Cybersecurity

Australian government to reform Triple Zero emergency call service

The Australian Government has taken decisive action to enhance the Triple Zero emergency call service in response to the November 2023 Optus outage, which left many Australians unable to access this critical service. Minister for Communications of Australia, the Hon. Michelle Rowland MP, announced a comprehensive set of reforms to improve industry accountability and ensure public access to emergency services. These changes are being implemented through a Ministerial direction to the Australian Communications and Media Authority (ACMA), which will amend enforceable rules for mobile carriers.

The government has directed the ACMA to require mobile carriers to take all reasonable steps to ensure that emergency calls can be made on any available network during outages. This directive addresses the technical issues that prevented many Optus customers from reaching Triple Zero during the outage. Additionally, the government is mandating that providers improve the visibility of future outages for frontline emergency service organisations, thereby enhancing communication and preparedness during emergencies.

Also, the government is committed to implementing all 18 recommendations from the Post Incident Review of the Optus outage, the first comprehensive assessment of the Triple Zero ecosystem in over a decade. These recommendations include establishing a Triple Zero Custodian framework, requiring telecommunications carriers to provide detailed work plans after major outages, and creating a comprehensive testing regime for telecommunications networks and devices.

USDA faces mounting criticism over cybersecurity vulnerabilities in the food and agriculture sector

Experts warn that the potential for disaster in the food and agriculture sector is immense. The US Department of Agriculture (USDA) is tasked with preventing such crises by securing the sector’s infrastructure from physical and cyber threats. However, in today’s increasingly digital world, the USDA is alarmingly unprepared to fulfil this role, according to policymakers, independent experts, and even the department’s reports to Congress.

That crucial responsibility is handled by a small, underfunded office within the USDA, which is already stretched thin with other duties. The department’s leadership rarely highlights the serious cyber threats facing the food and agriculture industry. This industry contributed over 5% to the US economy and provided about 10% of the nation’s jobs last year. Despite these pressing risks, it remains uncertain whether the department has made meaningful progress in addressing them.

While other agencies that protect critical infrastructure have been proactive in confronting cyber threats, the USDA needs to be faster to act, even as industry stakeholders become increasingly anxious about their digital vulnerabilities. The food and agriculture sector has largely remained under the radar regarding cybersecurity, with hackers focusing on more profitable targets for now. But this reprieve is unlikely to last indefinitely. The 2021 ransomware attack on meat-processing giant JBS, which forced the closure of plants across the country and threatened to disrupt beef prices, served as a wake-up call about the sector’s vulnerabilities.

Over the past decade, the cyber risks to food and agriculture have escalated as automation has become more widespread across the industry. Technology has become deeply embedded in modern agriculture, from tractors guided by GPS and cloud-connected devices controlling planting patterns to drones (some manufactured in China) surveying and spraying crops and automated systems managing livestock feeding. That integration extends through the entire supply chain, from food processors to distributors, making it more vulnerable to cyberattacks.

However, these technological advancements were adopted mainly before the rise in cyber threats to critical infrastructure, leading to serious concerns about the security of the US food supply. Cyberattacks on the food system could manifest in various ways, and one of the most severe concerns involves manipulating food safety data, either by concealing a food-borne illness or by falsely creating evidence of one.

Why does this matter?

The USDA still needs to provide interviews. However, a spokesperson emphasised that the department remains ‘committed to enhancing our cyber capabilities, promoting cyber awareness across the sector, and raising the industry’s cyber profile, despite the limited funding allocated by Congress for this purpose.’

The department also stays engaged with the sector through biweekly email updates, periodic meetings with industry leaders, and organised threat briefings. Additionally, when pro-Russian hacktivists targeted the sector earlier this year, Detlefsen noted that USDA quickly brought in him and his colleagues to discuss the situation. According to Scott Algeier, executive director of the Food and Agriculture ISAC, the USDA is ‘doing well’ in its role as a policy coordinator, collaborator, and convener’ while allowing the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to handle the technical aspects of cybersecurity.

Latvian cybersecurity officials warn of cyberattacks linked to Russia and Belarus

Latvian cybersecurity officials report that politically motivated hackers linked to Russia and Belarus are launching a new wave of cyberattacks against the Latvian government and critical infrastructure websites. The attacks aim to disrupt access rather than steal sensitive data, according to Baiba Kaskina, head of the Latvian Computer Emergency Response Team (CERT). Varis Teivans, deputy manager of Latvian CERT, highlighted this trend two years ago in an interview with Recorded Future News.

In August, the frequency of attacks surged again, likely in response to Latvia’s new aid package to Ukraine, which includes drones and air defense systems. Vineta Sprugaine, a representative of the Latvian State Radio and Television Center, noted that such attacks often coincide with political decisions or holidays.

