Reposted from Apple

See Original Post

Reposted from EMR-ISAC

Law enforcement agencies across four states were left scrambling following reports of major 911 outages that saw millions unable to contact authorities late Wednesday, April 17. Many of the outages — reported in Nebraska, Nevada, South Dakota and Texas — were restored by the late evening. So far, there's no indication that the 911 outages overnight were caused by a cyberattack or other malicious act, law enforcement officials told NBC News on Thursday.

See Original Post

Reposted from EMR-ISAC

The National Security Agency (NSA) is releasing a Cybersecurity Information Sheet (CSI) on Monday, April 15, Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems. The CSI is intended to support National Security System owners and Defense Industrial Base companies that will be deploying and operating AI systems designed and developed by an external entity.

The CSI is the first release from NSA’s Artificial Intelligence Security Center (AISC), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre (NCSC-NZ), and United Kingdom National Cyber Security Centre (NCSC-UK).

While intended for national security purposes, the guidance has application for anyone bringing AI capabilities into a managed environment, especially those in high-threat, high-value environments.

See Original Post

Reposted from EMR_ISAC

On April 16, the Department of Homeland Security (DHS) announced more than $1.8 billion in funding for eight fiscal year (FY) 2024 preparedness grant programs. These grant programs provide critical funding to help state, local, tribal and territorial (SLTT) officials prepare for, prevent, protect against and respond to acts of terrorism and disasters.

DHS continues to emphasize six national priority areas in the FY 2024 grant cycle: cybersecurity; soft targets and crowded places; intelligence and information sharing; domestic violent extremism; community preparedness and resilience; and election security.

See Original Post

Reposted from The Guardian

Firefighters at Copenhagen’s historic former stock exchange have been battling a huge blaze that has engulfed the 17th-century building’s roof, toppled its distinctive spire and threatened one of Denmark’s most valuable art collections.
“We are witnessing a terrible spectacle. The Bourse is on fire,” the Chamber of Commerce, which occupies the building next to Christiansborg Palace, the seat of the Danish parliament, wrote on X. “Everyone is asked to stay away.”
Dramatic footage showed huge plumes of black smoke rising from the Dutch Renaissance-style building, which was undergoing renovation and clad in scaffolding. Police said they had blocked off a main road and part of the city centre.
Copenhagen’s fire service said the blaze was reported at 7.30am. The extensive scaffolding around the building was making it significantly harder to tackle the flames, it said, while the Bourse’s copper roof was trapping the heat.
“The extinguishing work is very difficult,” said a fire service spokesperson, Jakob Vedsted Andersen, adding that there were substantial areas of the building that firefighters could not yet access because it was too dangerous.
Parts of the roof had collapsed and the fire had spread to several floors, Vedsted said. About 120 people were fighting the fire but only about 40% of it was under control and the operation was expected to continue for at least 24 hours, he said.
About 90 conscripts from the Royal Life Guards, an army unit, were also helping to cordon off the site and secure valuables inside, local media reported.
The Bourse, commissioned by King Christian IV and built between 1619 and 1640, was topped by a 56-metre (184ft) spire in the shape of the tails of four dragons entwined. The building housed Denmark’s stock exchange until 1974.
The dragons on the roof were seen as symbolically protecting the exchange from enemies, as well as from fire, the Chamber of Commerce said on its website. The spire also had three crowns at the top, symbolising the kingdoms of Denmark, Norway and Sweden.
Ulla Kjaer, a senior researcher at the National Museum of Denmark, described the spire as “absolutely iconic”, adding: “There is no other like it in the world.”
King Frederik said Denmark’s royal family “woke up to the sad sight” of “part of our architectural heritage” being destroyed, while the prime minister, Mette Frederiksen, said “irreplaceable cultural heritage” and “a piece of Danish history” was on fire.
The deputy prime minister, Troels Lund Poulsen, described the blaze as “our own Notre-Dame moment”, referring to the devastating blaze that destroyed the roof and spire of the medieval Paris cathedral in April 2019, five years ago almost to the day.
Denmark’s culture minister, Jakob Engel-Schmidt, said on X that 400 years of Danish cultural heritage were in flames. It was “touching to see Bourse staff, emergency services and passing Copenhageners … saving art treasures”, he said.
People were seen rushing in and out of the building carrying works of art to safety, and Danish media reported an annexe of the parliament and several ministries nearby, including the finance ministry, had been evacuated.
The head of the Chamber of Commerce was among those helping to save historic paintings from the building. The pictures were carried to the nearby parliament and the Danish National Archives, which sent 25 staff to help with the rescue operation.
“We have been able to rescue a lot,” a visibly moved Brian Mikkelsen told reporters, adding that many works had already been removed from the Bourse for the extensive renovation. The blaze was nonetheless “a national disaster”, he said.
The Bourse holds one of the country’s most valuable collections of art, including the iconic From the Copenhagen Stock Exchange, by the 19th-century Danish-Norwegian artist Peder Severin Krøyer, which was carried to safety by eight people.
Finished in 1895, the painting shows a large group of men in coat-tails standing in the exchange hall. It was paid for by the people portrayed, with those in the front having paid 550 Danish kroner to be the most visible, and cheaper rates for those at the back.
Kasper Nielsen, of the auction house Bruun Rasmussen, told local media that Krøyer’s picture was worth millions of kroner, adding: “If, God forbid, the entire Stock Exchange burns down, we are looking at the loss of top-end, inalienable cultural heritage.”
Christiansborg Palace has burned down several times. Most recently, a fire broke out in an annexe of the parliament known as Proviantgården in 1990. Police asked people to avoid the inner part of the city.
Tommy Laursen, of the Copenhagen police, said it was too early to say what caused the Bourse fire and police would not be able to enter the building for “a few days”.
French investigators believe the massive blaze at Notre-Dame – which was also undergoing major renovation at the time – was caused by either a cigarette end or an electrical short circuit.
Most of the cathedral’s lead-clad timber roof was destroyed but the vaulted stone ceiling prevented massive interior damage and allowed priceless relics and artwork to be rescued. Notre-Dame is due to reopen in December.

