IoT Insider | Monthly Newsletter

Welcome to the May 2024 edition of?IoT Insider, your go-to source for the latest news and trends in the world of Internet of Things. In this edition, we bring you a curated selection of news and regulations to keep you informed and empowered in the digital age.

1.??? Cyber Threats on the Rise | Protect Your Digital Fortress!

As technology advances, so do the risks. We highlight the latest cyber threats making headlines, from sophisticated ransomware attacks to data breaches affecting millions.

Universities and schools under attack:

• Sweden | Ume? universitet
• Canada | Joliette, Québec and Collège Ahuntsic - Montreal, Québec
• USA | Concord, Massachusetts Concord-Carlisle Regional School District?
• Italy | Universita di Siena, Sienna, Tuscany
• Hong Kong | Art school, Hong Kong Institute of Contemporary Culture School of Creativity (HKICC)
• France | école de commerce du sport (CNPC)?

Airports under attack:

• Germany | Hamburg. Cyber incident at airport in Germany. Hamburg Airport was able to fend off a cyber attack on Sunday; the hackers only stole data from an external IT system. The pro-Russian hacker group Just Evil/Kill Milk claims to have gained access to certain parts of the secured airport area in a cyber attack on Hamburg Airport on Whit Sunday. As evidence, the group posted?numerous pictures of their "loot"?on their Telegram channel,?among other things .?These included screenshots of some kind of control panel and images from surveillance cameras at the airport. The hackers also cryptically stated the results of their attack in a list.
• USA | Wichita, Kansas. On Sunday May 5, Wichita Dwight D. Eisenhower National Airport posted on social media, saying: "We are experiencing technical difficulties that are affecting our Wi-Fi and our Arrivals/Departures updates. We are working on it. We’ll update you when it is resolved. Sorry for the inconvenience." The City says they are not naming the group claiming responsibility for this due to "operational security purposes."
• France | Aéroport de Pau. The airport and the business school victims of a cyberattack. Activities are not stopped but simply in degraded mode. There is no hassle on flights at the airport. The same goes for the business school, where classes take place but without some digital tools. According to our information, it could be ransomware, malicious computer software or virus which blocks access to the computer or its files and which demands from the victim the payment of a ransom for gain access again.

Military under attack:

• UK | MoD data breach: State involvement cannot be ruled out in armed forces hack. Grant Shapps told MPs the government had reason to believe the hack "was the suspected work of a malign actor" - and the BBC understands that ministers suspect China was responsible. The system used by the Ministry of Defence (MoD) includes names and bank details of armed forces personnel.

Healthcare under attack:

• US | Hospitals across US disrupted after cyberattack targets healthcare titan Ascencion

City governments under attack:

• Belgium | Brussels was affected by an cyber attack. Recently, one of the suppliers of the City of Brussels was hit by a cyber attack, which leaked personal data related to identification details. This data could then be made public and used illegally.

Other attacks, hacks and breaches:

• Europol confirms web portal breach, says no operational data stolen. Europol, the European Union's law enforcement agency, confirmed that its?Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole?For Official Use Only (FOUO) documents containing classified data.
• Christie's takes website offline after cyberattack, delays live auction
• Streaming giant Roku faced a second data breach so far this year. In the first data breach, which Roku?acknowledged?on March 8, attackers compromised more than 15,000 user accounts. The company stated that the breach was the result of a?credential stuffing?attack, also known as a password reuse attack. In other words, hackers tried username-and-password combinations that had leaked in past data breaches. Roku?stated?on April 12 that hackers had accessed roughly 576,000 additional accounts in a second incident.
• Cybersecurity breach at the American branch of a Finnish household products company. Fiskars Group subject to a cyber security incident in the U.S. – operations not affected. Fiskars Group has been subject to a cyber security incident which has impacted a small number of the company’s systems in the U.S. The company’s operations have not been affected, and its business continues to operate as usual.
• Researchers have discovered 11 security vulnerabilities in GE HealthCare's Vivid Ultrasound family of products, as well as two related software programs. However, thanks to an old bug in the system researchers were able to bypass the GUI to reach into the PC and obtain administrative privileges. Then, using CVE-2024-1628, an 8.4-severity command injection issue in Common Service Desktop, they were able to perform arbitrary code execution, dropping ransomware that froze the machine. Exploiting EchoPAC proved even simpler, provided the program's "Share" feature was enabled. With a connection to a doctor's workstation, an attacker can abuse hardcoded credentials CVE-2024-27107, critical 9.6 CVSS to access its live database server instance. There, they can read, edit, and steal patient data.
• D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day. A vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.
• Researchers from Kaspersky ICS CERT?discovered critical vulnerabilities in Cinterion cellular modems, presenting a significant threat to industrial devices. These flaws allow remote unauthorized attackers to execute arbitrary code. The modems are crucial for global connectivity infrastructure and are widely deployed in millions of devices across various sectors. The vulnerabilities include issues like?remote code execution?and unauthorized privilege escalation, posing risks to communication networks and IoT devices in industrial, healthcare, automotive, financial, and telecommunications sectors.
• Volkswagen Cyberattack Linked to Chinese Hackers. Journalists reviewed internal documents which revealed that for 5 years, malicious actors were breaching Volkswagen’s systems. The primary focus of these attacks was on the company’s intellectual property. Those are: EV technologies, development in gasoline engines, transmission development, and research into dual-clutch transmissions.
• Cyber attack on Wehrle partially paralyzes Emmendinger plant manufacturer

