ETSI releases specifications boosting trustful end-to-end network and service automation

Sophia Antipolis, 13 September 2021

ETSI is pleased to announce the release of three major specifications and reports developed by its Zero-touch network and Service Management (ZSM) group. ETSI GS ZSM 003, defines end-to-end network slicing management and orchestration architecture blueprint and solutions, and ETSI GS ZSM 009-1 specifies the enablers for closed-loop automation. The general security aspects related to the ZSM framework and solutions, and potential mitigation options are introduced in the ETSI GR ZSM 010.

Read More...

ETSI releases two Technical Reports to support US NIST standards for post-quantum cryptography

Sophia Antipolis, 6 October 2021

In 2016 the US National Institute of Standards and Technology (NIST) announced their intention to develop new standards for post-quantum cryptography. They subsequently initiated a competition-like standardization process with a call for proposals for quantum-safe digital signatures, public-key encryption schemes, and key encapsulation mechanisms. NIST have stated that they intend to select quantum-safe schemes for standardization at the end of the current, third round of evaluation.

Read More...

ETSI releases test specification to comply with world-leading Consumer IoT Security standard

Sophia Antipolis, 12 October 2021

ETSI has released the test specification for the existing ETSI EN 303 645, the world leading consumer IoT security standard. This test specification, ETSI TS 103 701, describes how a conformity assessment is performed in a structured and comprehensive way. This will allow supplier organizations such as manufacturers, vendors or distributers to assess the compliance of their devices against ETSI ETSI EN 303 645 in self-assessments or via testing labs. User organizations can also apply the test specification for in-house testing.

Read More...

ETSI IPE releases the first IPv6 Enhanced Innovation Report, helping global industry players to reach consensus

Sophia Antipolis, 15 October 2021

ETSI is pleased to announce the first ETSI IPv6 Enhanced Innovation (IPE) report ETSI GR IPE 001 “IPv6 Enhanced Innovation: Gap Analysis”. Jointly compiled by 15 leading IP industry players, this report comprehensively analyzes gaps based on requirements created by the new use cases and services like 5G and the cloud, to accelerate IPv6 deployment and innovations, and identifies recommendations of new features of the IPv6 enhanced innovations, paving the way for a consensus to be reached among global IP industry players.

Read More...

ETSI NFV Release 5 kicks off with increased support for cloud-enabled deployments

Sophia Antipolis, 9 November 2021

The ETSI Industry Specification Group (ISG) for Network Functions Virtualization (NFV) has started working on its next specification release, known as "Release 5”, officially kicking off the new Release technical work after their September meeting.

The Release 5 work program is expected to drive ETSI NFV’s work into two main directions: consolidating the NFV framework and expanding its applicability and functionality set. On the one hand, some aspects of the NFV concepts and functionalities that have been addressed in previous Releases, but need additional work, will be further developed in Release 5. For instance, based on development, deployment experience and feedback collected during testing events such as the “NFV/MEC Plugtests”, additional work on VNF configuration was deemed necessary. Another example is the more detailed specification work related to fault management modelling which aims at further defining faults and alarms information to improve interoperability during network operations, in particular for root cause analysis and fault resolution in multi-vendor environments.

Read More...

ETSI releases first comprehensive global standard for securing smart phones

Sophia Antipolis, 24 November 2021

Today our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping. To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released a world class standard called Consumer Mobile Device Protection Profile, ETSI TS 103 732. The specification identifies key security and privacy risks for user data and provides appropriate protection.

Read More...

ETSI Open Source MANO announces OSM Release ELEVEN

Sophia Antipolis, 7 December 2021

ETSI is pleased to announce OSM Release ELEVEN. Committed since its foundation to the alignment with ETSI standardization work, this release completes the adoption of two new ETSI NFV specifications, ETSI GS NFV-SOL004 and ETSI GS NFV-SOL007 for package formats. Standards adoption is part of the OSM vision to enable interoperability and a large and healthy NFV ecosystem. In addition, Release ELEVEN includes significant functional extensions in areas such as interoperability with public clouds, interaction with cloud-native environments and integration of network functions of different natures.

Read More...

