Published on Defence Connect 17 Feb 2023 Opinion: Recent national concerns about the risk of installed Chinese-manufactured security cameras at sensitive government sites have exposed the tip of an iceberg, explains cyber security and IT industry veteran Nic Nuske. The ensuing political debate also repeated the mistaken belief that Australia has no manufacturing capacity that delivers quality surveillance with no risk to data. Let’s start with the government’s response of “remove the cameras” and “review their installation”. Removing Chinese-made cameras will eliminate manufactured threats in those devices. It is not going far enough, however, when it comes to addressing the cyber risks inherent to connecting any camera or device to the internet. Raising the profile of these serious threats to business and government warrants endorsement, first, to prevent declines in public confidence, and second, to encourage local solutions. Positive action to remediate or remove the cameras warrants applause. Replacing the cameras now is an important security action for Australia. However, for the purposes of long-term strategies, it is critical to understand that threats embedded at the time of manufacture are not the only risks to cameras and other devices exposed to the internet. For example, Chinese hackers exploit more zero-day threats in devices made outside China than any other group. Cyber security weaknesses inherent to machines plague device and equipment manufacturers and are being regularly exploited by bad actors. As we connect more and more devices to the internet in the name of productivity, efficiency, and mobility, we are witnessing an exponential increase in cyber threats and breaches that exploit device security irrelevant of the place of manufacture. It is well documented that many devices (machines and sensors) have little or insufficient security to protect against increasingly sophisticated crime.  The Office of the Australian Information Commissioner reported last year that there were 853 notifiable data breaches in 2021–22. Around 20 per cent of those were in health service providers, followed by finance, legal and accounting, education and Australian government agencies. The list shows that data breaches have become ever-present with some jaw-dropping losses of data. The Australian Cyber Security Centre’s latest threat report shows the centre received more than 76,000 cyber crime reports in the 2022 financial year, up 13 per cent on the previous year. That’s one attack every seven minutes, on average. The cost of dealing with cyber attacks, as Optus and Medibank have discovered, is huge. Video surveillance systems bring with them some extra challenges to cyber security including an additional layer of abstraction (the visual layer), however many of the cyber issues for machines are common to any device, machine, or sensor connecting with the internet. The possible risks embedded at the time of manufacture (intentional or not) can lead to and/or compound many other risks. The most common threats to devices exposed to online connections can be summarised as follows: Protection of passwords and credentials. Secure and timely updates and delivery of firmware and other patches to machines. Networks and protocols that don’t have robust, end-to-end hardware-based encryption. The use of mobile apps to access data and control devices. A lack of processing capacity in the device to perform effective encryption of communications. Emerging capability by organisations to identify and track all devices connected to their network impacting deployment and management of cyber security to all endpoints. When cameras and other devices, along with their control systems, connect to the internet, they become a “weak link” that can allow hackers to take control of the device and its functions and/or infiltrate an entire IT system.  Yet it is inevitable that cameras, surveillance systems, and other devices will be connected to the internet at some time. AI and BI will rely on data gathering and exchange to be effective. Cloud services are changing the economics and dynamics for IT and OT systems. One Australian company tackling these issues head-on is VeroGuard Systems, which has developed the world’s first identity and communications platform that utilises hardware security module (HSM) identity management and communications on open networks for any device or machine. The advanced, secure platform has been developed in Australia. Adding further to the company’s sovereign status is that it manufactures products at its Edinburgh, South Australia facility. One of the products, VeroMod, is an HSM that can connect with any camera, device, or machine. VeroMods, operating with the certified VeroGuard platform, provide any machine with an ultra-secure digital ID. The solution delivers military-grade protection of the ID and verified zero-trust access to or from the connected machine. VeroMod also takes on the cryptographic workload for devices communicating at “secret” and above levels. The company has also embedded an HSM into its Australian-built cameras. This eliminates any risks of breaches to the camera, its data, or systems, even when the connections are direct-to-the-internet. The company’s chairman and co-CEO, H Daniel Elbaum, says, “We have for the first time brought a technology to open networks that eliminates identity and security risks to any machine including surveillance systems”. The company’s VeroMod and cameras connect to the VeroGuard platform, which has been certified Common Criteria for access on open networks by the Australian Cyber Security Centre and is a global one-of-a-kind. Removing Chinese-made security cameras can eliminate their embedded threats, however, security vulnerabilities will continue to be uncovered in the peripheral connectivity, software VPNs, and even the devices themselves. These all represent significant attack surfaces for threat actors looking to exploit these systems and are urgently in need of actions to prevent the growing threats inherent to connecting machines to the internet. There is a solution, and it’s Australian made.

