- Jersey Cyber Security Centre Newsletter
- Archive
- Page 2
Archive
CERT.JE - What are you unwrapping this Christmas?
Dear all,At CERT.JE we’ve been putting a lot of effort into security this year – yours as well as ours. After all, we don’t want cyber criminals breaking in to our computers this Christmas and leaving unwelcome gifts of viruses, worms or ransomware.Other gifts of course can be warmly welcomed, but if you unwrap a new phone, laptop, or connected device this Christmas please bear in mind that whilst these can be wonderful tools (or toys!) they are not free of risk, and taking some basic steps can protect you and your family. So as our gift to you, we’re sending you our very own digital Christmas cards – 10 tops tips for a safe and secure Christmas, shared via social media between now and the end of December. Follow CERT.JE on LinkedIn, Twitter, Facebook or Instagram to unwrap them.On a personal level, my family life as well as my professional life over the last year have been very much affected by Russia’s war in Ukraine. This final newsletter of the 2022 is therefore dedicated to those whose most basic security has been taken away, and who have nonetheless proven their personal resilience in the most trying of times. Please do consider supporting them at Side By Side, Jersey | Bailiff's Ukraine Appeal.We move into 2023 with a much stronger cyber capability in Jersey. During Cyber Security Awareness Month we welcomed to CERT.JE Paul Dutot as Head of Cyber Defence, James McLaren as Senior Analyst and Morgan Franklin our Digital Apprentice.We still have a long way to go, and next year will for us be a year of action. I will be hoping it is less eventful - but whatever the world throws at us, this year has shown that we can rise to the challenge and deliver together as one island, and with the support of our partners both locally and internationally.Thank you to everyone who has helped us on this journey so far – we look forward to working with you all in the new year and beyond.Regards,Matt
CERT.JE - Cyber Security Awareness Month was a success!
Dear all,Wow that was a busy month! One event every 48 hours overall and fantastic feedback. I could spend the whole of this update talking about that – but we have news to share!We have completed the hiring of our technical team to provide a capability to prepare, protect and defend Jersey from a cyber attack. We had a huge number of amazing applications and thank you to everyone who applied.Paul Dutot, formerly of Defence Logic and Ports of Jersey, joins as the Head of Jersey Cyber Defence. James McLaren takes up the position of Cyber Security Senior Analyst after working at Logicalis and GCHQ. Morgan Franklin becomes CERT.JE's first-ever cyber apprentice.For Morgan, technology was always a big part of her life growing up. Focusing on IT and computing in school and maintaining that interest during early career opportunities enabled a passion for cyber security to flourish. Alongside working and her on-the-job development, Morgan is studying part-time towards a BSc in Digital & Technology Solutions (Cyber Security) from the University of Exeter, as well as a relevant professional qualification.James McLaren came to Jersey having worked nearly 20 years in the UK's intelligence, security and cyber agency, GCHQ, in Cheltenham, devising their first Internet security training course in 2001. He joins CERT.JE after eight years working for the managed security provider Logicalis, specialising in SIEM and security consultancy.Paul Dutot joins CERT.JE from being Chief Technology Officer at Defence Logic Limited. He previously managed the global provision of security services to a diverse range of clients including all forms of penetration testing, SIEM solutions and cyber security consultancy or governance services. Additionally, Paul developed custom SIEM implementations and response procedures to protect global clients from cyber security incidents. Over the last 12 months we have been working hard to lay the groundwork for CERT.JE, culminating in in a very successful Cyber Security Awareness Month in October. However, to deliver a lean and effective cyber emergency service that meets local needs, we need the right balance of skills and experience across a small team. With Paul, James and Morgan we now have the core capability to support local organisations and islanders in the event of a cyber attack. I am delighted to welcome them to the team, and look forward to working with them to deliver a secure and resilient island supported by a capable cyber defence.Regards,Matt
CERT.JE - Welcome to Cyber Security Awareness Month
Dear all,I’ll keep it short this month because I’ll see you all this Tuesday, October 4th, at the Channel Islands Cyber Security Conference.If you’re not yet going, now is the time to register for this and our other Cyber Security Awareness Month Events.Sign up here: http://cert.je/eventsSee you there!Regards,MattPS. Best be quick as there’s not long to go now!PPS. Great local cyber jobs below as usual :-)
CERT.JE - It’s a not a worst case scenario, it’s a realistic one.
