Tag Archive for: Preparing

National Guard is preparing for a major cyber attack that would bring down utilities across the US

/in


The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation’s fuel supply to its knees.

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during a two-week training exercise this month.

The exercise involved a situation where a huge cyber attack targeted utilities on the West Coast before moving east across the country. 

Much like in a real-life scenario, National Guardsmen worked alongside government agencies – including the FBI, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Federal Energy Regulatory Commission, and US Cyber Command – as well as private sector utility partners to respond to the crisis.

While the crisis was a simulation this time round, such an attack is looking increasingly possible.  

A series of recent, devastating attacks have sent warning signs about the risk cybersecurity breaches can bring to national infrastructure. 

When the Colonial Pipeline was targeted by hackers in May, it was forced to shut its entire network carrying 45 percent of all fuel to the East Coast, sparking a national fuel crisis that sent gas prices soaring.

Weeks later, the food supply chain was dealt a blow when hackers led to the four-day closures of plants belonging to America’s largest beef supplier JBS. 

The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation's fuel supply to its knees. Pictured the two-week training exercise

The National Guard has been preparing for a major cyber attack that would bring down utilities across the US, after the hack of the Colonial Pipeline brought the nation’s fuel supply to its knees. Pictured the two-week training exercise

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during the Cyber Yankee Event (above)

Troops from across the New England region practiced tackling a massive simulated breach across critical infrastructure sectors including power, water and gas during the Cyber Yankee Event (above)

The Cyber Yankee event, which has been held for the last seven years and was carried out in Camp Edwards, Cape Cod, tested the ability of the National Guard cyber units to respond to a real-life cyberattack and trained them to collaborate with government and industry partners.  

Source…

Preparing for and Responding to Routine “Emergency” Threats to our Security

/in


Preparing for and Responding to Routine “Emergency” Threats to our Security

Our warming planet is increasing the number and severity of floods, forest fires, hurricanes, and a wide variety of extreme weather events. In late May, the Biden Administration doubled the size of a fund that provides local governments with the resources to reduce disaster vulnerability. The funding grew from about $500 million to $1 billion, although the legislative formula that sets funding levels would have allowed an allocation of $3.7 billion. Administration officials did not believe that local governments had the capacity to do more than twice as much as they did last year. It is not clear that the scale of the effort will meet the challenge, but the increased funding is at least an acknowledgment of the threat.

Climate emergencies are no longer really emergencies but routine events. Natural disasters are nothing special and have become a way of life on our warming planet.  We need to do far more to prepare for disasters and mitigate their impact. As Christopher Flavelle wrote in the New York Times last month:

The new money is less than what some disaster experts had said is needed, especially because the warming planet is making storms, flooding, wildfires and other disasters both more frequent and destructive. The United States experienced 22 disasters that exceeded $1 billion each in damages last year, a record.”

While some of my colleagues are studying “managed retreat” from the most climate-vulnerable communities, it is becoming clear that you can run, but you can’t hide from climate impacts. The energy grid failure in Texas was a nearly state-wide disaster caused by vulnerable infrastructure that was built without consideration of the need for increased resilience. There were few places Texans could hide from the impact of that extreme weather event. It’s obvious that our built environment must be constructed to withstand the effects of extreme weather. Existing infrastructure must be reinforced, and new elements of the built environment need to be engineered to…

Source…

How the U.S. Air Force Is Preparing for World War III

/in


The Air Force has been replicating major, great-power airwar in a precise fashion by presenting attacking forces with a complex, interwoven set of variables, threats, and challenges they would be likely to face in combat.

It is all part of the service’s regular Reg Flag exercise which pits Air Force platforms, assets, and war formations against a sophisticated, well-armed “red-team” adversary equipped with advanced air defenses, sophisticated enemy aircraft likely to resemble fifth-generation rivals, and other kinds of multi-domain warfare scenarios the service would likely encounter in war.

An Air Force report says the war “tactics” introduced during Red Flag were designed to “mimic” great power enemies with advanced “problem sets” intended to prepare the service and allies for a new generation of multi-domain war.

“Though aerial adversary tactics continue to be a key focus in Red Flag scenarios, space and cyberspace threats are interwoven to ensure participants are prepared to react to and overcome the full array of adversary impediments to mission success,” the Air Force report states.

Air Force Col. William Resse, 414th Combat Training Squadron commander, called the “red team” force an “unrestricted aggressor,” adding “In order to ensure we challenge our participants even further, we concealed our targets and forced scenarios, driving Red Flag participants to think critically drawing the fight, including potentially re-attacking targets that were struck but desired weapons effects were not met.”

For instance, the Suppression of Enemy Air Defenses, a long-standing yet crucial Air Force mission, would certainly become much more complicated when presented with space and cyberspace complexities. Perhaps ground-based anti-aircraft radar might deliberately emit a “jamming” signal or seek to generate interference of some kind, making it more difficult for aircraft to succeed with precision-targeting efforts. It is likely that newer kinds of EW applications might be used to obstruct or “throw-off” detection from air platforms seeking to attack. An adversary would also likely try to derail GPS for attacking aircraft, forcing attackers to…

Source…

U.S. cybersecurity: Preparing for the challenges of 2021

/in


In 2020, cybersecurity became a business problem for every industry, as well as the U.S. government. According to a new report by the Aspen Cybersecurity Group, there are several opportunities for the new presidential administration to increase cybersecurity efforts and awareness to create a more resilient digital infrastructure.

US cybersecurity 2021

Organizations like the Cybersecurity and Infrastructure Security Agency (CISA), local and state governments, and the private sector have all taken significant steps to mitigate and respond to cyber incidents. Given the rise in bad actors targeting critical infrastructure, ongoing nation-state threats, and increasingly sophisticated ransomware attacks, here are three cybersecurity priorities to keep in mind as we head into 2021 with a new administration.

Continue to bolster election security

We must continue to work to secure voting infrastructure, as future elections will inevitably be targets for cybercriminals and nation-state actors. In the recent VMware Carbon Black Global Incident Response Threat Report, incident response and cybersecurity professionals surveyed noted the biggest threats to election security remain disinformation on social media, ransomware attacks, voter manipulation, and voter disenfranchisement.

In order to secure the integrity of future elections and the voting process, securing our voting infrastructure must be a priority. If machines and voting software aren’t designed securely from the ground up, there will be vulnerabilities for hackers to exploit.

Strengthen efforts against nation-state actors

As geopolitical tensions increase, we can expect destructive attacks and attempts to continue in the new year. The 2019 Worldwide Threat Assessment compiled by former Director of National Intelligence, Daniel Coats, listed cybersecurity as the top global threat, noting that every U.S. foreign adversary would likely seek to undermine American infrastructures through cyberattacks and influence operations.

There have been numerous attacks targeting the U.S. government in recent years, like the use of Trickbot for example, the world’s largest botnet believed to be controlled by Russian cybercriminals. Nation-state actors…

Source…