Atac cibernetic in Romania

Institute for the Study of War si AEI’s Critical Threats Project publica o analiza a dezvoltarii parteneriatului dintre Federatia Rusa si Iran.

La pagina 2 este un scurt paragraf in care se relateaza despre un atac cibernetic in 15 iulie la adresa unor obiective din Romania executat de un grup de hackeri din Iran.

Link la intreg materialul aici Russia and Iran Double Down on Their Strategic Partnership

„Iran may have also organized a cyberattack to support Russia against NATO. A hacking group, Farigh al Tahereh, conducted a denial-of-service attack against Romanian websites, including the Romanian border guards’ website, on July 15. Iranian state media *has described Farigh al Tahereh as an “Iraqi resistance group”—terminology usually reserved for Iranian proxies. Farigh al Tahereh is likely either the cyber wing of an Iranian proxy in Iraq or a front group for the Islamic Revolutionary Guards Corps (IRGC). Iran may have targeted the Romanian border guards to threaten Europe with an overwhelming influx of migrants or refugees driven by the Russian invasion of Ukraine and consequent global food shortages.”

Directoratul National pentru Insecuritate Cibernetica

Despre interzicerea acktual24 (ro) si rolul Directoratului National pentru Securitate Cibernetica puteti citi aici

Site-ul Aktual24.ro redevine funcțional: DNSC se spală pe mâini. 

  • sper sa primim un comunicat oficial al Guvernului daca s-a gresit sau nu. Nu recunoașteri cu jumatate de gura ci un document scris asumat de guvern.
  • sper sa primim explicatii de la Directoratul National pentru Securitate Cibernetica daca au gresit sau nu, daca da in ce a constat greseala, cine a gresit si daca s-au luat masuri.
  • sper sa primim explicatii de la Autoritatea Naţională pentru Administrare şi Reglementare în Comunicaţii daca au gresit daca da sau nu, in ce a constat greseala, cine a gresit si daca s-au luat masuri.
  • sper ca Parlamentul Romaniei sa ancheteze urgent situatia de la Directoratul National pentru Securitate Cibernetica mai ales sub aspectul politizarii activitatii si al standardului cu care ar trebui condusa o asemenea agentie.
    Am spus cu alta ocazie ca proiectul DNSC nu a fost nici aprofundat si nici analizat de Parlament si legislativ in toate implicatiile sale si acum se vede ca sunt prea multe ape tulburi in guvernanta sectorului securitatii cibernetice iar DNSC doar le amesteca si mai tare in loc sa le limpezeasca.

Ucraina în ofensivă cibernetică

După ce Vladimir Putin a dat legea care pedepsește cu ani grei de inchisoare raspandirea de informatii false si dezinformari am realizat ca altfel stau lucrurile decat par.

Putin a dat legea cu dezinformare, deci a cam intrat in defensiva informațională, vestitul concept rusesc de ”spațiu informațional super performant” cred e ca puțin șvaițer

Ucraina este in ofensiva cibernetica.

Nu sunt expert dar incerc sa urmaresc. Razboiul informational facut de Ucraina va intra in manuale. Nu stiu daca il fac cu consilieri straini dar il fac foarte bine.

Practic ofensiva ucraineana este de fapt in spatiul cibernetic, domina spatiul informational si ofera mult material de studiu pentru SUA NATO UE despre cum evolueaza primul conflict in spatiul cibernetic din Europa ca domeniu operational al unui conflict conventional.

Un caz ideal:

  • este confruntata Federatia Rusa care are un concept super promovat al ”spațiului informațional” super securizat si super teoretizat.
  • se desfășoară în spațiul cibernetic european de interes pentru NATO, SUA si UE
  • razboiul informațional este parte dintr-un conflict conventional de foarte inalta intensitate si deci se poate analiza cum fucționează relația dintre strategia militară si domeniul operațional cibernetic.

Hosting de 3 Euro egal securitate de 3 Euro ?