ETSI Announces Second Release on Self-Adapting Autonomous Networks

Sophia Antipolis, 13 January 2022

Following on from meetings conducted in late 2021, ETSI has now completed Release 2 of its Experiential Networked Intelligence (ENI) specifications with the system architecture ETSI GS ENI 005. 

ETSI GS ENI 005 and associated documents will provide better insight into network operations - allowing more effective closed-loop decision making plus better lifecycle management. Through its use, operators will be able to leverage acquired data and apply artificial Intelligence (AI) algorithms to it. This will mean that they can respond much quicker to changing situations and gain far greater agility. The services being delivered across their networks may thereby be rapidly adapted and the resources they have available correctly assigned in accordance with subscribers’ requirements, or any other alterations in circumstances (either operationally or commercially driven).

Read More...

ETSI releases Report on Coordinated Vulnerability Disclosure - Helping organizations fix security vulnerabilities

Sophia Antipolis, 17 February 2022

ETSI has released on 27 January a Guide to Coordinated Vulnerability Disclosure. The Technical Report ETSI TR 103 838 will help companies and organizations of all sizes to implement a vulnerability disclosure process and fix vulnerability issues before they’re publicly disclosed.

Read More...

ETSI releases its Annual Report and Work Programme 2022-2023

Sophia Antipolis, 20 April 2022

ETSI has just released its two activity documents, the Annual Report that looks back on 2021 achievements and the forward looking 2022-2023 Work Programme.

Read More...

ETSI Releases Group Report on the Role of Hardware in the Security of AI

Sophia Antipolis, 28 April 2022

ETSI recently released a Group Report, ETSI GR SAI 006, outlining the role of hardware in the security of artificial intelligence (AI).

Read More...

ETSI releases first specification on 5^th Generation Fixed Network (F5G) architecture

Sophia Antipolis, 12 May 2022

ETSI's 5^th Generation Fixed Network group (ISG F5G) has released its first specification for F5G Network Architecture ETSI GS F5G 004. This architecture will deliver a variety of services to residential and business customers over a single physical network with guaranteed SLAs (service level agreements).

Read More...

ETSI ISG IPE releases the latest IPv6 Enhanced innovation Report

Sophia Antipolis, 9 June 2022

Facilitating IPv6-based Network-Cloud Convergence

ETSI has just published a new Group Report (GR), ETSI GR IPE 002, entitled “IPv6 based Data Centres, Network and Cloud Integration”“IPv6 based Data Centres, Network and Cloud Integration”. Developed by the ETSI IPv6 enhanced group (ISG IPE), this Report comprehensively illustrates Network-Cloud convergence architecture and the requirements to the underlying network. In addition, it highlights the role of IPv6 and its enhanced features in Network-Cloud convergence.

Read More...

ETSI releases new specification on Quality of Service for F5G

Sophia Antipolis, 20 June 2022

The ETSI's 5^th-Generation Fixed Network group (F5G ISG) has released a new specification, ETSI GS F5G 005 on “High-Quality Service Experience Factors”. This specification studies the end-to-end Quality of Experience (QoE) factors for services over the broadband network. High QoE reflects the overall performance of services from the end user's perspective. It also analyses the general factors that impact service performance and identifies the overall high-QoE dimensions for each service, mainly using Virtual Reality (VR) as a benchmark for F5G applications.

Read More...

ETSI OSM launches Release TWELVE, with enhanced Network Function resiliency and runtime operations

Sophia Antipolis, 30 June 2022

ETSI OSM is pleased to announce OSM Release TWELVE, the second Long Term Support release of ETSI Open Source MANO and one of its most prolific releases. One of the main new features of Release TWELVE is the ability to heal network functions that may be affected by any kind of infrastructure failure. This healing process, which may be triggered either manually or automatically depending on operator preference, can be applied in all the clouds supported by OSM, in line with OSM’s multi-cloud approach.

Read More...

ETSI releases new Report on IPv6-based Blockchain

Sophia Antipolis, 31 August 2022

ETSI has just released ETSI GR IPE 012, a new IPv6 Enhanced innovation (IPE) Group Report “IPv6-based Blockchain”. The report outlines how IPv6 can be utilized by blockchain networks to secure direct peer-to-peer payments between end users, as well as the potential future role of IPv6 as vital infrastructure, supporting the blockchain.

Read More...

