On September 12th the Cyber Senate will be hosting the European Rail Cyber Security Working Group in a roundtable format with discussion groups in the morning and outcomes presented in the afternoon. Capped at 70 participants, this face to face knowledge sharing exercise is specifically designed to assist all stakeholders in the rail ecosystem with an opportunity to assess their security posture, and collaborate with their industry counterparts.
Already confirmed table leaders include the Rail Delivery Group, Deutsche Bahn, and the ERTMS Users Group. More announcements will be made shortly.
The cyber attacks from the last week have affected entities globally, from telecommunication infrastructure to medical facilities across the UK to European utilities as well as multiple other types of industries and consumers. The WannaCry ransomware will go down in history for setting an example of how malicious software can disrupt global networks, leaving systems crippled until demands are met.
This highlights so many issues we at the Cyber Senate have been working so hard to bring to our forums. We believe there is so much work to be done to fully understand how we can better develop a culture of awareness within our organisations, and how we address the skills gap in our industry. We Tneed to have a better understanding of the risks of 3rd party applications and the supply chain, as well as better educate procurement. There is still much work to do in developing synergies between IT and OT divisions wrestling with convergence, in understanding that compliance doesn’t equal security and that just because “you’re not connected to the internet” that you’re cyber secure. That is just a few areas we need better insight. On another note, how many ICS systems are still running a unpatched version of Windows XP?
Cyber attacks that impact critical national infrastructure can ultimately cost lives. That is why these discussions are so important. These events are built to facilitate public and private information sharing, to assist you and your team in understanding how your industry counterparts are meeting the challenge, what you are doing right, wrong, and to help define “what is best practice?”
We hear a lot about vendor accountability and disclosure which is another piece of this puzzle that needs to be addressed. We, however, believe people are the most important factor in the cyber kill chain. Technology will never tick all the boxes, it can and does fail and so do humans. It is how we get up, respond, move forward and learn from these lessons that count.
We hope to meet you in 2017. If we can help you bridge the gap, do not hesitate to reach out.
The NCSC issue guidance on Ransomware
‘The NCSC are aware of a ransomware campaign relating to version 2 of the “WannaCry” malware affecting a wide range of organisations globally.
NCSC are working with affected organisations and partners to investigate and coordinate the response in the UK. This guidance will be updated as new information becomes available.
From investigations and analysis performed to date, we know that the malware encrypts files, provides the user with a prompt which includes; a ransom demand, a countdown timer and bitcoin wallet to pay the ransom into.
The malware uses the vulnerability MS17-010 to propagate through a network using the SMBv1 protocol. This enables the malware to infect additional devices connected to the same network.”