VeroGuard Chief Executive Nic Nuske interviewed on Sky News on April 27th 2024 says everyone is “being impacted” by “some sort of cybercrime”. “Either directly or someone they know,” Mr Nuske said. On average, one cybercrime is reported every six minutes, with ransomware and breaches causing billions of dollars in damages to the Australian economy. “The estimates that we have from the analysts are telling us that there’s almost $US8 trillion worth of economic impact from cybercrimes every year. That’s anticipated to grow to $US23.8 trillion by 2027.” Watch the full interview https://www.skynews.com.au/australia-news/crime/everyone-being-impacted-by-some-sort-of-cybercrime/video/94051b10ab15ded93771428ffe190dc0

Published on Asia Pacific Defence Reporter Among spiralling cost of living pressures, and the threat of kinetic warfare in our region, millions of us have already been impacted by a silent and insidious form of attack – cyber, according to leading cyber security solutions provider VeroGuard Systems. The unwavering onslaught to our personal privacy and information is unprecedented in its ferocity. Attacks on government agencies and businesses that we use every day, those that would do us harm know that data and online access is at the heart of our economic ecosystems. According to the Australian Signals Directorate, on average, one cybercrime is reported every six minutes – with ransomware and breaches causing billions of dollars damage to our economy every year. In recent months, we have witnessed severe disruptions to our national economy and significant risk posed to our privacy through cyber-attacks. We’ve heard of the high-profile attacks like DP World, Optus, Medibank, and Telstra – yet hundreds go unreported. Rogue nations, groups and individuals are intent on testing Australia’s defence capabilities, to cause widespread disruption, chaos, and economic devastation. Our critical infrastructure is constantly being probed, and so are we… every Australian is in the scope of hackers – both directly and through disruptions to the services we rely on. As threats become increasingly sophisticated – it is no longer adequate to just patch software, buy off the shelf detection software and switch on second factor authentication – we’re under attack, and an urgent uplift to our security infrastructure and standards are needed. A vulnerability to one is often a risk to us all. Government and industry leaders must urgently elevate our organisations cyber security postures to protect every Australian. Our organisations must lead in the requirement to adopt zero trust architecture if we are to become one of the world’s leading cyber countries by 2030. The consequences if we lag are dire – businesses will stumble and often fold, trust in government institutions will deteriorate, our personal security and wellbeing will be affected, our society will be compromised. The economic impact from cyber-crime is expected to increase almost 300% to US$23.8 trillion by 2027 representing about 28% of global GDP which is a direct loss of wealth, services, and investment for important projects. There are significant economic advantages that may stem from our AUKUS agreement with the United Kingdom and United States. As a key enabler for our Defence capabilities, Australia is preparing for an unprecedented sharing of technologies and knowledge between allied nations. For this to be a success, any transfer must be shielded by a high level of trust and confidence that Australians will be good custodians of this sensitive information. While we are firming up our standards across critical infrastructure like electricity, water, and telecommunications – we cannot shy away from the need to adopt higher standards across other recognised vulnerabilities, such as Defence’s supply chain partners – often made up of small businesses who lack the resources to protect themselves. “However more broadly, who is looking out for the millions of Australians who are currently exposed? Given what is at stake, the actions by government and large industry have been unable to stem the tide. Primarily focusing on detection and remediation initiatives that are designed to react rather than defend are proving to be inadequate. Equally changing habits and behaviors through education programs is worthwhile – but governments cannot outsource the problem to those that lack the knowledge and resources to solve the growing issue. A belief, that it is ok to compromise security for perceived convenience, is counter intuitive. There are few things more inconvenient than having to rebuild a person’s identity or try to run a hospital or airport without the systems on which we now depend. Governments must invest resources to roll out defence grade preventive mechanisms and build the cyber security infrastructures that underpin zero trust networks. Indeed, it is widely accepted that identity centric security is the bedrock to Zero Trust Architecture. It is important to acknowledge the release of the Australian Government’s Cyber Strategy, efforts to uplift critical infrastructure standards and progress coordinating a Country wide digital identity framework.  