Most of these incidents involve distributed denial-of-service (DDoS) attacks, which temporarily slow down targeted websites. Kaskina described the attacks as “very large” in volume and “well customized” to their targets.

Russia-linked hacktivist groups, including NoName057(16) and Anonymous Guys, have claimed responsibility for the recent cyberattacks on Latvian websites, asserting they are retaliating against Latvia for supporting Ukraine. NoName057(16) declared on Telegram, “We continue to punish Russophobic Latvia for aiding the criminal Kyiv regime.”

Baiba Kaskina acknowledged that while Latvia is ‘well prepared’ for these attacks, the constantly evolving tactics of the hackers make them challenging to combat. She described the attacks on Latvia and other Baltic states as part of a ‘hybrid war’ aimed at creating societal panic and eroding trust in government institutions.

White House urges better security for internet routing protocol

The White House’s cybersecurity office urged network operators to adopt available measures to secure the Border Gateway Protocol (BGP), a critical yet vulnerable technology used for routing internet traffic. The new guidance highlights that BGP lacks sufficient security and resilience features against current risks, a concern that has persisted for 25 years.

BGP is used by networks to exchange routing information, such as internet addresses, with other networks. For example, a mobile network uses BGP to connect with a cloud service or residential broadband network. Without updates, BGP is susceptible to exploits by malicious actors. Hijacking BGP can redirect users to malicious sites, exposing them to theft or data breaches, and can also facilitate DDoS attacks or disrupt telecommunications.

The Office of the National Cyber Director (ONCD) recommends that network operators adopt Resource Public Key Infrastructure (RPKI), which involves digital certificates managed by Regional Internet Registries. RPKI supports technologies like Route Origin Validation (ROV) and Route Origin Authorization (ROA) to help networks verify reachable internet addresses.

The ONCD acknowledges that securing BGP is challenging and provides detailed guidance on the protocol. It notes that federal networks in the US have not fully implemented ROAs but aim to have over 60% of advertised IP space secured by the end of the year. The ONCD will lead a new Internet Routing Security Working Group, including the Cybersecurity and Infrastructure Security Agency (CISA) and industry partners.

India keeps tight restriction on Chinese telecom firms

The Indian government maintains strict restrictions on Chinese telecom equipment manufacturers like ZTE and Huawei, citing security concerns. Despite ZTE’s recent proposal to partner with Celkon Resolute to manufacture routers in Andhra Pradesh, the government’s stance remains unchanged. This is due to the National Security Directive, which prohibits using equipment from ‘non-trusted sources’ in India’s telecom networks, effectively barring these companies from participating in the 5G rollout and limiting their involvement in existing networks.

The ‘trusted sources’ policy enforced by the National Cyber Security Coordinator (NCSC) is central to the issue. ZTE and Huawei still need to meet the stringent compliance requirements, which include detailed disclosures about their operations and products. As a result, they remain excluded from India’s telecom projects. The Department of Telecommunications (DoT) has also asked operators to assess and report the use of non-trusted equipment in their networks, further limiting these companies’ prospects.

Although ZTE can manufacture consumer Wi-Fi equipment in India, these products can only be used in telecom networks with NCSC approval. The ZTE-Celkon partnership has stalled due to a lack of progress and clarity from the government. Despite some recent relaxations for Chinese companies in other sectors, the telecom equipment industry remains tightly regulated, with little chance of relief for ZTE and Huawei amid ongoing geopolitical tensions and cybersecurity concerns.

Netherlands to restrict ASML’s repairs in China

The Dutch government’s potential decision to restrict ASML’s ability to repair its machines in China could have significant repercussions for the global semiconductor industry. These machines are critical for Chinese companies such as Huawei and Semiconductor Manufacturing International Corp. (SMIC). Access to necessary repairs and spare parts is required to avoid operational failures or reduced efficiency, potentially disrupting semiconductor manufacturing in China.

China’s dependence on ASML is particularly acute because the country cannot produce comparable equipment domestically and cannot purchase ASML’s more advanced extreme ultraviolet (EUV) machines. The restriction on repair services could force Chinese chipmakers to seek less advanced alternatives or face significant production challenges, impacting their ability to manufacture high-performance chips.

The potential policy shift also highlights a broader alignment with US strategies to limit China’s access to cutting-edge technology. Under previous Prime Minister Mark Rutte, the Netherlands had less complied with US trade restrictions on China. However, the current administration’s willingness to collaborate with US and Japanese efforts marks a significant policy change. This evolving stance underscores the increasing geopolitical complexities surrounding technology transfer and trade, with the US also contemplating stricter controls, such as the foreign direct product rule, to tighten restrictions on China further.