Am dat si ieri pe facebook aceasta stire Massive Security Flaw Found In Most Hosting Providers. Dar vreau sa spun cateva lucruri si aici, ca un atehnic ce sunt. Stirea este despre o mare bresa de securitate in serverele sharuite, unde cineva cu un simplu cont de 2-3 euroi putea sa monitorizeze si sa fure din orice cont de pe acelasi server pentru securitate ioc. Deci imi iau eu frumos, ca un mare expert ce sunt, multe multe abonamente dastea sheruite de 2-3 euro bucata pe la firmele astea mari, ca primele firme de hosting din lume si care erau ferfenita si vad la greu tot ce vreau si fur tot ce imi place. Morala ar fi ca la hosting de 3 euro egal securitate de 3 euro. Bine, vor sari acum toti sa spune ca nu este asa, ca se poate detecta, stirea insa vorbeste despre bresa majora, mii si mii de conturi. Intrebarea este daca la abonamente de 3 euro este asa, cum este la abonamentul de 300 de euro ? o fi securitate de 300 de euro sau tot de 3 euro ?

Ce vreau sa spun este ca putem sa investim cat vrem noi in actualul concept de securitate cibernetica ca nu vom progresa satisfacator. Imbunatatim partial dar pe ansamblu capitolul de incredere este cel care nu poate fi rezolvat. Si am impresia ca atunci cand cineva vinde hosting de 3 euro sau de 3000 de euro uita sa se intrebe daca la pachet vinde si securitate la un anumit pret. Vrem sa vindem multe abonamente de 3 euro ca daia sunt de 3 euro si nu de 300, dar de cati euro vindem securitate cibernetica ? Vor fi si din cei care vor spune ca securitatea nu este prioritara pentru beneficiarii de servicii de 3 euro insa acceasi beneficiari sunt foarte sensibili cand vad ca performantele serviciului cumparat pe 3 euro scad invers proportional cu problemele de securitate.

Eu cred ca si din stire reiese ca la abonamentele ieftine de hosting trebuie sa aplici o politica de securitate mai costisitoare, asta daca esti un provider responsabil. Concluzia mea este ca actualul concept de securitate cibernetica si-a cam atins limitele, in mare toate eforturile sunt pentru a perfectiona parti si subcapitole si ar cam trebui sa schimbam paradigma de securitatea cibernetica. Sau nu ? Adica nu mai este nimic de inventat in acest domeniu ?

Securitatea cibernetica europeana

Vreau sa semnalez o decizie recenta importanta pentru politica europeana in domeniul securitatii cibernetice. In cadrul programului UE Horizon 2020  (programul dispune de 80 mild. Euro pe perioada 2014-2020), dedicat cercetarii si inovarii, au fost selectate 4 mari proiecte prin care va fi dezvoltatat conceptul pilot operational pentru viitoarea retea europeana pentru competente in domeniul secuirtatii cibernetice. Decizia contribuie si la European Cybersecurity Research & Innovation Roadmap, un obiectiv inportant al programului Horizon 2020.

Pare foarte tehnic tot ce am scris mai sus, mai simplu spus se urmareste stabilirea unui cadru comun de competente pentru orice responsabil pe domeniul securitate cibernetica din Europa. Acest obiectiv va contribui la o aplicare uniforma a bunelor practici in domeniu, la interoperabilitatea dintre tari si la stabilirea unor programe de educatie si formare cu standarde europene agreate de catre toti memebri UE.

Cele 4 proiecte sunt importante si recomand sa le urmariti.

CONCORDIA

„CONCORDIA is a four-year multi-disciplinary research and innovation project, and will play a leadership role in boosting the effectiveness of EU’s security union. The project, started in January 2019, is coordinated by the Research Institute CODE from the Bundeswehr University Munich and involves 46 partners in total.”

