Welcome to RHEA’s Security Bulletin in which we share information on this growing market, and provide an insight into RHEA’s cybersecurity strategy and activities.
In this issue:
What we can learn from the cyberattacks on Belgium
Featured product – CITEF™, the power behind our Next Generation Cyber-Range Services
Horizon 2020 PANACEA update
The European Union Agency for Cybersecurity (ENISA) – News update
Events
In the eye of the cyber storm
Recently, a major cyberattack on the Belgian city of Liège rendered many public services unavailable, reminding us that nobody is safe or immune. It also emphasizes how vital it is for every organization and business to have a comprehensive, up-to-date cybersecurity system in place – including cyber awareness among all staff and full cyber hygiene. But more is needed.
The scale and consequences of this cyberattack are still being analyzed. Worryingly, this attack came just a month after a distributed denial of service (DDoS) attack that affected over 200 organizations in Belgium, including Belgium’s parliament, police agencies and transit company.
Belgium is not the only country under attack. The European Union Agency for Cybersecurity (ENISA) reported there were 304 significant, malicious attacks against ‘critical sectors’ in the EU in 2020, more than double the number recorded in 2019. The agency also reported a 47% rise in attacks on hospitals and healthcare networks.
Both recent Belgian attacks have impacted not just the organizations involved but also many citizens. This will undoubtedly have huge costs for taxpayers, whether or not a ransom is paid. Thankfully, awareness and investment in security solutions and services are increasing in both public and private sectors.
Several highly effective options are already available including:
Cyber campaigns and training using cyber-range technology to run exercises in a safe virtual environment to prepare employees for what is inevitably to come.
Cybersecurity consulting and advisory services can analyze vulnerabilities and threats to organizations, and design and support projects to enhance their overall security posture.
On a day-to-day level, organizations do not just need firewalls and antivirus software, but 24/7 managed detection and response SOC (security operations centre) services, including access to accurate and up-to-date cyber threat intelligence to respond and intervene quickly in the case of an incident.
Organizations also need to be fully prepared, with emergency management procedures in place should an attack occur, plus plans for recovery after an attack, including disaster recovery and business continuity.
RHEA provides all these services and solutions, and more. To find out how, email info@rheagroup.com. Together we can tackle cybercriminals and make the world a safer place.
Featured product – CITEF™
RHEA’s CITEF™ platform, which powers our Next Generation Cyber-Range Services, is approaching its next bimonthly release, which will include an impressive set of new features.
We are enhancing CITEF with new automation capabilities, including an ‘Attack Generator’ component that will be deployed in the scenarios to automatically perform scans, attacks, exploits and assessments.
The Attack Generator is linked to the new Events Timeline that will enable us to define events during the design phase of a scenario, start the scenario and monitor the progression of events during its execution. This provides many new possibilities for trainers and testers, reducing human intervention and allowing for more complex exercises.
Alongside the CITEF technology improvements, our Cyber-Range Training team is augmenting our training packages. These include awareness, offensive and defensive courses, with varying levels of difficulty, for up to 20 students.
The latest addition is a maritime-specific scenario in collaboration with the ECHO H2020 project (www.echonetwork.eu). This scenario demonstrates the danger of insecure ship network infrastructures and allows skills augmentation on detection, recovery and security hardening in response to malware threats targeting a ship’s navigation systems.
The scenario also highlights the importance of security-by-design and how unsafe configurations can compromise critical infrastructure, with serious real-world consequences. The scenario evolves into a full attack-and-defence campaign, where it further demonstrates the depth that an attacker can reach in seemingly secure, ‘out-of-reach’ enterprise networks, and teaches how to counteract such attacks both passively and actively.
Horizon 2020 PANACEA update
The digital era is creating many opportunities for the economy and society. But it also introduces challenges, such as a fast-evolving and complex cyber risk landscape, where cyber incidents and cyberattacks cause the loss of billions of euros globally every year.
The European Union has adopted a wide range of measures to shield the Digital Single Market and protect critical infrastructure such as healthcare facilities.
PANACEA is a Horizon 2020 Research and Innovation Action led by the Università Cattolica del Sacro Cuore that provides a holistic security approach for healthcare organizations, from hospitals to medical device providers, through delivery of a complete cybersecurity toolkit.
PANACEA’s research elements are both technical (software platforms for dynamic risk assessment, secure information sharing and security-by-design) and non-technical (procedures, governance models, people behaviour tools).
Each component of the PANACEA toolkit can be implemented and used separately by healthcare organizations. Once implemented, they protect an ecosystem made up of components including:
The Healthcare Centre (HCC) network comprising operators, patients, citizens, security staff, medical doctors, nurses, top management, employees and administrative staff
Clinical information systems and related processes
Administrative information systems
Connected devices used inside and outside the hospital.
The PANACEA toolkit will also be able to manage secure information sharing with other HCCs, including HCCs that have not fully adopted the toolkit.
RHEA is one of the key players within the project, providing the technical coordination and developing several elements of the toolkit:
Dynamic Risk Management Platform (DRMP) – This is a dynamic risk assessment and mitigation tool developed in collaboration with Sapienza Università di Roma and RINA Consulting. DRMP helps to perform risk assessment evaluation of complex networks in real-time and suggest mitigation measures optimized for cost and risk reduction efficiency. DRMP is specifically tailored for networks that include medical devices.
Secure Information Sharing Platform (SISP) – A tool for secure, real-time sharing of healthcare data in multi-organization and cross-border scenarios, with full GDPR compliance. SISP solves one of the major healthcare IT issues in the EU, allowing hospitals to safely retrieve patients’ information from other healthcare organizations in other countries.
Secure Design Support Tool (SDSP) – This security-by-design tool allows medical device providers to securely develop healthcare devices, in compliance with standards and good secure engineering practices.
PANACEA recently started the validation phase of the toolkit, with three major hospitals in Ireland, Greece and Italy testing the outputs to improve their security posture. We will keep you updated on their progress.
The European Union Agency for Cybersecurity (ENISA) is the EU’s agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004, and strengthened by the EU Cybersecurity Act, ENISA contributes to EU cyber policy. It also enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow.
RHEA has recently signed a framework contract with ENISA for its Ad-hoc Cybersecurity Assistance Mechanism, created to support EU Member States against cybersecurity cross-border incidents and crises. We have also been awarded our first contract under this framework agreement for Lot 1, Guidelines for a Cyber Assistance Mechanism, to produce associated guidelines for all related stakeholders.
Events
NATO Industry Forum Link
2-9 September 2021
Robert Mazzolin, RHEA’s Chief Cybersecurity Strategist, and Sam Gerené, SEMT Business Unit Manager, will be presenting at the NATO Industry Forum on ‘Improving Agility in Defence Capability Innovation and Acquisition of Disruptive Technologies in the Space and Cyber Domains through Process Improvement and Concurrent Design’.
Global MilSatCom 2021
2-4 November 2021
Mark Roberts, RHEA’s Business Development Director for Security and Defence, will be presenting at Global MilSatCom 2021 on the ‘Disruptive Technology Focus Day’, looking at the development and need for UK spaceports.