See Original Post

Reposted from National Trust for Historic Preservation

Reposted from Newswire

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA) is hosting its ninth iteration of the Cyber Storm (CS IX) Cyber Exercise. It’s the nation’s largest cyber exercise designed to improve the cybersecurity posture of our nation’s critical infrastructure. Through extensive planning, this exercise strengthened cybersecurity preparedness and response capabilities through exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure.   CS IX Cyber Exercise generates lessons learned from previous exercises and real-world incidents and presented participants with a challenging scenario to evaluate their incident response capabilities. CISA is hosting more than 2,000 players from all levels of government, the private sector, and international partners. Participants are using this unique opportunity to work together in their response to a simulated national-level cyber incident, improving coordination mechanisms and relationships.  CISA will publish a blog with additional details and results from this Cyber Storm after the event.

See Original Post

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency, in partnership with National Security Agency, Federal Bureau of Investigation and international partners, released a Cybersecurity Information Sheet (CSI) today, “Deploying Artificial intelligence (AI) Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems.”   This guide provides best practices to secure the deployment environment, validate and protect the AI system, and secure AI operation and maintenance The three goals of this joint guide are:  

1.     Improve the confidentiality, integrity, and availability of AI systems;  

2.     Assure that known cybersecurity vulnerabilities in AI systems are appropriately mitigated; and 

3.     Provide methodologies and controls to protect, detect and respond to malicious activity against AI systems and related data and services. 

The CSI is intended to support organizations that will be deploying and operating AI systems designed and developed by an external entity. It builds upon the previously released joint Guidelines for Secure AI System Development and Engaging with Artificial Intelligence.

See Original Post

Reposted from CISA/DHS

This is DHS I&A’s first assessment of Domestic Violent Extremist threats to
US fiber optic cable lines. This assessment seeks to provide law enforcement and public safety partners with an overview of how DVEs could adopt tactics used by criminal actors to damage US critical infrastructure to further their ideological goals. Domestic Violent Extremists (DVEs) have increasingly discussed targeting
terrestrial fiber optic cables across the United States, raising the threat to
fiber-dependent infrastructure sectors. DVEs frequently discuss that fiber optic cables are a preferred target to disrupt critical infrastructure pursuant to their ideological goals of dismantling current societal structures. The spread of the COVID-19 virus prompted increased telework that has persisted, creating dependencies on fiber optic cable networks that were highlighted within information sharing platforms utilized by some Since 2020, DHS and open-source reporting have shown an uptick in DVEs across ideologies sharing simple tactics specifically related to fiber optic cables. In 2024, a blog utilized by some anarchist violent extremists used a military target assessment method to encourage attacking fiber optics as an “easy” target while referencing past attacks. In 2023, a channel frequently used by environmental violent extremists shared five issues of a magazine that critiqued the tactics used in successful previous attacks. In 2022, the Terrorgram Collective publication discussed tactics for targeting fiber cables, including the use of fifirearms, arson, and power tools.
Several discussions in recent years among users of an online forum
frequented by DVEs describe fiber optic cables as low-cost/high-reward targets to disrupt critical infrastructure. These users indicate a preference for fiber optic
cable cuts due to the perceived simplicity and ability to avoid law enforcement
interdiction. Fiber optic cable cuts often cause cascading effects on critical
infrastructure sectors, such as communications, and delay emergency services
from responding to incidents. Across the United States, fiber optic cable cuts have disrupted 911 services and forced police stations to redirect personnel to field emergency calls through non-emergency lines. Individuals from North Carolina, who intentionally cut fiber optic cables in Connecticut, disabled communications and internet-based financial services to thousands of homes and businesses for hours.
While DVEs have focused on opportunistic or simple attacks thus far,
online narratives about fiber optic vulnerability and increased information sharing could inspire DVEs to engage in larger-scale, pre-planned fiber attacks in the Homeland. Recent attacks in France and Germany that used multiple and coordinated cuts to fiber optics surrounding a target area resulted in blackouts and communications stoppages that strained emergency services’ responses. Information shared online about fiber optic systems and media coverage of attacks could inform DVE attack planning and operations. In February 2024, an online user claiming to be a former cable worker provided a detailed description of how a coordinated group of individuals could disrupt communications for an entire city. In 2023, online discussions, in response to news media coverage of recent attacks, dissected attacks in Sacramento, California, from 2014 and examined the nature of the successful attacks to develop methods for making future attacks more severe, indicating potential pre-planning by actors.  DVEs could also draw inspiration from European attacks that disrupted citywide telecommunications and transportation. Violent extremists in France caused massive disruptions to telecommunications by targeting primary fiber optic cables in several regions. In Germany, travelers were left stranded after actors cut fiber optic lines and caused hours-long train stoppages. Possible indicators of pre-operational planning for a large-scale
fiber optic attack include unauthorized surveillance around fiber optic sites,
particularly connection locations; signs of trespassing or digging around known
fiber connection locations; and successful small-scale fiber optic cuts.

See Original Post