What is CInet?
Critical Infrastructure owners and operators lack a secure means to communicate with each other and with the government in the event that public networks are under threat, disrupted, or cannot be trusted. The Global Resilience Institute has proposed the creation of a Critical Infrastructure Network (CInet) to provide a separate, secure communications network for critical infrastructure owners and operators.
CInet would allow the government to share classified threat intelligence with approved partners in the private sector. It could also be used to move operational communications off the public Internet and to restore communications in the event of a widespread Internet outage. Working with partners in the private sector, the Federal government, and state and local agencies, GRI is engaging in a feasibility study in the metro Boston Area and has begun preliminary technical design work.
Questions? Comments? Email Nathaniel Toll: email@example.com
Using Shodan as a tool to find vulnerable devices | GRI Blog
In the last blog post, we looked at the case study of the Kemrui Water company as outlined by the Verizon Data Breach Report which underscored potential consequences of having industrial control systems connected to the public internet. This post will go a little bit deeper and look at the ease in which a device similar to those that were probably in use at the water company and connected to the public internet can be found and potentially exploited. For this process I used the tool ‘Shodan’. Shodan is essentially a search engine for internet connected devices. It ‘crawls’ the internet, sending out connection requests and recording the public results, which include banner information, open ports, and running services. There have been numerous articles and blogs that highlight how Shodan has been used to find internet of things devices such as webcameras, license plate readers, programmable logic controllers (PLC), even ships using satellite antennas and botnet command and control servers.
Making our infrastructure more resilient to cyber-attacks | GRI Blog
As we develop the concept of CINET, one of our main challenges is to illustrate how separation of control networks from the public Internet and the existence of a dedicated channel for information sharing could help make our infrastructure more resilient to cyber-attacks. There are only a few public cases of disruptive or disruptive cyber attacks targeting critical infrastructure. At this point, Stuxnet and the Ukraine power grid attacks have been beaten to death. In a series of posts, we are going to review a few less well-known ones. For those readers who treat the Verizon Data Breach Incident Report as the Bible of cybersecurity, this case study will be familiar. For the rest of you, here is a brief recap.
Now are we ready to talk about CINET? | GRI Blog
On Wednesday I testified before the U.S. House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection about information sharing. U.S. Rep John Ratcliffe (R-TX), chairman of the subcommittee, and Congressman Jim Langevin (D-RI), ranking member, were particularly interested in what more needs to be done in the two years since Congress passed the Cybersecurity Act of 2015. That act eliminated many of the excuses for why companies don’t share cybersecurity information. It also directed the Department of Homeland Security and other agencies to develop the means to share classified information with private companies.
GRI senior research scientist testifies before U.S. House of Representatives subcommittee on cyber threat information sharing
On Wednesday, November 15 the U.S. House of Representatives subcommittee on Cybersecurity and Infrastructure Protection, of the Committee on Homeland Security, will hold a hearing to discuss how DHS can maximize cyber threat information, and determine the most effective partnerships for sharing cyber threat information, including with the private sector. Four witnesses, all from outside the government, will testify as part of this hearing.
To replace SSN with something more resilient, model it on the internet | GRI Blog
Rob Joyce wants to get rid of the social security number. “Every time we use the Social Security number you put it at risk,” Joyce, the White House Cyber Coordinator told Washington Post Live recently. Joyce’s comments have led to no small amount of day dreaming by the technical community on the possibility of using a “modern cryptographic identifier” or (drum roll please) block chain. That’s all well and good. But the challenges with replacing the social security number as an identifier (with something more secure), aren’t technical -- they are everything else. And as Steve Bellovin points out, it would be really, really hard.
What is ‘cyber resilience’ — and how is it useful? | GRI Blog
Cyber Resilience. It’s the latest craze in the field. But what does it mean? And more importantly, is it a useful concept? It may seem like a strange question to ask for my first blog post at the Global Resilience Institute but I have found that agreeing on definitions and frameworks is an important though often overlooked step in the field (anyone who disagrees should google “active defense” to see why).