. A review of past cyberattacks targeting Benelux shows that the number of attacks targeting this region has grown in a way that is typical for what one might expect in a relatively connected, business-intense region. (1, 2) It is difficult to know the exact number of cyberattacks since many go unreported, but based on those that are reported, analysts note a few patterns. Most Belgium, Luxembourg, and The Netherlands-focused cyberattacks remain localized; they are severe enough to make news and to be disruptive by reducing or suspending services, but generally, the damage from attacks is contained. Often, individuals or assets in the region may be caught up in wide-reaching software vulnerabilities or supply chain issues, simply because they are part of an international network of users. Judging from news and press, cyberattacks were also typical in that they appear opportunistic with attackers pursuing any vulnerable target they find, regardless of industry; schools and universities, businesses, and government entities have been victimized in recent years. (3, 4, 5, 6, 7, 8, 9)

DevOps Experience 2022

Defining Initial Collection Requirements: Identify and Sample Benelux-Based Potential Targets

To dig deeper into the Benelux cyber threat landscape, analysts developed a list of possible high-profile targets in those three countries; the list included government and…

Source…