Dear all,Laying the right foundationsRunning a CERT comes with a lot of complexities beyond the technical, from having the right mandate and authority to work with other governments and public bodies, to dealing with data protection, freedom of information and computer misuse legislation alongside national security requirements. Getting the foundations right is essential, and over the last 12 months we’ve been working closely with the Government of Jersey to define the right direction of travel. We don’t want to be reinventing the wheel or duplicating costs, but we do need the right degree of independence to deliver our mandate. Together we’ve found a good way forward that balances the two and learns from successful CERT’s around the world. This will require legislation, and therefore will be subject to consultation. It’s not the quickest route, but it is the right one. Once we get there we will be will able to fully deliver against our mandate to prepare, protect and defend Jersey from cyber threats.CERT RecruitmentWe made progress last week hiring for our Head of Cyber Defence, Senior Analyst and Apprentice and look forward to announcing these appointments soon. We’re enormously grateful to our candidates who put themselves forward. There was some wonderful talent on display who willingly put themselves through a practical cyber incident triage exercise, technical questions and a panel interview. Unfortunately we just can’t offer a role to everyone, no matter how much we’d like to. However we do want everyone seeking a career in cyber security in Jersey to find a role they will excel in and enjoy. A strong industry with good opportunities for local candidates makes all of us stronger. We are offering all those who applied 1:1 feedback and (should they want it) advice. If you are hiring, please tell us at [email protected] and we will include your role in our newsletter.Regards,Matt
CERT.JE - Neart Le Chéile: Strength Together
Dear all, I am just back from Dublin after 6 intense days of learning from some of the best brains in cyber and incident response at FIRSTCON22. 1,000 attendees from national and corporate cyber defence teams, with a series of hands-on workshops and presentations from both real world experience and original research.Some of the topics are confidential, but I’ll look to share some of what I’ve learned and how we will be applying it over the coming weeks.I met many other CERTs / CSIRTs from countries around the world who we will work with as we develop CERT.JE.Other countries are at different stages on the same journey, so lots of good practice to learn from that will help us on ours.The theme of the conference gives us the key to developing cyber in Jersey -"Strength Together", or in Irish "Neart Le Chéile".We don’t need to reinvent the wheel on the services we provide, and we don’t need to do what the U.K. or others will do on our behalf. We just need to apply lessons learned by others to deliver the right capability to meet Jersey's needs, and of course be willing to share and help others along the way.Regards,Matt
CERT.JE - It's time to step up
Dear all, Not only have reconnaissance attacks on Jersey increases following Russia’s invasion of Ukraine, but we see real evidence on a daily basis of the impact of cyber attacks on local organisations.Were you the company whose compromised computer was part of a botnet launching international attacks from Jersey last week? Was the denial of service attack we saw yesterday, yours? Was it you whose email account was compromised - because it didn’t use two factor authentication and cyber criminals found information on social media to guess your password? And did your company figure out that’s how they got in to the client portal, too? When you approved that controls exception last week, did the international cybercrime network kindly agree to leave it alone – or whilst you stood guard over the front door, did they find the window you left open and climb through?We may be an island, but cyber is a global threat. It does not respect borders or barriers. It respects only engaged people, strong business processes, and good technology controls. It's time for Jersey to step up - we have work to do.If you’d like to be part of this effort, there’s a lot you can do in your organisation, in your home, and in your community. CERT.JE are working with a number of bodies across the island to bring together our first Cyber Security Awareness Month in October, and we look forward to telling you more soon. In the meantime, every organisation can sign up for NCSC’s Active Cyber Defence Early Warning System to be notified of known vulnerabilities and compromises in your network so you can respond when they occur.Last week I spoke at a Chamber of Commerce event, where a speaker described cyber security as a ‘young man’s game’. Unfortunately he had a point: cyber as a profession is predominantly male and not sufficiently diverse, and that’s something we need to address. The number of cyber roles globally is projected to increase by a third over the next 5 years, and to have an effective workforce we need welcome all talents and skills. After all, hackers don’t care how you dress, how your brain works, how you identify, what your gender is, how old you are, or what you did before. And nor should we.With that in mind I’m particularly pleased to be advertising a Cyber Defence Apprenticeship for the first time in Jersey. We can all do our bit to bring more people into the profession, and to support islanders to develop their skills. This role provides the opportunity to work whilst studying for a degree from a top UK university. It’s a remarkable opportunity, and it’s open to everyone who meets the academic criteria (those have flexibility too). Prior experience is purely optional - selection is on capability and commitment, not what you have done before. School leavers are welcome to apply, as are those from other fields. Application is as simple as sending your CV. For information on this role, as well as two other crucial roles we’re hiring at Manager and Senior level, see the jobs section below or click here for details.Regards,Matt
CERT.JE - It's all about people
