Supervised vs automated response to cyberthreats Cyberthreats are continually becoming more sophisticated, thus creating a demand for an equally advanced threat detection and response. Detection of cyberthreats can very much benefit from the adoption of AI, as it is able to detect attack patterns and perform correlations among various security-related events. However, when it comes to incident handling, a fully AI-enabled approach may actually cause more harm than good, due to the critical human factors involved.
Storytelling Workshops 2022 We have organised storytelling workshops in the two pilot sites of the project: the municipalities of Larissa and Foggia. Representatives of multiple public and private organisations came together for four days for these workshops that were organised by our project. During the workshop, participants shared stories about their experiences with cybersecurity in their organisations, and, in addition, discussed real world examples of cyberattacks that had serious implications on a region, or, the term we like to use, on an entire ecosystem.
Cybersecurity – a case for advanced decision models Advanced attacks demand advanced countermeasures. On a technical level there already is an elevated level of awareness and readiness. That is why in a first wave of attacks criminals usually focus on tricking users into opening up systems for them . While this has now been the rule for at least over a decade, the way in which these attacks are prepared now follow an almost military style approach.
Data poisoning attacks Data poisoning is an increasingly important security concern for Machine Learning (ML) systems. As machine learning models are becoming more prevalent in our lives, they are also becoming more vulnerable to malicious attacks. Data poisoning attacks are one of the most insidious and difficult-to-detect kinds of threats on ML models. Data poisoning is a type of adversarial attack in which a cybercriminal injects malicious data into a machine learning model.
Massive increase in cyber attacks in 2022 Universities, research centers, state and military services, hospitals, communication infrastructure and banks have received numerous cyberattacks in 2022; and the worst is yet to come. It is estimated that more than 1.000 cyberattacks per organisation take place throughout the universe, which is 38% more than 2021. In Europe in particular, the average number of attacks per target reached 1.000, with an increase of 26% when compared to 2021.
CriM - Engaging the next generation of cyber security professionals During November 2022 we held the Cyber Security Seminar and Workshops in Oulu, Finland. This four days event has been held since 1999 and brings together teachers, researchers, experts, and students of cybersecurity: https://www.oulu.fi/en/crim. CriM had twelve talks before lunch and three exercises in the afternoon, covering topics from incidence response to password handling. We were especially glad to hear a talk from Bart Preneel, Europe’s most pronounced cryptography expert, who reminded us at the end of his presentation to a quote from Immanuel Kant “Optimism is a moral duty”.
Cybersecurity For Public Utilities Solutions III Failing to understand the gravity of the potential effects of a power grid attack leaves municipal utility companies unprepared to enact the necessary cybersecurity counter-measures necessary to prevent or, at least, mitigate attacks. As Miller , points out, local governments could benefit from the information that would lead to the early prevention of cyberattacks. Unfortunately, the information is often hidden or never revealed. Although municipalities are obliged to report attacks in a timely fashion, they often avoid reporting attacks to maintain credibility.
Cybersecurity For Public Utilities Solutions II Cyberattacks launched on municipal utility companies are similar to attacks in any other industry. However, the potential for OT attacks and the dangers of a major service disruption has raised the stakes. Miller outlines in this article  the most common cybersecurity attacks that have affected municipal utility companies. Denial of Service Attacks that stop users from accessing essential networks are typically referred to as denial of service (DoS) or distributed denial of service (DDoS) attacks.
Cybersecurity For Public Utilities Solutions I In 2021 Jason Miller wrote an article on cybersecurity for municipal utilities stressing that cyber-attacks were increasing every year and greatly impacting a wide range of high-profile targets from governmental agencies to financial and insurance organizations, hospitals and other health facilities, and educational institutions. Of particular concern in many countries, he points out, is the situation on local levels where local governments with municipal utilities are often under-funded with poorly trained staff .
Welcome CS-Connect! In CS-AWARE-NEXT, the role of our unit, CERICT-Università di Salerno, is to design, develop and evaluate, a collaboration layer for the ecosystem, aimed to support the organisations in their activities toward improved security. We are actually collecting all the requirements from the use cases and we have had very interesting discussions with the organisations in the ecosystems in Larissa and in Foggia, to find out what is actually needed to ensure adequate support to the ecosystem.