Critical infrastructure Archives | Page 144 of 161

Russia strikes Ukraine’s registries with a massive cyberattack, according to the deputy PM

Ukraine‘s Deputy Prime Minister Olha Stefanishyna announced that Russia launched a large-scale cyberattack on Thursday, temporarily crippling the country’s state registries. These registries contain essential citizen data, including information on births, deaths, marriages, and property ownership. The attack forced a suspension of services managed by the Ministry of Justice.

Stefanishyna described the incident as a deliberate attempt by Russia to disrupt Ukraine’s critical infrastructure. While restoration efforts are expected to take about two weeks, some services will resume on Friday. Other state functions appear to be unaffected.

This is the latest in a series of cyberattacks during the ongoing war, including a December 2023 assault on Ukrainian telecom provider Kyivstar and previous attacks on Russian ministries. Ukrainian authorities plan to conduct a thorough investigation to bolster defences against future cyber threats.

Netherlands expands investment law to include AI and biotech

The Dutch government announced plans to expand its investment screening law to include emerging technologies like biotech, AI, and nanotechnology. The move aims to protect national security amid growing global tensions, with threats such as cyberattacks and espionage becoming more prevalent. Economy Minister Dirk Beljaarts emphasised the importance of safeguarding Dutch businesses, innovations, and the economy.

In addition to biotech and AI, the updated law will cover sensor and navigation technology, advanced materials, and nuclear technologies used in medicine. The government expects these changes to take effect by the second half of 2025.

Introduced in 2023, the investment screening law allows the Dutch government to block foreign takeovers of critical infrastructure or technology that could threaten national security. This comes after the Netherlands imposed restrictions on semiconductor exports to China under US pressure.

Geneva Dialogue session ‘Critical infrastructure protection: Who is responsible?’ during the WEF 2025

On 21 January from 16:00 to 18:00 pm CET the Geneva Dialogue on Responsible Behaviour in Cyberspace will host the session at the Geneva Day at the House of Switzerland in Davos. The session will be organised in an interactive format, including a scenario-based discussion, and will explore the roles and responsibilities of non-state actors, such as the private sector, technical community, and civil society in implementing agreed cyber norms related to critical infrastructure protection.

The Geneva Dialogue on Responsible Behaviour in Cyberspace is an international process initiated by the Swiss Federal Department of Foreign Affairs (FDFA), and implemented by DiploFoundation with support of the Republic and State of Geneva, Center for Digital Trust (C4DT) – EPFL, Swisscom and UBS. The initiative maps roles and responsibilities of relevant actors for implementing the agreed cyber norms, contributing to cyber-stability and security. The outcomes of the Geneva Dialogue are published in the Geneva Manual – a comprehensive guidance on non-state actors’ implementation of existing norms. The first chapter, announced in 2023, focuses on the implementation of the norms related to supply chain security and responsible reporting of ICT vulnerabilities. The session will contribute to finalisation of the next chapter of the Manual with the focus on critical infrastructure protection related norms and confidence-building measures (CBMs).

Starlink inactive in India, Musk confirms

Elon Musk confirmed that Starlink satellite internet is inactive in India, following recent seizures of Starlink devices by Indian authorities. Musk stated on X that Starlink beams were “never on” in the country, addressing concerns raised after a device was confiscated during an armed conflict operation in Manipur and another during a major drug bust at sea.

In Manipur, where ethnic conflict has continued since last year, the Indian Army seized a Starlink dish believed to be used by militants. Officials suspect it was smuggled from Myanmar, where rebel groups reportedly use Starlink despite the company’s lack of operations there.

Earlier this month, Indian police intercepted a Starlink device linked to smugglers transporting $4.2 billion worth of methamphetamine. Authorities believe the internet device was used for navigation, prompting a legal request to Starlink for purchase details.

Starlink is currently seeking approval to operate in India and is working to resolve security concerns as part of the licensing process.

TP-Link faces US ban amid cybersecurity concerns, WSJ reports

US authorities are weighing a potential ban on TP-Link Technology Co., a Chinese router manufacturer, over national security concerns, following reports linking its home internet routers to cyberattacks. According to the Wall Street Journal, the US government is investigating whether TP-Link routers could be used in cyber operations targeting the US, citing concerns raised by lawmakers and intelligence agencies.

In August, two US lawmakers urged the Biden administration to examine TP-Link and its affiliates for possible links to cyberattacks, highlighting fears that the company’s routers could be exploited in future cyber operations. The Commerce, Defence, and Justice departments have launched separate investigations into the company, with reports indicating that a ban on the sale of TP-Link routers in the US could come as early as next year. As part of the investigations, the Commerce Department has reportedly subpoenaed the company.

TP-Link has been under scrutiny since the US Cybersecurity and Infrastructure Agency (CISA) flagged vulnerabilities in the company’s routers, that could potentially allow remote code execution. This comes amid heightened concerns that Chinese-made routers could be used by Beijing to infiltrate and spy on American networks. The US government, along with its allies and Microsoft, has also uncovered a Chinese government-linked hacking campaign, Volt Typhoon, which targeted critical US infrastructure by taking control of private routers.

The Commerce, Defence, and Justice departments, as well as TP-Link, did not immediately respond to requests for comment.

Meta data breach leads to huge EU fine

Meta has been fined €251 million by the European Union’s privacy regulator over a 2018 security breach that affected 29 million users worldwide. The breach involved the ‘View As’ feature, which cyber attackers exploited to access sensitive personal data such as names, contact details, and even information about users’ children.

The Irish Data Protection Commission, Meta’s lead EU regulator, highlighted the severity of the violation, which exposed users to potential misuse of their private information. Meta resolved the issue shortly after its discovery and notified affected users and authorities. Of the 29 million accounts compromised, approximately 3 million belonged to users in the EU and European Economic Area.