2.??? Global Cybersecurity Regulations | Navigating the Compliance Maze

Governments worldwide are tightening their grip on cybersecurity regulations. Stay updated on the latest compliance requirements, privacy laws, and data protection regulations that can impact businesses and individuals alike. We decode complex jargon and provide practical insights to help you navigate the compliance maze effortlessly.

• CISA Announces Malware Next-Gen Analysis. Malware Next-Gen, allows any organization to submit malware samples and other suspicious artifacts for analysis
• MITRE releases EMB3D cybersecurity threat model for embedded devices to boost critical infrastructure security
• In the EU, the council gives final green light for first worldwide rules on AI with Artificial intelligence (AI) act
• IACS Unified Requirements (UR) becomes mandatory?for ships and offshore installations contracted for construction on or after 1 July 2024
• Quebec's Regulation on Anonymization of Personal Information was adopted on May 15, 2024 and will come into force on May 30, 2024
• In the US, the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was passed in March 2022
• In the US the new FTC data breach reporting rules took effect on May 13, 2024

3. Industry Spotlight | Cutting-Edge Innovations in Cyber Defense

Discover groundbreaking advancements and innovative technologies in the world of cyber defense. From artificial intelligence and machine learning to blockchain and quantum computing, we explore how these game-changing technologies are revolutionizing the fight against cyber threats. Get inspired by success stories and learn how to implement these solutions in your own digital ecosystem.?

Industrial DataOps

The market for Industrial DataOps Platforms focuses on cutting-edge technologies and platforms tailored for DataOps (Data Operations) in industrial environments. DataOps encompasses the creation and implementation of practices, processes, and technologies that enable the integration, automation, and coordination of data throughout different phases of its lifecycle. Combined with human expertise and advanced technology, data can be turned into a strategic asset. This strategic data can be used for optimizing data workflows, upholding data integrity and facilitating analytics. These systems are vital in sectors like manufacturing, energy and logistics, where adept data handling is crucial for streamlining operations, minimizing idle periods and boosting productivity as a whole.

Industrial data can be simplified in three parts:

1. Data break down (IT, OT and engineering data)
2. Data organization and combination (easy to understand and to profile)
3. Data value using AI (providing visibility and insights)

Here is a great article of John Harrington , ?discussing 3 practical use cases for Industrial DataOps.

4. Expert Interviews | Insights from Cybersecurity Gurus

Gain exclusive access to interviews with industry experts, thought leaders, and cybersecurity gurus. Uncover their strategies, predictions, and best practices to protect yourself, your organization, and your loved ones from the ever-evolving cyber landscape. Stay updated on emerging trends, emerging threats, and expert tips to stay cyber resilient.

Tom WHITE hosts awesome podcasts about IoT! You can find more here. Tip: Listen to S5 E05, How is the EU Cyber Resilience Act Raising the Bar for IoT Security with Shahram Mossayebi, Ph.D.

5. Cybersecurity Awareness Corner | Empowering You with Knowledge

Knowledge is power! Our cybersecurity awareness corner equips you with practical tips, best practices, and actionable advice to enhance your online safety. Learn how to spot phishing attempts, secure your passwords, protect your personal information, and stay safe in the digital world. Be the cybersecurity champion your friends envy!

Coursera?is offering a free course of University of Colorado – Boulder, M2M & IoT Interface Design & Protocols for Embedded Systems. You will get familiar with M2M (Machine-2-Machine) and IoT, key elements of cloud support for IoT, the architecture and more!

We hope you find this edition of The IoT Insider both informative and engaging. Stay tuned for more exciting updates in the next edition, where we'll dive deeper into the world of cybersecurity. Remember, vigilance and knowledge are key to staying safe in our interconnected world.

Stay secure, stay informed, and stay one step ahead! ?

?