CONCORDIA will help Europe strengthen its security capabilities and to secure its digital society, economy and the fundamental data society’s principles for both security and privacy.
CONCORDIA adopts an inclusive approach, fostering a wide alliance spanning Europe’s research, industry and public sectors, and including key professionals from a variety of fields. By developing innovative, marketable solutions to protect Europe against cyber attacks, CONCORDIA will capitalize on Europe’s unique pool of skills and talents in the area of ICT and cybersecurity to also establish an European Education Ecosystem for Cybersecurity. The project will be a fundamental instrument for promoting excellent research, market innovation, skill building, and a research roadmap for cybersecurity in Europe. In this context, the vision of CONCORDIA is to create a community, building bridges and setting the foundations for strong cooperation between all stakeholders. The EU budget contribution is 16 M€ with a 7 M€ additional funding contributed by national authorities and industry.

ECHO

The ECHO project (European network of Cybersecurity centres and competence Hub for innovation and Operations) is one of four Pilot projects, launched by the European Commission, to establish and operate a Cybersecurity Competence Network. Amid keynote presentations from supporting representatives of EU agencies and industry, the project was officially launched at the Conference Hall of the Royal Military Academy of Belgium, on February 25th, 2019.

The ECHO project will deliver an organized and coordinated approach to strengthen proactive cyber defence in the European Union, through effective and efficient multi-sector collaboration. The project already involves 30 partners from the East to the West of Europe, and is actively engaging new partners interested to contribute to the cybersecurity resilience of the EU and in reaching the collaboration goals.
Through the project, the ECHO partners will develop, model and demonstrate a network of cybersecurity research and competence, with a centre of research and competence at the hub. While technology companies struggle with a fragmented view of security requirements across industrial sectors and fragmented national policies for security test and certification, the ECHO project will contribute an adaptive model for information sharing and collaboration among the network of partners and related agencies.

SPARTA

SPARTA is a novel Cybersecurity Competence Network, supported by the EU’s H2020 program, with the objective to develop and implement top-tier research and innovation collaborative actions.
Strongly guided by concrete challenges forming an ambitious Cybersecurity Research & Innovation Roadmap, SPARTA will setup unique collaboration means, leading the way in building transformative capabilities and forming a world-leading Cybersecurity Competence Network across the EU. From basic human needs (health) to economic activities (energy, finance, and transport) to technologies (ICT and industry) to sovereignty (eGovernment, public administration), four research and innovation programs will push the boundaries to deliver advanced solutions to cover emerging challenges.
The SPARTA consortium, led by CEA, assembles a balanced set of 44 actors from 14 EU Member States at the intersection of scientific excellence, technological innovation, and societal sciences in cybersecurity. Together, along with SPARTA Associates, they aim at re-imagining the way cybersecurity research, innovation, and training are performed in Europe across domains and expertise, from foundations to applications, in academia and industry.

CyberSec4Europe

CyberSec4Europe will align and interconnect a vast pool of research excellence in existing centres and research facilities, bringing together cybersecurity expertise in an interdisciplinary manner while developing a governance model for the future European Cybersecurity Competence Network. The 43 consortium partners will consolidate and reinforce cooperation and synergies between the research and industrial communities, including SMEs. The 42-month project will strengthen the research and innovation competence and cybersecurity capacities of Member States to meet the increasing number of cybersecurity challenges in the future.

The project has identified key demonstration cases in different industrial domains, including finance, healthcare, transportation and smart cities. These address prominent research areas in both the public and private sectors that correspond closely with real-world issues, cyber threats and security problems. Another important outcome will be the development of a cybersecurity skills framework model to be used as a reference by education providers, employers and citizens.

Lead Co-ordinator, Professor Dr. Kai Rannenberg, Goethe University Frankfurt, says: “On behalf of the CyberSec4Europe consortium of partners, we are extremely grateful to the European Commission for this opportunity to explore one of the most exciting initiatives in the area of multi-disciplinary, cross-sector cybersecurity research and innovation in Europe. We are very excited to be at the forefront of efforts to address the challenges in developing a common European approach to cybersecurity while protecting core European values such as privacy and the rights of smaller market players such as consumers and SMEs.”

The CyberSec4Europe contract starts with immediate effect and will last until July 2022 at a total cost of 16 MEUR.