I also welcome the ambitious target to embed a zero-trust culture across the Australian Public Service to become a global cyber leader by 2030. It is also intended to achieve a consistency in cyber security standards across government, industry, and jurisdictions. I commend the Australian Government for taking the initial steps to strengthen legislation and mandate the reporting of incidents. The Strategy provides much needed focus on weaknesses, especially educating businesses on the inherent risks. However, to achieve the zero-trust outcome, urgency is required on implementing measures that deliver non-repudiable identity verification online for everyone and greater focus on standards to protect remote access and privileged access management. Simple actions now can lead to significant and enduring benefits across Australian communities, such as: Setting and policing rigorous cyber security standards across government and the private sector. Make these standards a pre-requisite for doing business with Government. Establishing a robust baseline for cyber security infrastructure that the whole country must comply with. Re-Focusing government grants and investments to incubation programs within Government agencies that focus on sovereign solutions to provide an overall uplift to Australian capability. I applaud the Albanese Government’s ambitious plan to boost domestic manufacturing and progress to a ‘Future Made in Australia Act.’ The immediate priority must be building sovereign capabilities that reinforce our national security including cyber-attack prevention. Preference must be given to innovative solutions made locally through pilot programs and meaningful contracts. This is a model that has worked with tangible results in Countries such as Estonia, France the United Kingdom, and United States. It’s clear that the government agencies tasked with protecting us are challenged by the increasingly sophisticated threat environment. Adversaries attacks are are buoyed by AI and the development of quantum technologies and an increasing intent to inflict damage on Australia’s economy and communities, we’re seeing the rate and sophistication of attacks continue to escalate and no sector is safe. The economics and current trends are irrefutable, so corporate and political decision makers must carry the responsibility to invest in areas that effectively do a better job of protecting Australians online and our future economic prosperity. Adopting Defence certified preventative solutions across the country is achievable and affordable. There are Australian owned and manufactured options – we should use them. If Australia is to achieve its ambition to be a cyber security world leader by 2030, it must move now to implement policy and funding changes that enable local capabilities to foster and transition away from legacy systems with improved confidence in the security of using the Cloud and connected networks. Until we do, cybercriminals will continue to view Australia as an attractive target, and why wouldn’t they when it continues to be a low cost and high pay off activity? Much smaller nations than Australia, have shown us how an efficient and targeted use of resources combined with the political will, can deliver effective uplifts to cyber security capability and solutions. Now is the time for our political and industry leaders to step up and use world leading Australian solutions to achieve their and everyone’s objective of being more secure online.

Provision of core transport infrastructure in major cities has evolved from simply building and maintaining roads into managing entire transport networks.  Major arterial roads incorporate significant public assets, such as tunnels, bridges and interchanges, which necessitate a need for control and oversight over an even broader range of assets to ensure traffic flow remains safe, reliable and efficient for all road users.  For any organisation to be able to provide this level of supervision of these networks, there must be a significant investment in technology and, toll collection aside, an immense network of devices, sensors, communications systems, signage and other equipment that is all linked back to central control rooms. The complexity of managing efficient traffic flow on a major road network, which can include bus lanes as well as cycling and walking paths, will continue to grow with the growth of the number of vehicles on the road as interactions, incidents, closures and major events can all impact use and flow.  Tools used by organisations to manage this include variable speed signs, lane management and incident recovery teams, all of which can be triggered remotely through decisions made via observing CCTV and other traffic flow data.  Further to the technology currently in use, the future prospect of connected autonomous vehicles (CAV’s) will see these vehicles interact with the infrastructure itself, with data on traffic flow and incidents being fed to the vehicles, as well as the possibility of telematics from the vehicles themselves being fed back to the road operator. Each and every one of these devices and communications systems is, therefore, a component of Critical Infrastructure (CI).  Any part of that CI being compromised, leading to roads being degraded or rendered unavailable for an extended period, could lead to massive disruptions and potential grid lock across cities. With every new device connecting to any system, the attack vector against the system from nefarious actors grows.  There are multiple reasons for the increased threats.  Firstly, the Operational Technology (OT) in use is not immune from the numerous cybersecurity issues plaguing these devices across manufacturing, energy and utilities.  Secondly, it is difficult to apply patches to equipment required for 24 hour operating environments, leading to the potential for exploits to remain unpatched for longer.  