ETSI releases first O-RAN specification

ETSI - Sophia Antipolis/France, O-RAN ALLIANCE - Bonn/Germany, 15 September 2022

ETSI and O-RAN are pleased to announce that ETSI has adopted the first O-RAN specification as ETSI TS 103 859, namely ‘O-RAN Fronthaul Control, User and Synchronization Plane Specification v7.02’. The document focuses on Open Fronthaul, one of the interfaces in the O-RAN Architecture for open and intelligent Radio Access Networks. It specifies the control plane, user plane and synchronization plane protocols used over the fronthaul interface linking the O-DU (O-RAN Distributed Unit) and the O-RU (O-RAN Radio Unit) for the lower layer functional splits. The scope of TS 103 859 includes both LTE and NR (5G). 

Read More...

ETSI OSM launches Release THIRTEEN with a new scalable architecture for massive closed-loop operations

Sophia Antipolis, 15 December 2022

The ETSI Open Source MANO community is proud to announce OSM Release THIRTEEN, meeting the already established cadence of two releases per year, alternating between Long Term Support (LTS) releases such as Release TWELVE (2 years’ support) and Standard releases (6 months support).

Read More...

Sophia Antipolis, 26 January 2023

The ETSI Industry Specification Group for Network Functions Virtualization (ISG NFV) has just published its next drop of specifications around new enhancements of the NFV architecture that will support cloud-native network functions.

Read More...

Sophia Antipolis, 2 February 2023

ETSI Open Source Group TeraFlowSDN has just announced the 2nd release of TeraFlowSDN controller, an innovative and robust SDN orchestrator and controller.

Read More...

Sophia Antipolis, 6 March 2023

The ETSI group on Encrypted Traffic Integration (ISG ETI) is pleased to announce the release of the group report GR-ETI-002 “Requirements definition and analysis”, the next step for the problems previously outlined in the report GR-ETI-001 “Problem Statement”.

Read More...

Sophia Antipolis, 27 April 2023

ETSI has just released a Protection Profile (PP) for the security evaluation of quantum key distribution (QKD) modules, ETSI GS QKD 016. This Protection Profile is a first and anticipates the need for quantum safe cryptography. The ETSI specification will help manufacturers to submit pairs of QKD modules for evaluation under a security certification process.

Read More...

Sophia Antipolis, 16 May 2023

ETSI is pleased to announce the release of the first Group Report developed by its Reconfigurable Intelligent Surface Industry Specification Group. The ETSI Report ETSI GR RIS-001 identifies and defines relevant RIS use cases, with corresponding general Key Performance Indicators (KPIs). It also describes deployment scenarios as well as potential requirements for each identified use case, to enable interoperability with existing and upcoming wireless technologies and networks.

Read More...

Sophia Antipolis, 11 July 2023

ETSI is pleased to announce three new Reports developed by its Securing AI group (ISG SAI). They address explicability and transparency of AI processing and provide an AI computing platform security framework. The last Report is a multi-partner Proofs of Concepts framework.

Read More...

Sophia Antipolis, 26 July 2023

The ETSI Open Source MANO community is proud to announce OSM Release FOURTEEN. Release FOURTEEN is a Long-Term-Support (LTS) release of ETSI OSM, providing two years of continuous support with bug fixes and security patches, and including significant improvements in many key areas.

Read More...

Sophia Antipolis, 28 August 2023

ETSI is pleased to announce the completion of its Release 2 specifications on Fifth Generation Fixed Network (F5G). Building upon the accomplishments of Release 1, the ETSI F5G group has introduced an array of additional features that bring fiber fixed networks into the next level.

Read More...

Sophia Antipolis, 7 September 2023

ETSI is thrilled to announce its new Group Report on Artificial Intelligence on the use of AI for what are commonly referred to as deepfakes. The Report ETSI GR SAI 011, released by the Securing AI (ISG SAI) group, focuses on the use of AI for manipulating multimedia identity representations and illustrates the consequential risks, as well as the measures that can be taken to mitigate them.

Read More...

Sophia Antipolis, 20 September 2023

ETSI has published a new standard on “Requirements for trust service providers issuing publicly trusted S/MIME certificates” (ETSI TS 119 411-6 ) helping Trust Service Providers comply with new standards for S/MIME certificates that are enforced since 1 September 2023. Secure MIME (S/MIME) certificates are used to sign, verify, encrypt, and decrypt email messages. 