Datacentre ‘malfunction’ at Dutch defence ministry impacts emergency services

An unknown malfunction at a data centre utilised by the Dutch Ministry of Defence (MoD) has triggered extensive disruptions across the country and particularly impacted air traffic control, leading to the grounding of civilian flights. Additionally, emergency services and government operations have been affected, with MoD employees and civil servants from other departments unable to access their workstations due to network issues.

The Ministry of Defence shared on social media that it is experiencing significant IT network problems, causing login failures and impacting service provision, including the inaccessibility of certain telephone numbers. The Dutch National Cyber Security Centre (NCSC-NL) classified the disruption as a ‘national outage’ and stated that it is actively working to assess the full scope of the incident.

The exact nature of the malfunction, including whether it is related to a cyberattack, remains undetermined. Eindhoven Airport, which also serves military functions, has announced flight cancellations due to the incident. However, Amsterdam’s Schiphol Airport, the country’s busiest, has not reported any disturbances so far.

Tech industry needs new ethical guidelines, says Facebook whistleblower

Frances Haugen, the former Facebook whistle-blower, urged the tech industry to adopt new ethical guidelines to address growing concerns over privacy and safety in the digital world. Speaking at the DataGrail Summit, she compared the moral drift of tech companies to the navigational challenges faced by sailors in the 16th and 17th centuries, arguing that today’s intangible economy requires a modern-day ‘North Star’ to guide its course.

Haugen drew from her experience at Facebook, criticising the company for repeatedly choosing profits over user well-being in decisions around content moderation. She highlighted the need for greater transparency in social media platforms, pointing out that many need measurable safety metrics, unlike car manufacturers who face independent safety testing. Without such measures, tech companies can avoid ethical practices without consequences.

She also criticised Meta’s decision to shut down its transparency tool CrowdTangle and warned of tech companies’ resistance to scrutiny. Haugen suggested that a lack of transparency is at the heart of the tech industry’s issues, with companies only being held accountable for financial performance rather than their impact on users. She called for greater corporate responsibility in light of increasing data privacy laws.

Lawsuits against Meta by over 40 states regarding harm to children are a significant step towards better regulation, Haugen noted and could lead to further legislative change. She called for collaboration within the industry to ensure innovation proceeds safely and responsibly, allowing technology to have a positive impact without compromising user safety.

CrowdStrike faces fallout from Windows outage

CrowdStrike is set to reveal the financial impact of a significant cyber outage that disrupted Microsoft’s Windows operating system last month. The incident, caused by a faulty software update, led to global disruptions, affecting various sectors, including aviation and healthcare.

The outage has sparked lawsuits, including one from Delta Air Lines, and has raised concerns about potential market share losses to rivals.

Following the outage, many customers have reconsidered their cybersecurity options. Competitors like Palo Alto Networks have seized the opportunity, offering discounts to attract customers, which analysts believe may have chipped away at CrowdStrike’s market share. Over half of the company’s brokerages have reduced their annual revenue estimates, anticipating that CrowdStrike may lower its forecast.

Despite the challenges, CrowdStrike remains a dominant player in the cybersecurity industry. Some analysts believe the financial hit from the outage will be short-lived, given the high costs associated with switching providers and the company’s efforts to assist customers in restoring their systems. Shares of CrowdStrike have declined by about 20% since the outage, yet the stock is still up over 5% for the year.

As CrowdStrike prepares to report a 31% revenue increase for the quarter ending in July, its focus is on regaining trust and solidifying its position in the market. The company will also participate in a Microsoft summit in September aimed at enhancing cybersecurity measures, which could be crucial in repairing its reputation.

Chinese hackers exploit software flaw to compromise US internet firms

According to Lumen Technologies, a Chinese hacking group has exploited a software flaw, compromising several internet companies in the US and abroad. Researchers at Lumen revealed that the hackers targeted a previously unknown vulnerability in Versa Director, a software platform used by Santa Clara-based Versa Networks. The attack began early in June and affected four US firms and one in India.

Versa Networks acknowledged the flaw and urged customers to update their software. Lumen’s researchers believe the hacking campaign was conducted by the Chinese government-backed group, ‘Volt Typhoon.’

Allegedly, the attackers aimed to surveil the customers of the compromised internet companies. Cybersecurity experts warn that such access could enable broad, undetected surveillance.

The US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of known exploited weaknesses. Concerns over China’s cyber activities have grown, with US officials noting an increase in the intensity of these efforts. In April, the FBI warned that China was developing the capability to disrupt critical infrastructure.

Diplo chatbot can make mistakes. Consider checking important information.