Thirdly, there is a significant a lack of available cybersecurity talent, especially those skilled across all of the IT, OT and IoT environments. In 2022 and 2023, we saw international cyber security agencies (including Australia) issuing multiple alerts about malicious Russian cyber operations and potential attacks on CI, the discovery of new OT specific malware, as well as the disclosure of a growing list of OT vulnerabilities. A different approach is required to combat these persistent and growing threats. VeroGuard System’s technology maintains network integrity for any devices when connected to open networks.  Providing un-phishable MFA for access to networks and devices and strong post quantum level data encryption for device communications, organisations can implement a certified virtual airgap between field asset and open internet connectivity.  The VeroGuard Platform is the only platform worldwide to have Common Criteria certification for access on open networks, meaning it has been verified by the Australian Cyber Security Centre (ACSC) for use in Defence and other government departments with high assurance requirements for online access. Background CI continues to face an expanding cyber threat landscape which presents a substantial challenge to operations.  Governments have mandated controls for cyber across the CI landscape and have continued to broaden the definitions of industries and systems included under the CI banner.  With several recent high-profile hacks on the sector, including the Colonial Pipeline in the US and, locally, Optus and DP World, CI operators should be continually evaluating their strategies and technology stacks used to prevent digital incursions. The ACSC recently released a report stating that “state-sponsored cyber groups and hackers have increased assaults on Australia's critical infrastructure …. adding that its new defence agreement with Britain and the U.S. had likely made it more of a target”.  While Australia is not alone in being targeted, our large land mass and distributed workforce makes a strong case for removing airgap controls and enabling remote access – potentially opening the door for malicious actors. Complicating matters further, “insecurity by design” remains very relevant in OT and IoT systems, which is why a shift in security infrastructure to account for open network connectivity and all the variables it presents is so necessary.  Insecure by design vulnerabilities abound, as evidenced by a recent investigation by Vedere Labs which found 56 vulnerabilities affecting 10 major vendors.  Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of devices, bypass authentication, compromise credentials, cause denials of service or have a range of operational impacts. In a closely related sector, a study by the University of Michigan highlights the alarming possibilities for attacks against vehicles - proving that it’s possible to hijack certain processes within modern trucks.  Researchers were able to hack into a diagnostic port, manipulate the readouts from the instrument panel, force the truck to accelerate and even disable part of the truck’s braking system. Analysis by threat hunters at Mandiant of the October 2023 Ukrainian Power station attack showed that a pair of previously undocumented OT attacks were used to cause the power outage, highlighting the difficulty of maintaining protection on OT devices when vulnerabilities are continually being discovered and weaponised by nation-states. It is not appropriate to simply embrace the cybersecurity operations from existing IT practices.  While IT network and operating system patching and identity management practices are well established, the ability to manage OT devices and systems in the same manner is not as straight forward.  Many OT devices deployed in CI systems were never originally designed to be connected to the internet and new models for cybersecurity are required. Some of the key mitigation strategies recommended in every advisory (aside from patching, monitoring, training and awareness – these are all “after the fact” activities and not prevention) are to: require multi-factor authentication for all access (system, PC’s, devices, networks); implement and ensure robust network segmentation between OT assets and corporate networks to limit the ability of malicious cyber actors to pivot from a compromised asset and, potentially, to an IT network; and implement strong machine identity and encrypted communications for connected assets over open networks. It is important to note that without strong Identity and Access Management (IAM) control over any additional tools, the criminals will find a way through.  This is on ongoing occurrence online, with bad actors simply by-passing second factor authentication (2fa) and detection software.  There have been attacks where 2fa applications and VPN’s themselves were used as the vectors for successful breaches. Defending against current and emerging threats. The rapid adoption of technology presents universal concerns for service providers: Increased digital services/devices and interconnectivity between systems means an increased attack surface for cybercrime. Rapid rise in data volumes, flows and complexity of management means increased opportunities for identity breaches. Transitioning from legacy systems and navigating the complexity of hybrid environments. Complex layers for identity and security become more costly with many mixed environments. Expansion of stakeholders and associated integration requirements (suppliers, citizens, third party providers, businesses). Credential compromises remain one of the largest reasons for breaches of systems, as well as one of the most easily preventable with the appropriate system infrastructure.  