#critical-infrastructure-security

#critical-infrastructure-security

There are three little words to make the heart beat faster in anyone who knows what they mean: critical infrastructure resilience. If you run that infrastructure or a country dependent on it, you need energy, communication and transport to be impregnable to cyber attacks. This is doubly so if that country is five minutes by incoming missile from an implacable hyper-competent enemy sworn to invade you.

Salt Typhoon is behind one of the broadest hacking campaigns in recent years, targeting some of the world's largest phone and internet companies and stealing tens of millions of phone records about senior government officials. The hacking group, attributed to China, is part of a wider cluster of hackers with the collective aim of helping China prepare for an eventual war with Taiwan.

Being on the receiving end of what was the world's first true cyber weapon showed Iran exactly what was possible then and in the future. In response, Iran moved aggressively to build its cyber capabilities. The country established governance and coordination structures-including the Supreme Council of Cyberspace in 2012-to advance its goals, while also sponsoring advanced persistent threat groups.

CISA's guidance is intended to assist critical infrastructure stakeholders, which includes private sector entities across various sectors, with implementing an insider threat mitigation program that combines physical security, cybersecurity, personnel awareness, and community partnerships. Although framed for critical infrastructure, CISA's guidance is relevant to a broader range of organizations, including those outside of critical infrastructure sectors.

Future U.S. government responses in cyberspace will be "linked to adversary actions" and will involve coordination between the private sector and smaller governments, a top White House official said Thursday. The dynamic, which will be codified in a forthcoming national cyber strategy, is meant to make clear that foreign adversaries' actions that target U.S. networks have consequences, according to Alexandra Seymour, who serves as the principal deputy assistant national cyber director for policy in the Office of the National Cyber Director.

The NCSC also reported that hostile states are using artificial intelligence (AI) to increase the efficiency and frequency of their existing attack methods, but are not yet using the technology for novel attacks. Actors linked to China, Russia, Iran and North Korea are starting to use large language models to evade detection, exfiltrate data, research security vulnerabilities and devise social engineering to gain access to systems.

Drones flying over airports, commercial sites and other sensitive infrastructure in Europe is a growing phenomenon which EU leaders blame on Russia, and preventing the disruption they cause will prove a tough technical challenge, observers say. Detecting the drones, making them non-operational by jamming them, or even shooting them down, are all complex and hazardous tasks. And while Russian involvement is suspected, it is difficult to prove.

While close to 150 world leaders prepared to descend on Manhattan for the U.N. General Assembly, the U.S. Secret Service was quietly dismantling a massive hidden telecom network across the New York area - a system investigators say could have crippled cell towers, jammed 911 calls and flooded networks with chaos at the very moment the city was most vulnerable. The cache, made up of more than 300 SIM servers packed with over 100,000 SIM cards and clustered within 35 miles of the United Nations, represents one of the most sweeping communications threats uncovered on U.S. soil.