Read More...

Sophia Antipolis, 14 November 2023

ETSI is happy to announce that at a meeting in October of its technical committee in charge of the TETRA standard (TCCE), a full consensus was reached to make the primitives of all TETRA Air Interface cryptographic algorithms available to the public domain.

Read More...

Sophia Antipolis, 21 December 2023

The ETSI Open Source MANO community is proud to announce OSM Release FIFTEEN, meeting the well-established cadence of two releases per year. The OSM community delivers one Long Term Support (LTS) and one regular release every year, to ensure the OSM user base is provided with continuous innovations and production-ready stability.

Read More...

Sophia Antipolis, 31 January 2024

The European Telecommunications Standards Institute (ETSI) has published a significant new technical report, "ETSI TR 103 936 V1.1.1 (2024-01): Cyber Security; Implementing Design Practices to Mitigate Consumer IoT-Enabled Coercive Control". This pioneering document addresses the increasingly important issue of safeguarding individuals from coercive control through the misuse of consumer Internet of Things (IoT) devices.

Coercive control encompasses a range of abusive acts such as security breaches, privacy invasions, harassment, physical assault, and other patterns of behaviour that can limit autonomy or cause emotional harm to potential targets.

Read More...

Sophia Antipolis, 05 April 2024

ETSI is pleased to announce the release of the first two Group Reports developed by its Terahertz Industry Specification Group (ISG THz). They are addressing key elements in this initial phase of the pre-standardization works for THz communications: the use-cases and the spectrum. The role of ETSI ISG THz is to develop an environment where various actors from the academia, research centres, industry can share, in a consensus-driven way, their pre-standardization efforts on THz technology resulting from various collaborative research projects and global initiatives, paving the way towards future standardization. Complementing the work of other ETSI Technical Bodies and other SDOs, the group concentrates on establishing the technical foundation for the development and standardization of THz communications.

Read More...

Sophia Antipolis, 30 April 2024

The ETSI TeraFlowSDN community is proud to announce the third release of TeraFlowSDN, an innovative and robust SDN orchestrator and controller, delivering a fully featured Network Automation Platform. In this latest release, TeraFlowSDN enhances its capabilities with the integration of an Optical SDN controller, expanding device support to include gNMI and OpenConfig protocols. It also features enriched network integrations for end-to-end orchestration like IP over DWDM, L3VPN, MEC, and network topology exposure. The management of network topologies is improved with the addition of a new BGP-LS speaker able to discover the topologies, and a new Forecaster component is introduced, providing predictive insights for network management. These additions substantially augment the versatility and management capabilities of the TeraFlowSDN platform.

Read More...

Sophia Antipolis, 9 July 2024

ETSI is excited to announce OpenCAPIF Release 1 is now available in the ETSI Labs.

OpenCAPIF develops a Common API Framework as defined by 3GPP and this new version introduces several improvements and new features to deliver a more robust, secure, and efficient API Management Platform. These advancements are developed in tight collaboration and incorporating feedback from a growing Research Ecosystem including SNS projects such as 6G-SANDBOX, FIDAL, IMAGINEB5G, SAFE6G, ORIGAMI, ENVELOPE and SUNRISE6G.

Read More...

Sophia Antipolis, 29 July 2024

We are thrilled to announce our latest official release of OpenSlice, proudly brought to you by ETSI Software Development Group OpenSlice (SDG OSL). This marks our first release under the ETSI umbrella, reflecting our commitment to excellence and innovation in the field of open-source Operations Support System (OSS) solutions.

We want to keep the community’s interest on par with our highest passion and expectation to revolutionize the way Network as a Service (NaaS) is delivered, and our latest release is a testament to our dedication! With this new release, we introduce significant changes aimed at enhancing user engagement and addressing the contemporary needs of both research and industry sectors on the matter.

"The latest OpenSlice 2024Q2 version is a manifest to our commitment to pave the way for modern telco-cloud requirements, seamless integration and reference implementations for 6G" - Christos Tranoris, Senior Research at UPATRAS and Chair of ETSI SDG OSL.

Read More...

