Project blog

CS-Connect first steps!

CS-Connect first steps!

As you may remember, one of the many exciting outcomes of CS-AWARE-NEXT is the collaboration platform that has been baptized CS-Connect in the Wien meeting! CS-Connect is a collaboration layer for the ecosystem, aimed to support the organisations in their activities toward improved security.

We have collected the requirements and are now deciding what is the current basis for the development and overcoming different technological challenges. We have selected several Open Collaboration Platforms (CPs) to study and evaluate. The objective is to select the one that is best suitable for us to build CS-Connect on top, using the traditional and well-established open source development model of “Standing on the shoulder of giants” which is to guarantee quick prototyping, software stability and resiliency, as well as sustainability of complex software projects.

Continue reading

A step towards DORA Compliance

Most organizations, regardless of the vertical, are often engaged in complex and massive interconnections leading to some security challenges. As a result, individual and local initiatives alone may not suffice to effectively defend against current and future threats. Indeed, more synergy and collaboration amongst companies that are “shareholders in security” hence affected by the breach from others, is essential. Recent EU cybersecurity initiatives including the NIS/NIS2 and DORA for the financial sector have ought to address the cybersecurity and resilience of both, organizations delivering essential and vital services on the one hand, and the financial services, on the other. According to both regulations, cyber risks from third party organizations and the ensuing disruption cannot be effectively managed without due attention to the supply chain risk management.

Continue reading

The legend of The Scottish Thistle - the early version of a socio-technical defence system!

Technology is getting both advanced and effective, but what good does it do if we don’t understand and use it properly? Humans have a long history of using tools to help us make our jobs easier or for keeping us safe. However, technology can only do so much on it’s own. It needs a human touch to fulfil its full potential.

Lets jump right into a famous legend of humans and technology working together to prevent an approaching attack:

Continue reading

Supervised vs automated response to cyberthreats

Cyberthreats are continually becoming more sophisticated, thus creating a demand for an equally advanced threat detection and response. Detection of cyberthreats can very much benefit from the adoption of AI, as it is able to detect attack patterns and perform correlations among various security-related events. However, when it comes to incident handling, a fully AI-enabled approach may actually cause more harm than good, due to the critical human factors involved.

Continue reading

Storytelling Workshops 2022

We have organised storytelling workshops in the two pilot sites of the project: the municipalities of Larissa and Foggia. Representatives of multiple public and private organisations came together for four days for these workshops that were organised by our project.

During the workshop, participants shared stories about their experiences with cybersecurity in their organisations, and, in addition, discussed real world examples of cyberattacks that had serious implications on a region, or, the term we like to use, on an entire ecosystem. An ecosystem is a group of organisations that live and interact together in a particular environment. Despite cybersecurity being ubiquitous, and attacks coming from anywhere, in an ecosystem, local organisations can have joint interests when it comes to cybersecurity.

Continue reading

Cybersecurity – a case for advanced decision models

Advanced attacks demand advanced countermeasures. On a technical level there already is an elevated level of awareness and readiness. That is why in a first wave of attacks criminals usually focus on tricking users into opening up systems for them . While this has now been the rule for at least over a decade, the way in which these attacks are prepared now follow an almost military style approach. With new, highly distributed environments, little protected IoT systems, tools based on AI, and the weakest link in the chain, the human, not being able to invest the needed time and resources in cyber security, the rise in successful cyber-attacks is predictable . While the need for education and training is commonly accepted, the necessary significant shift in countering cyber-attacks from a purely operational to a tactical and strategic level is still an open issue in many organizations. Policy-based reactions to cyber-attacks should have long ago replaced the still prevailing bug-fixing approach to dealing with an intrusion. However, there is some light at the end of the tunnel. Learning from military and business decision making, such long overdue model-based solutions are also finding their way into the field of cyber security. The first highly successful wave of these decision models is shaped by the now legendary OODA Loop , which properly links observations (e.g., OSINT cyber threat intelligence, system monitoring) with an advanced form of classification (called orientation). These two steps, when combined properly, can provide the critical situational awareness needed to make the right decision, on which the actions taken depend. Especially in distributed collaborative environments, which typically characterize the ecosystem of projects like CS-AWARE-NEXT , these models are a welcome game changer. When applied together with well-established cyber defence frameworks such as NIST/CSF , there is an opportunity to thwart even advanced AI-based attacks. Attacks are on the rise and their sophistication is growing, but better situational awareness, advanced military grade decision models and proven cybersecurity frameworks, when applied in an integrated way can equip Security Operations Centres with the necessary tools to successfully shelter the expected oncoming heavy attack storms.

Continue reading

Data poisoning attacks

Data poisoning is an increasingly important security concern for Machine Learning (ML) systems. As machine learning models are becoming more prevalent in our lives, they are also becoming more vulnerable to malicious attacks. Data poisoning attacks are one of the most insidious and difficult-to-detect kinds of threats on ML models.

Data poisoning is a type of adversarial attack in which a cybercriminal injects malicious data into a machine learning model. These attacks can be used to manipulate the results of a machine learning system, or to redirect the system’s resources away from its intended purpose.

Continue reading

Massive increase in cyber attacks in 2022

Universities, research centers, state and military services, hospitals, communication infrastructure and banks have received numerous cyberattacks in 2022; and the worst is yet to come.

It is estimated that more than 1.000 cyberattacks per organisation take place throughout the universe, which is 38% more than 2021. In Europe in particular, the average number of attacks per target reached 1.000, with an increase of 26% when compared to 2021. In a worse position one can find the Americans, as they faced an increase of 52%!

Continue reading

CriM -- Cyber Security Seminar and Workshops -- 2022

During November 2022 we held the Cyber Security Seminar and Workshops in Oulu, Finland. This four days event has been held since 1999 and brings together teachers, researchers, experts, and students of cybersecurity: https://www.oulu.fi/en/crim.

CriM had twelve talks before lunch and three exercises in the afternoon, covering topics from incidence response to password handling. We were especially glad to hear a talk from Bart Preneel, Europe’s most pronounced cryptography expert, who reminded us at the end of his presentation to a quote from Immanuel Kant “Optimism is a moral duty”.

Continue reading

Cybersecurity For Public Utilities Solutions III

Failing to understand the gravity of the potential effects of a power grid attack leaves municipal utility companies unprepared to enact the necessary cybersecurity counter-measures necessary to prevent or, at least, mitigate attacks. As Miller [1], points out, local governments could benefit from the information that would lead to the early prevention of cyberattacks. Unfortunately, the information is often hidden or never revealed. Although municipalities are obliged to report attacks in a timely fashion, they often avoid reporting attacks to maintain credibility. Nor do they necessarily see sharing of information about attacks as useful.

Continue reading