Tag Archive for: Sector

CIS, Google Partner to Help Secure Public Sector

/in


The Center for Internet Security and Google are partnering to create the CIS & Google Cloud Alliance to help advance security and resilience for the broader technology ecosystem, with an emphasis on the public sector.

According to the organizations, the alliance will combine the companies’ experience to offer greater security to public sector entities. The Center for Internet Security (CIS) brings 20 years of helping U.S. state, local, tribal and territorial governments secure their infrastructure against cyber threats, and Google brings its experts and services from its Cybersecurity Action Team. In addition, Google brings insights from its Threat Horizons reports and resources from cyber forensics subsidiary Mandiant.

CIS also brings its established and globally recognized security frameworks, including the CIS Critical Security Controls and CIS Benchmarks, as well as operating the Multi-State and Elections Infrastructure Information Sharing and Analysis Centers (MS-ISAC and EI-ISAC) that supports the security needs of state, local, tribal and territorial governments.

As part of Google’s recent strategy around cybersecurity, Google Cloud is now partnering with industry organizations in other sectors like healthcare and financial services. The company also introduced its Google Public Sector division focused on helping U.S. public sector institutions – including federal, state, and local governments, and educational institutions – accelerate their digital transformations.

According to the announcement, the organizations say this makes them “uniquely positioned to support organizations through the complexities of their digital transformations.”

In a statement, Gina Chapman, executive vice president of sales and business services at CIS, says the partnership combines two cybersecurity powerhouses and applies them to the underserved community of public sector organizations.

“The cybersecurity needs of the public sector demand best-in-class, cost-effective solutions that include implementation and operational support, and we look forward to how we can work together to support this community,” Chapman says.

MK Palmore, director of the officer of the CISO at…

Source…

Better public sector cybersecurity aimed by Center for Internet Security, Google Cloud alliance

/in


SiliconAngle reports that the Center for Internet Security and Google Cloud have entered into an alliance that seeks to strengthen the cybersecurity posture of the public sector amid increasing threats.

Under the alliance, CIS will be able to provide Google Cybersecurity Action Team services, including Google Threat Horizons reports and Mandiant cybersecurity tools, to help its members bolster cloud security and overall cybersecurity practices. Meanwhile, Google has also introduced partnerships with Health-ISAC and FS-ISAC, as well as unveiled the new Google Public Sector aimed at accelerating digital transformations at U.S. public sector entities.

“This partnership between CIS and Google is particularly exciting because it is bringing together two powerhouse perspectives on cybersecurity and applying them to the highly targeted and historically cyber-underserved community of U.S. state, local, tribal, and territorial government organizations. The cybersecurity needs of the public sector demand best-in-class, cost-effective solutions that include implementation and operational support and we look forward to how we can work together to support this community,” said CIS Executive Vice President of Sales and Business Services Gina Chapman.

Source…

Microsoft, hospital group use court order to disrupt ransomware attacks aimed at health sector

/in




CNN
 — 

Microsoft used a federal court order to try to cut off cybercriminals’ access to a hacking tool that has been used in nearly 70 ransomware attacks on health organizations in more than 19 countries, the tech giant said Thursday.

It’s one of the biggest moves yet by tech firms and hospitals to combat ransomware attacks that have hobbled US health care providers for years by forcing ambulances to be diverted or chemotherapy appointments to be canceled.

The court order from the Eastern District of New York allows Microsoft to seize internet infrastructure that predominantly Russian-speaking hackers were using to communicate with infected computer networks in hospitals and other health care organizations in the US and around the world.

In addition to Microsoft, the Health Information Sharing and Analysis Center, or H-ISAC, a cyberthreat-sharing group for big US health care providers, and US software firm Fortra sought the court order.

As the coronavirus pandemic strained health care systems around the US, cybercriminals continued to opportunistically lock up the computer networks of hospitals and demand a ransom.

An apparent cyberattack in February forced Tallahassee Memorial HealthCare, which operates a 772-bed hospital in Florida, to send some emergency patients to other facilities.

Many hospitals “end up in (the hackers’) crosshairs because they are underfunded and don’t have appropriate security controls in place,” said Errol Weiss, H-ISAC’s chief security officer.

Weiss told CNN that he believes many hospitals are quietly paying ransoms to hackers because the hospitals “are supporting life-critical functions and they have to get back into operation as soon as possible.”

Fortra sells Cobalt Strike, a type of software that organizations use to test their cyberdefenses but that cybercriminals and state-backed hackers have often hijacked and used in their own hacking operations. The court order allows Microsoft, whose software was also targeted in the attacks, to cut off…

Source…

Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA

/in


Ransomware has become the top threat to the transport sector in the EU, and the European Union Agency for Cybersecurity (ENISA) expects ransomware groups to disrupt operational technology (OT) systems.

The overall number of cyberattacks targeting aviation, maritime, railway and road transport organizations has increased between January 2021 and October 2022, with cybercriminals responsible for most of the incidents (54%), according to a new report from ENISA.

Ransomware emerged as the primary threat, being used in 38% of the observed incidents, with data related attacks taking the second position, at 30%.

Malware (17%), DoS and DDoS (16%), phishing (10%) and supply chain attacks (10%) were also observed, along with breaches, fraud, and vulnerability exploitation.

As part of a ransomware attack, threat actors compromise a target’s systems, deploy file-encrypting malware, and demand a ransom payment in exchange for decryption keys. Representing a significant portion of the identified incidents, including several high-profile attacks, ransomware is presented separately from malware.

“The data on incidents collected until October 2022 indicate an increase in reporting of ransomware attacks during 2022. The number of ransomware attacks reported to the transport sector almost doubled, rising to 25% in 2022 from 13% during 2021. Contrary to ransomware, we observed a decline in malware incidents in 2022 compared to 2021 (from 11% to 6%),” ENISA explains.

The agency has reiterated its previous warning that “ransomware groups will likely target and disrupt OT operations in the foreseeable future.”

It noted that, until now, OT systems and networks were only affected when entire networks were impacted or when safety-critical IT systems became unavailable.

However, ENISA believes we will see OT systems in the transportation sector being directly targeted due to several factors, including an increasing number of industrial control system (ICS) vulnerabilities, growing IT-OT connectivity, and the significant business and social impact of such an incident, which increases the cybercriminals’ chances of getting paid.  

The number of data-related incidents, which include both data…

Source…