The next generation of IoT systems must be designed with identity and data security at their core – but changing out infrastructure is costly and slow. To stay ahead of the curve and defend against the threats outlined in the introduction, the next generation of CI system architecture must include: a unified platform to reduce the complexity of layers of technology built up over decades; a cybersecurity platform architecture that is identity centric - purpose built for protection over open networks; a digital identity that is robust, tethered to the user, re-usable in many places and can’t be tampered with; machine/human identity and communications that cannot be breached or compromised; a solution that can be readily retro-fitted to existing networks and company assets; an identity layer that facilitates hyper convergence of IT and IoT functions to simplify and reduce costs rather than duplicating across networks and participants; and privacy controls and low friction interfaces for users. The VeroGuard Platform Critical Infrastructure Security – a significantly better approach The VeroGuard Platform offers a unique solution to securing connected environments by providing secure IAM controls, virtual network separation, data encryption and flow control.  VeroGuard System’s products have Common Criteria (CC) certification (defence level security) and can be quickly and cost effectively deployed to legacy, new and hybrid environments. The VeroGuard Platform was specifically designed for protecting identity, access and data on the open internet and works by inserting a Hardware Security Module (HSM) between the device being accessed and the network connectivity, delivering an impenetrable defensive layer for online protection.  When initiating connectivity, the inline HSM must connect to and verify itself with the VeroGuard Platform HSM, which then creates a secure encrypted tunnel using hardware derived keys and encryption protocols for data flows and any user verification needs. HSM-to-HSM verification and communication is not new – however, until now, this has been expensive and limited to terrestrial connection.  Two-way HSMs are utilised in banking (eg ATM’s, eftpos) and military systems around the globe for securing critical communications.  Typically, the technology is used in guided missile control where it is crucial that command messages cannot be decrypted or the command plane hijacked.  The VeroGuard Platform brings this mutual two-way hardware verification for use in OT environments, at scale and without the high cost. Form factors used on the VeroGuard Platform include the VeroCard HSM (for humans) and the VeroMod IoT Shield (for machines/devices). The VeroCard HSM enables human users to be verified to access networks, applications and devices by authenticating the human via a combination of the specific user’s VeroCard and the user’s secret PIN. Every login attempt is verified by the secure connection back to the VeroGuard Platform. The VeroMod IoT Shield is a commoditised HSM which connects inline and creates a “virtual airgap” between the device and any connectivity.  The VeroMod IoT Shield brings HSM-to-HSM technology for verification and encryption to any device, guaranteeing access requests to and from all machines and providing the highest level of encryption to all data in transit. The VeroGuard Platform is unmatched for security and scalability as the only online platform that always uses HSM-to-HSM protection time after time, for identity verification, communications, data integrity and switching services. The VeroGuard Platform offers a solution for organisations operating roads and transport CI that begins with indisputable proof of identity for all online and digital communications. The VeroGuard Platform is the only platform available anywhere in the world that can guarantee defence certified identification security for both people and machines over open networks. How does the VeroGuard Platform do this? The VeroGuard Platform does this as follows: by using VeroMods to provide host connections into the VeroGuard Platform, effectively providing point-to-point connection over open networks; user access is provided with permission verified by the VeroGuard Platform before a user is able to access networks, devices and data, machine to machine connections are verified in the same way with the digital identity provided by the VeroMod; all VeroGuard HSM-to-HSM connections are protected using elliptic-curve Diffie–Hellman encryption set for post quantum protection, with a DUKPT (Derived Unique Key Per Transaction) key management protocol, meaning that the keys are derived within the HSM and there is no possibility of the keys being intercepted or stolen; and each time a connection is initiated, a new set of encryption keys are generated. Essentially, once deployed the VeroGuard Platform creates a virtual airgap for a connected asset environment.  Access is controlled via the irrefutable identity provided by the platform and communications from devices or nodes are encrypted via the impenetrable security of the HSM-to-HSM technology core to the success of the platform. The VeroGuard Platform is the next generation of platform to secure connected systems, machines and data. The VeroGuard Platform ELIMINATES credential and identity compromise on open networks to act as the core of any zero-trust deployment. Any company migrating to the Cloud, connecting OT and IT networks, wanting to exploit open networks for machine communications or looking to secure their supply chain should assess the VeroGuard Platform. There is an opportunity to harness the VeroGuard Platform now to build a safe and secure digital ecosystem for CI companies internally, as well as for its infrastructure and for each of its suppliers, contractors and users.