Sophia Antipolis, 4 September 2024

The ETSI Open Source MANO community is proud to announce OSM Release SIXTEEN, a Long-Term-Support (LTS) release of ETSI OSM, which becomes the most innovative and feature-packed release shipped by OSM to date.

This release brings a revolution in OSM’s functionality, positioning OSM as a generalized cloud-native orchestrator for infrastructure, platforms and services, which extends significantly its former scope. Full cloud-native management of Kubernetes clusters in public clouds, together with the applications or software units running on them, is now possible with Release SIXTEEN. Every operation related to the cluster management (creation, upgrading, scaling, deletion) or the applications running on them is reflected in Git repositories, following the GitOps model. This has been possible thanks to a major change in the internal architecture of OSM.

Read More...

Sophia Antipolis, 5 September 2024

The ETSI Industry Specification Group for Network Functions Virtualization (ISG NFV) has just published its specifications of Release 5 first drop as version 5.1.1.

Read More...

Sophia Antipolis, 8 October 2024

ETSI announces the completion of its Release 3 specifications on Fifth Generation Advanced Fixed Network (F5G-A). Building on the achievements of the Release 1 and Release 2, the ETSI ISG F5G has specified a series of new features and capabilities, further elevating fixed fiber networks to a new level:

• Specification of F5G Advanced
  ETSI ISG F5G unveiled the "F5G Advanced Generation Definition", which not only further enhances existing three foundational features of F5G-Enhanced Fixed Broadband (eFBB), Full Fiber Connectivity (FFC), and Guaranteed Reliable Experience (GRE), but also introduces three new key features: Real-time Resilient Link (RRL), Optical Sensing and Visualization (OSV), and Green Agile Optical network (GAO).

Read More...

Sophia Antipolis, 31 October 2024

Protect Confidentiality, Integrity and Availability of Data as Smart Devices Proliferate.

Read More...

Sophia Antipolis, 6 November 2024

End-to-end Network Automation and Security Framework

Read More...

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. Plus, OWASP is offering guidance about deepfakes and AI security. Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends.

Dive into six things that are top of mind for the week ending Nov. 8.

1 - CISA: Beware of nasty spear-phishing campaign

Proactively restrict outbound remote-desktop protocol (RDP) connections. Block transmission of RDP files via email. Prevent RDP file execution.

Those are three security measures cyber teams should proactively take in response to an ongoing and “large scale” email spear-phishing campaign targeting victims with malicious RDP files, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

A foreign threat actor is carrying out the campaign. Several vertical sectors, including government and IT, are being targeted.

“Once access has been gained, the threat actor may pursue additional activity, such as deploying malicious code to achieve persistent access to the target’s network,” CISA’s alert reads.
 

Other CISA recommendations include:

• Adopt phishing-resistant multi-factor authentication (MFA), such as FIDO tokens, and try to avoid SMS-based MFA
• Educate users on how to spot suspicious emails
• Hunt for malicious activity in your network looking for indicators of compromise (IoCs) and tactics, techniques and procedures

Although CISA didn’t name the hacker group responsible for this campaign, its alert includes links to related articles from Microsoft and AWS that identify it as Midnight Blizzard. Also known as APT29, this group is affiliated with Russia’s government.

To get more details, check out the CISA alert “Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments.”

For more information about securing RDP tools:

• “Commonly Exploited Protocols: Remote Desktop Protocol (RDP)” (Center for Internet Security)
• “What is remote desktop protocol (RDP)?” (TechTarget)
• “Wondering Whether RDP IS Secure? Here's a Guide to Remote Desktop Protocol” (AllBusiness)
• “Why remote desktop tools are facing an onslaught of cyber threats” (ITPro)
• “'Midnight Blizzard' Targets Networks With Signed RDP Files” (Dark Reading)

2 - OWASP issues AI security resources

How should your organization respond to deepfakes? What’s the right way of establishing a center of excellence for AI security in your organization? Where can you find a comprehensive guide of tools to secure generative AI applications?

These questions are addressed in a new set of resources for AI security from the Open Worldwide Application Security Project’s OWASP Top 10 for LLM Application Security Project. 

The new resources are meant to help organizations securely adopt, develop and deploy LLM and generative AI systems and applications “with a comprehensive strategy encompassing governance, collaboration and practical tools,” OWASP said in a statement.