Dear all, Human actions are behind every security threat we face, and human action is also our first defence - it takes an island to secure an island.This month has been busy with meetings to develop collaboration and information sharing with organisations including Jersey Business, Bureau des Îles Anglo-Normandes, UK's NCSC, and our colleagues in Guernsey and the Isle of Man. In addition we held an informative and well attended round table discussion with local cyber security suppliers, looking at issues including Cyber Essentials, skills, and readiness.We have also begun recruitment for a new role as part of the new digital apprentice scheme initiative by the Government of Jersey – this is a great opportunity for a local person to join us and to help defend the island from cyber threats whist gaining a top degree in cyber security. Combining practical delivery with academic study, this is suitable for anyone seeking a career in cyber security regardless of their age, experience or professional background.Cyber security should be inclusive and open to everyone, and we’re aiming to do our part to make sure all islanders have these opportunities. Please share and apply via the links below.We have also progressed our response to the situation in Ukraine. This continues to evolve rapidly, and organisations should act now to ensure they are protected should these threats move westwards. Simple steps include introducing multi-factor authentication (both at work and at home), rapid and comprehensive patching (small biz? Turn on auto update), and registering for the NCSC’s free Early Warning System to get alerts if your organisation's systems are believed to be compromised. There's a role for everyone to play at home too - ensure your devices are set to auto update, be careful where you click, and be sure to turn on multi-factor authentication for all your email and social media accounts.Spoofed (fake) emails are increasingly common and we can all take simple steps to protect each other, so we are highlighting a useful tool below for organisations to check and improve their email security.We're also commencing planning for cyber security awareness month in October, alongside a number of local partners. Watch this space to find out what will be happening locally to help you at home and at work with your cyber security, and if you'd like to contribute please let us know.Regards,Matt
Cyber Security Update from CERT.JE - Issue #2
Dear all – newsletter no.2! Some weekend reading for you. The cyber security risk of many jurisdictions - including Jersey - has been raised by the invasion of Ukraine. The inclusion of Jersey in Russia’s list of unfriendly nations, due to the implementation of sanctions has also heightened interest by hackers and carries the risk of a nation state response. Russia has a mature offensive cyber capability and has previously shown a willingness to use it. A series of cyber attacks have now been carried out against Ukraine and other targets. Previous attacks against Ukraine, such as the NotPetya malware in 2017, have had a global impact compromising both companies and public services.What actions are we taking?CERT has led the Island’s first C-TAC (Cyber Technical Advisory Cell), following the invasion, and is coordinating response to the raised cyber risk impacting the Island as part of wider emergency planning structures. C-TAC is a multi-agency group with representatives across government and industry. Actions already taken have included issuing controls guidance to industry, awareness raising via local media, webinars and briefings, and updating island risk assessments to ensure appropriate response plans are in place. The continuing development of CERT’s capabilities over 2022 will provide further support. We continue to monitor key threat indicators both directly and via local and international partners, and encourage local organisations to report significant increases in malicious activity. Nevertheless, every organisation is responsible for their own controls – now is a good time to consider what more you can do!Where are the cyber attacks?Whilst there is some evidence of increased interest in Jersey by hacker groups this has not as yet translated into a higher level of attacks. This has surprised many commentators who expected immediate widespread cyber activity, but cyber attacks take time and effort to undertake successfully and those we see in practice are likely to be more targeted. Current advice from the UK’s NCSC remains that the threat level is raised and actions should be taken to improve controls. President Biden has commented that US intelligence believes the Russian Government is exploring options for potential cyber attacks. The situation remains highly volatile and can change at short notice.This is not the moment to stand down – it is the moment to get ready. This is a long term challenge and it is expected that the ongoing raised cyber risk resulting from this conflict – and the increased adoption of offensive cyber techniques by nation states and organised crime, combined with the high degree of dependence on IT by financial services firms, public services and the digital economy – will continue to require a heightened response.What should I do?If you are not sure where to start, implementing the NCSC’s Early Warning System (see below) provides an immediate practical benefit, as does implementing multi-factor authentication throughout your organisation, and patching vulnerabilities quickly and consistently.Regards, Matt
Invasion of Ukraine - Raised Cyber Threat
I had not expected our first newsletter to be on so serious a topic. However, current geopolitical events do raise the threat profile of most countries and organisations in a material way.To the surprise of many analysts, cyber activities have played a relatively small role in this conflict to date despite at least four rounds of attacks involving several different techniques. This may of course change, and nation state actors are not the only players. As I write, I am tracking 16 different threat actors engaged in cyber action in response to Russia's invasion of Ukraine. This includes groups such as Conti, who have (with some disagreement amongst themselves) decided to support Russia, others such as Anonymous who have decided to operate in support of Ukraine, and others simply looking to take advantage of the distraction. The only certainly is that malicious cyber activity - both criminal and activist driven - is likely to increase and be sustained, and that carries a risk of collateral damage even to countries and organisations that are not targeted. Economic pressures may further increase this. We can expect an increased threat level to persist for some time.Some may know I have a personal interest in this particular conflict. That does not affect our advice, which relates purely to the practical impact on cyber threats to the Island and what actions should be taken to address this. However, I visited St Helier Parish Hall this afternoon and spoke with the Polish Consul who was organising collections for those who have left their homes to seek safety. Should you wish to contribute to these humanitarian efforts donations of goods are being welcomed, and a vigil has been organised by the Bailiff at 6pm on Friday. Of course if you would like to discuss the cybersecurity advice in our notice below, you will find me there.Regards,Matt