Tag Archive for: Defend

A PLI scheme to defend power grids from Chinese cyber attacks

/in


NEW DELHI : The Union government is looking to introduce a production-linked incentive (PLI) scheme for power transmission and distribution equipment, two officials aware of the plans said, as part of India’s push for greater self-reliance in strategic sectors.

This comes against the backdrop of India trying to curb the use of Chinese power equipment, given the cyberattacks on its grid, including from Red Echo, a Chinese state-sponsored group.

While these attempts were thwarted, if successful, such attempts may lead to blackouts, impacting services such as water supply, telecom infrastructure, hospitals, airports and metro rail networks.

The government has already enforced prior permission requirements for imports from countries with which it has a conflict.

“The PLI scheme for power transmission and distribution equipment is in the works,” one of the two officials cited above said, requesting anonymity.

You might also like

Walmart will boost Flipkart with $3bn to challenge rivals

Why Reliance investors remain unimpressed

After Sep quarter show, ITC’s stock is still lit 

India has rolled out PLI schemes for 14 sectors with a total outlay of 2 trillion. This includes a 24,000 crore…

Source…

GRU-backed cyberattacks: What they are, how to defend against them

/in


The most notorious cyber-attack groups are those backed by the Russian GRU. For those who are unfamiliar, the GRU is the Main Directorate of the General Staff of the Armed Forces of the Russian Federation. These threat actors have been active for some time, including the attacks against the Democratic National Committee, the 2016 presidential campaign, a U.S. nuclear facility, an international chemical weapons non-proliferation organization, and many others.

In 2018, five GRU officers were indicted as being part of activities associated with APT28. The U.S. Department of State recently floated a $10 million reward for anyone with knowledge that leads to the “identification or location” of six Russian GRU officers.

While most enterprises don’t consider themselves targets of such advanced threat actors, this would be a serious mis-assessment. Any company that works within any of the critical infrastructure industries, which include sectors such as healthcare, energy, and financial services, are at risk. Additionally, these advanced threat actors publicly release some of their advanced cyber munitions, enabling everyday cyber criminals to easily take advantage and integrate them within their own campaigns.

CISA’s warnings about Russia

According to an advisory issued by theCybersecurity and Infrastructure Security Agency (CISA) and similar agencies from many other nations, Russian state-sponsored threat actors have shown themselves to be quite capable of breaching networks and gaining persistence on those networks, in addition to stealing data and disrupting operations when there.

“Historical operations have included deployment of destructive malware—including BlackEnergy and NotPetya—against Ukrainian government and critical infrastructure organizations. Recent Russian state-sponsored cyber operations have included DDoS attacks against Ukrainian organizations,” CISA’s advisory said.

According to CISA, the threat actors following the GRU include:

  • The Russian Federal Security Service (FSB), including FSB’s Center 16 and Center 18
  • Russian Foreign Intelligence Service (SVR)
  • Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center…

Source…

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

/in


APIs have become a security nightmare for SMBs and enterprises alike.

Hackers don’t discriminate based on the number of employees or the size of the IT budget. The same types of security risks impact businesses, whatever their size.

Related: Using employees as human sensors

Day in and day out, small-to-medium businesses are targeted by cyberattacks. They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. A primary culprit of these attacks is the lack of understanding of application programming interfaces, or APIs.

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

These types of attacks can allow hackers to steal massive amounts of sensitive data, disrupt operations, and even take down websites. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning. The sheer number of options has a direct impact on the budget.

The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security. Storing authentication credentials for the API is a significant issue. This can be compounded by certain enterprises using the Internet of Things (IoT) that don’t have good security.

Sitbon

Companies are realizing that they have to keep putting out fires on personal devices, leaving them vulnerable to attacks. The other issue with APIs is that once one is compromised, it’s likely that all of your accounts are affected because whoever does gain access will just use your username and password to log in to other sites, apps, etc.

The threat that API security breaches pose to enterprises should not be taken lightly. A breach should always trigger a comprehensive crisis communication plan involving the board, C-suite, and other stakeholders. This communication plan should specify how governing bodies will stay informed should there be a data breach…

Source…

Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities – Threatpost

/in



Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities  Threatpost

Source…