These are the new resources:

• “The Guide for Preparing and Responding to Deepfake Events,” which unpacks four types of deepfake schemes – financial fraud, job interview fraud, social engineering and misinformation – and offers guidance about each one in these areas:
  • preparation
  • detection and analysis
  • containment eradication and recovery
  • post-incident activity
• “The LLM and GenAI Center of Excellence Guide,” which aims to help CISOs and fellow organization leaders create a center of excellence for generative AI security that facilitates collaboration among various teams, including security, legal, data science and operations, so they can develop:
  • Generative AI security policies
  • Risk assessment and management processes
  • Training and awareness
  • Research and development
• “The AI Security Solution Landscape Guide,” which offers security teams a comprehensive catalog of open source and commercial tools for securing LLMs and generative AI applications.

To get more details, read OWASP’s announcement “OWASP Dramatically Expands GenAI Security Guidance.”

For more information about protecting your organization against deepfakes:

• “How to prevent deepfakes in the era of generative AI” (TechTarget)
• “Deepfake scams escalate, hitting more than half of businesses” (Cybersecurity Dive)
• “The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks” (SecurityWeek)
• “How deepfakes threaten biometric security controls” (TechTarget)
• “Deepfakes break through as business threat” (CSO)

3 - Fake update variants dominate list of top malware in Q3

Hackers are doubling down on fake software-update attacks.

That’s the main takeaway from the Center for Internet Security’s list of the 10 most prevalent malware used during the third quarter.

Malware variants used to carry out fake browser-update attacks took the top four spots on the list: SocGholish, LandUpdate808, ClearFake and ZPHP. Collectively, they accounted for 77% of the quarter’s malware infections. It's the first time LandUpdate808 and ClearFake appear on this quarterly list.

^{(Source: “Top 10 Malware Q3 2024”, Center for Internet Security, October 2024)}

In a fake software-update attack, a victim gets duped into installing a legitimate-looking update for, say, their preferred browser, that instead infects their computers with malware.

Here’s the full list, in descending order:

• SocGholish, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updates 
• LandUpdate808, a JavaScript downloader distributed through malicious websites via fake browser updates
• ClearFake, another JavaScript downloader used for fake browser-update attacks
• ZPHP, another JavaScript downloader used for fake software-update attacks
• Agent Tesla, a remote access trojan (RAT) that captures credentials, keystrokes and screenshots
• CoinMiner, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)
• Arechclient2, also known as SectopRAT, is a .NET RAT whose capabilities include multiple stealth functions
• Mirai, a malware botnet that compromises IoT devices to launch DDoS attacks
• NanoCore, a RAT that spreads via malspam as a malicious Excel spreadsheet
• Lumma Stealer, an infostealer used to swipe personally identifiable information (PII), credentials, cookies and banking information

To get more information, the CIS blog “Top 10 Malware Q3 2024” offers details, context and indicators of compromise for each malware strain.

For details on fake update attacks:

• “Fake browser updates spread updated WarmCookie malware” (BleepingComputer)
• “Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware” (The Hacker News)
• “Hackers Use Fake Browser Updates for AMOS Malware Attacks Targeting Mac Users” (MSSP Alert)
• “Malware crooks find an in with fake browser updates, in case real ones weren't bad enough” (The Register)
• “Fake Google Chrome errors trick you into running malicious PowerShell scripts” (BleepingComputer)

VIDEO

Fake Chrome Update Malware (The PC Security Channel)

4 - CISA’s first international plan unveiled

CISA has released its first-ever international plan, which outlines a strategy for boosting the agency’s collaboration with cybersecurity agencies from other countries.

Aligning cybersecurity efforts and goals with international partners is critical for tackling cyberthreats in the U.S. and abroad, according to the agency.

The three core pillars of CISA’s “2025 - 2026 International Strategic Plan” are:

• Help make more resilient other countries’ assets, systems and networks that impact U.S. critical infrastructure
• Boost the integrated cyber defenses of the U.S. and its international partners against their shared global cyberthreats
• Unify the coordination of international activities to strengthen cyberdefenses collectively

The plan will allow CISA to “reduce risk to the globally interconnected and interdependent cyber and physical infrastructure that Americans rely on every day,” CISA Director Jen Easterly said in a statement.

