NIST: New White Paper Series - Applying 5G Cybersecurity and Privacy Capabilities
5G technology for broadband cellular networks will significantly improve how humans and machines communicate, operate, and interact in the physical and virtual world. 5G provides increased bandwidth and capacity, and low latency.
To help, the National Institute of Standards and Technology (NIST), National Cybersecurity Center of Excellence (NCCoE) has launched the Applying 5G Cybersecurity and Privacy Capabilities white paper series.
The series targets technology, cybersecurity, and privacy program managers within commercial mobile network operators, potential private 5G network operators, and organizations using and managing 5G-enabled technology who are concerned with how to identify, understand, assess, and mitigate risk for 5G networks.
In the series, NIST provides recommended practices and illustrate how to implement them. All of the capabilities featured in the white papers have been implemented in the NCCoE testbed on commercial-grade 5G equipment.
NIST NCCoE has released the first two papers in the series: Applying 5G Cybersecurity and Privacy Capabilities: Introduction to the White Paper Series and Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI).
NIST NCCoE is accepting public input on the series until September 16, 2024.
(Source: NIST)
The Chinese Communist Party (CCP): A Quest for Data Control
The Center for Internet Security, Inc. (CIS®) Cyber Threat Intelligence (CTI) team at the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) assesses that apps owned by the People's Republic of China (PRC) pose a threat to users because of the PRC's ability to leverage these apps for data collection and malign influence operations.
Data control is central to the Chinese Communist Party's (CCP's) quest for digital and technological dominance on the world stage. This pursuit is supported by PRC laws granting the CCP the authority to collect data from Chinese companies. Given the popularity of these apps globally, and especially among American users, the CCP likely views the data stored within apps like TikTok, Shein, and Temu as an important resource for their data control goals.
Overall, the PRC likely views the expansion of Chinese-owned apps in the United States as an opportunity to develop new malign influence effort launch points and to harvest data across a range of industry verticals.
Before installing TikTok, Temu, Shein, or another Chinese-owned app, individuals and organizations should review the privacy policies to understand the types of data each app collects and conduct a risk assessment.
Read the CTI’s full threat assessment in its Aug. 14 blog.
(Source: MS-ISAC)
FBI shuts down Dispossessor ransomware group's servers across U.S., U.K., and Germany
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Radar/Dispossessor.
The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by individual(s) who go by the online moniker "Brain."
"Since its inception in August 2023, Radar/Dispossessor has quickly developed into an internationally impactful ransomware group, targeting and attacking small-to-mid-sized businesses and organizations from the production, development, education, healthcare, financial services, and transportation sectors," the FBI said in a statement.
As many as 43 companies have been identified as victims of Dispossessor attacks, including those located in Argentina, Australia, Belgium, Brazil, Canada, Croatia, Germany, Honduras, India, Peru, Poland, the U.A.E., the U.K., and the U.S.
(Source: The Hacker News)
‘Foreign cyberattack’ hits US city as local police claim bank accounts have been hacked: Report
A foreign cyberattack has reportedly hit the city of Columbus, Ohio. The attack has disrupted various city servers and appears to have compromised data, reports the Colombia Dispatch. The ransomware group Rhysida says it’s behind the hack, listing a trove of new data for sale on the dark web.
Although officials have released few details on the attack, the Columbus Division of Police First Assistant Chief says early signs show significant damage was done. The head of Columbus City’s police union Fraternal Order of Police Capital City Lodge #9, says his crew is being hit with apparent identity theft. An investigation is underway to determine whether it’s connected to the massive city infrastructure breach.
(Source: The Daily Hodl)
Police systems and online utility payments remain down after North Miami cyberattack
On Sunday, Aug. 4, North Miami detected a breach in its cybersecurity system, leading officials to close City Hall that Tuesday. It reopened Monday morning under usual business hours but with limited services. While many services and operations remained operational last week, several services remain delayed or altered.
While emergency services never went down, Galvin said computerized car systems for police are still not working, forcing officers to resort to radio communication to communicate addresses.
(Source: Miami Herald via Yahoo!News)
|