This latest fine brings Meta’s total penalties under the EU’s General Data Protection Regulation to nearly €3 billion. A Meta spokesperson stated that the company plans to appeal the decision and emphasised the measures it has implemented to strengthen user data protection. This case underscores the ongoing regulatory scrutiny faced by major technology firms in Europe.

Protecting critical infrastructure in a fragile cyberspace

‘Securing Critical Infrastructure in Cyber: Who and How?‘ is the name of one of the main panels at IGF 2024 in Riyadh, where participants discussed the complexities of identifying, securing, and cooperating to protect critical systems from cyber threats. The session, part of the Geneva Dialogue project, focused on safeguarding critical infrastructure from cyber threats and implementing international cyber norms.

The dialogue highlighted the elusive nature of defining critical infrastructure, as interpretations vary widely across nations. ‘Understanding critical infrastructure begins with impact analysis, but what happens if these systems fail?’ noted Nicolas Grunder from ABB, underscoring the need for clarity. Regional interdependencies further complicate matters, as cascading failures in energy, transportation, or cloud services can cripple interconnected sectors, a scenario brought to life through a fictional cyberattack simulation on a cloud provider.

Baseline cybersecurity measures emerged as a priority, focusing on asset inventories, supply chain security, and resilience planning. Kazuo Noguchi of Hitachi America emphasised the mantra of ‘backup, backup, backup’, advocating for distributed systems across regions to mitigate single points of failure. Practical measures like incident response plans, vulnerability management, and operator awareness training were cited as essential components of any security framework.

The role of international cyber norms and confidence-building measures (CBMs) sparked debate. While voluntary, norms such as avoiding attacks on critical infrastructure during peacetime provide a foundation for responsible state behaviour. Yet, as Kaleem Usmani of CERT Mauritius pointed out, ‘Norms reduce risks and foster cooperation, but accountability remains a challenge.’ Regional collaboration, such as harmonised security certifications, was proposed as a pragmatic solution to bridge gaps in global standards.

Amid growing geopolitical complexities, participants called for greater transparency and cooperation. Bushra AlBlooshi from the Dubai Electronic Security Center showcased Dubai’s approach, where interdependencies between sectors like power and transportation are mapped to preempt disruptions. However, securing systems reliant on foreign service providers adds another layer of vulnerability, prompting calls for international agreements to establish untouchable ‘red lines’ for critical infrastructure in peace and war.

US grants $406 million to boost GlobalWafers production

The US Commerce Department has finalised $406 million in grants to Taiwan’s GlobalWafers to boost silicon wafer production in Texas and Missouri. These funds will support the first large-scale US production of 300-mm wafers, critical components in advanced semiconductors. This initiative is part of the Biden administration’s effort to strengthen the domestic supply chain for chips.

The grant will aid GlobalWafers’ nearly $4 billion investment in building new manufacturing facilities, creating 1,700 construction jobs and 880 permanent manufacturing positions. The company plans to produce wafers for cutting-edge, mature-node, and memory chips in Sherman, Texas, and wafers for defence and aerospace chips in St. Peters, Missouri.

GlobalWafers’ CEO Doris Hsu expressed enthusiasm about collaborating with US-based customers for years to come. Currently, over 80% of the global 300-mm silicon wafer market is controlled by just five companies, with most production concentrated in East Asia.

This funding is part of the $52.7 billion CHIPS and Science Act, aimed at expanding domestic semiconductor manufacturing. Recent grants include $6.165 billion for Micron Technology and significant subsidies for Intel, TSMC, and GlobalFoundries.

US firm buys Israeli spyware company

Florida-based AE Industrial Partners has acquired Israeli spyware company Paragon for an estimated $500 million, with reports suggesting the deal could reach up to $900 million. Paragon, a competitor to NSO Group, is known for providing cybersecurity tools to government agencies that it claims meet “enlightened democracy” standards. The acquisition was completed on 13 December and reportedly approved by both US and Israeli officials.

Paragon, founded in 2019 by former Israeli intelligence officers and backed by ex-Prime Minister Ehud Barak, is merging with Virginia-based cybersecurity firm Red Lattice. This move aims to strengthen the firm’s presence in the global surveillance market. The US subsidiary of Paragon recently signed a one-year contract with US Immigration and Customs Enforcement, reflecting its growing footprint in government cybersecurity services.

The acquisition comes amid tightened scrutiny of spyware technologies after allegations of abuse involving competitors like NSO Group. In 2021, the US added NSO to its trade blacklist, citing its misuse in targeting activists and journalists. Paragon, however, positions itself as a provider of ethically guided surveillance tools, limiting its activities to messaging apps and governmental communications.

Rhode Island suffers major data breach

Rhode Island officials have confirmed a major data breach in the state’s social services system, potentially exposing the personal and financial details of hundreds of thousands of residents. The hackers, believed to be an international cybercriminal group, accessed sensitive information through RIBridges, the state’s portal for government assistance programmes, including Social Security numbers and banking details.

The breach, which was detected earlier this month, affects users of the Supplemental Nutrition Assistance Program, Temporary Assistance for Needy Families, and healthcare services accessed through HealthSource RI since 2016. The attackers have demanded an undisclosed ransom, threatening to release the stolen data if unpaid. Deloitte, the system’s vendor, confirmed the breach on Friday, prompting the state to shut down the portal temporarily.

Residents impacted by the breach will be notified via letters detailing steps to secure their personal information and protect their bank accounts. For now, new applicants for state benefits must use paper applications as authorities work to secure the compromised system. Governor Dan McKee described the incident as extortion, calling for swift remediation and protection for affected citisens.