5 - Interpol hits phishers, ransomware gangs, info stealers

Interpol and its partners took down 22,000 malicious IP addresses and seized thousands of servers, laptops, and mobile phones used by cybercriminals to conduct phishing scams, deploy ransomware and steal information.

The four-month global operation, titled Synergia II and announced this week, involved law enforcement agencies and private-sector partners from 95 countries and netted 41 arrests.

“Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime,” Neal Jetton, Director of Interpol’s Cybercrime Directorate, said in a statement.

In Hong Kong, more than 1,000 servers were taken offline, while authorities in Macau, China took another 291 servers offline. Meanwhile, in Estonia, authorities seized 80GB of server data, which is now being analyzed for links to phishing and banking malware.

For more information about global cybercrime trends:

• “AI-Powered Cybercrime Cartels on the Rise in Asia” (Dark Reading)
• “AI Now a Staple in Phishing Kits Sold to Hackers” (MSSP Alert)
• “The Business of Cybercrime Explodes” (BankDirector)
• “Nation state actors increasingly hide behind cybercriminal tactics and malware” (CSO)

6 - IST: Ransomware attacks surged in 2023

Ransomware gangs went into hyperdrive last year, increasing their attacks by 73% compared with 2022, according to the non-profit think tank Institute for Security and Technology (IST).

The IST attributes the sharp increase in attacks to a shift by ransomware groups to “big game hunting” – going after prominent, large organizations with deep pockets. 

“Available evidence suggests that government and industry actions taken in 2023 were not enough to significantly reduce the profitability of the ransomware model,” reads an IST blog.

Global Ransomware Incidents in 2023

Another takeaway: The ransomware-as-a-service (RaaS) model continued to prove extremely profitable in 2023, and it injected dynamism into the ransomware ecosystem. 

The RaaS model prompted ransomware groups “to shift allegiances, form new groups, or iterate existing variants,” the IST blog reads.

The industry sector that ransomware groups hit the hardest was construction, followed by hospitals and healthcare, and by IT services and consulting. Financial services and law offices rounded out the top five.

To learn more about ransomware trends:

• “Ransomware Is ‘More Brutal’ Than Ever in 2024” (Wired)
• “Ransomware on track for record profits, even as fewer victims pay” (SC Magazine)
• “How Can I Protect Against Ransomware?” (CISA)
• “How to prevent ransomware in 6 steps” (TechTarget)
• “Steps to Help Prevent & Limit the Impact of Ransomware” (Center for Internet Security)

TORONTO - The Ontario Securities Commission (OSC) is pleased to announce the release of the 2024 Investment Fund Survey (IFS) data dashboard.

In this special episode, we're remembering StoryCorps participant Rick Abath, who talked to his wife, Diana, about being on guard during the biggest art heist in history. Rick died last month at the age of 57.

Learn more about sponsor message choices: podcastchoices.com/adchoices

NPR Privacy Policy

Toronto, ON — The Truth and Reconciliation Commission’s final report, tabled yesterday, provides an indelible pathway for our individual and collective need to heal and reconcile our past in order to move forward. Central to moving forward on an improved relationship between Indigenous people and Canadians is helping young Indigenous people and families meet and […]

Desktop 3D printers generate ultrafine particles (UFPs) while in operation. UFPs may pose a health concern since they are the size of nanoparticles and may be inhaled and penetrate deep into the human pulmonary system.

July PPC meeting at the CMSC Conference concludes last phase of Roadmap project.

Maplesoft today released Möbius, a hands-on learning tool focused on science, technology, engineering and mathematics education. The online courseware environment provides an interactive platform for students to explore STEM concepts, visualize problems and solutions, and receive real-time assessment feedback.

The AHR Expo (International Air-Conditioning, Heating, Refrigerating Exposition) released the full schedule for the 2025 AHR Expo Education Program. 

Trane introduces Thermal Battery™ Storage-Source Heat Pump System, Trane/Mitsubishi Electric HVRF, Versatile Axiom™ Water Source Heat Pumps, Next-Generation Precedent® Rooftop Units, and two enhanced air handlers. 

Posted by Gordon Fyodor Lyon on May 05