IoT ecosystems are replacing legacy telematics solutions to help solve some of the most critical problems commercial fleets face today. In fact, digital transformation in Transport and Logistics (T&L) has significantly improved upstream and downstream facets across the entire industry and created unprecedented efficiencies. However for T&L companies, major corporate assets are both connected online and constantly on the move, shifting the organisations security perimeter to the fleet asset – a distinct differentiator from many other industries going through the same digitalisation process – and exposing organisations to a greater extent to the potential of cyberattack. There are multiple reasons for the increased threat. For one, the expanded use of technology, which opens new communications and wireless channels that are connected directly to T&L companies’ digital ecosystems, is a soft target for hackers. Another is the fact that T&L suffers from lagging cyber regulations and standards, inadequate cybersecurity awareness – the impact heightened by a shortage of cyber-defence talent. Although other aspects of the T&L industry are highly regulated in many regions, and despite the sector’s global operations (or perhaps because of them) regulators have not been able to agree on a set of suitable T&L cybersecurity standards. Further, as many of the devices and sensors on connected vehicles are similar to those deployed in other operational industries – commonly termed Operation Technology (OT) – T&L is not immune from the numerous cybersecurity issues plaguing OT across manufacturing, energy and utilities. The impact of a cyberattack can be costly and disruptive to operations, and has the potential to create further liability, particularly when sensitive customer data is breached. The more connected systems become, the larger the respective attack surface becomes and the more attractive they become as targets for cyberattacks. In 2022 we have seen international cyber security agencies (including Australia) issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of new OT specific malware, as well as the disclosure of a growing list of OT vulnerabilities. A different approach is required to combat these persistent and growing threats. VeroGuard’s technology maintains network integrity for any devices when connected to open networks. Providing un-phishable MFA for access to networks and devices and strong post quantum level data encryption for device communications, T&L companies can continue to accelerate digital transformation plans by providing a certified virtual airgap between the fleet asset and open internet connectivity. VeroGuard is the only platform worldwide to have Common Criteria certification for access on open networks, meaning it has been verified by the Australian Cyber Security Centre (ACSC) for use in Defence and other government departments with high assurance requirements for online access. Background The T&L industry continues to face an expanding cyber threat landscape which presents a substantial challenge to operations.  While some industry participants have been working to develop standard practices to bolster cybersecurity among carriers, mechanics and truck manufacturers, there remains a significant gap between proposed standards and any implementation – especially when considering existing fleets. Moreover, hackers are increasingly attempting to steal data stored in networks that are critical to the T&L industry’s modernisation and growth. These networks enable digital improvements like automated ordering, shipment tracking, and access to account information. While extremely valuable, such customer initiatives require access via online platforms, phone apps, and other mobile devices, which are among the most insecure channels. But the threat goes beyond data and information. With trucks becoming more modernised, it’s possible to hijack certain processes within them. A study by the University of Michigan highlights the alarming possibilities. Researchers were able to hack into a vehicle’s diagnostic port, manipulate the readouts from the instrument panel, force the truck to accelerate, and even disable part of the truck’s braking system. There’s a sensor for that It is common for organisations to track the location of their fleets, and now also the real-time performance of their trucks and drivers. The average truck today is connected to a huge number of devices generating the data needed for logistics companies to run smarter and more efficiently. While this translates directly to cost savings, better governance and OH&S outcomes, the downside to this is that it has exposed a series of technology shortcomings and made the industry extremely vulnerable to cyberattacks. Every sector of the industry—including maritime, rail, trucking, logistics providers, and package deliverers—is affected. Complicating matters further, “insecurity by design” remains very relevant in OT and IoT systems, which is why a shift in security infrastructure to account for open network connectivity and all the variables it presents is so necessary. Insecure by design vulnerabilities abound evidenced by a recent investigation by Vedere Labs which found 56 vulnerabilities affecting 10 major vendors. Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of devices, bypass authentication, compromise credentials, cause denials of service or have a range of operational impacts. While the devices in this study are not focussed on T&L it is not hard to see how a small change in focus for cybercriminals could lead to similar attacks focussed on this sector. It is not appropriate to simply embrace the cybersecurity operations from existing IT practices. While IT network and operating system patching and identity management practices are well established, the ability to manage fleet devices and systems in the same manner is not as straight forward.  The T&L industry is faced with the need to continue with the rapid adoption of digital transformation and cloud computing to maintain competitiveness in an ever more challenging market. This represents a step change in work practices for the sector, in that trucks and onboard sensors were never originally deigned to be connected to the internet, and new models for cyber security are required. Some of the key mitigation strategies (aside from patching, monitoring, training and awareness – these are all “after the fact” activities and not prevention) in every advisory are to: 1.     Require multi-factor authentication for all access 2.     Implement and ensure robust network segmentation between fleet assets and corporate networks to limit the ability of malicious cyber actors to pivot from a compromised supply chain to the fleet asset and potentially to your IT network. 3.     Implement strong machine identity and encrypted communications for connected fleet assets over open networks. It is important to note that without strong Identity and Access management control over any additional tools, the criminals will find a way through.  This is on ongoing occurrence online with bad actors simply bypassing second factor authentication (2fa) and detection software. There have been attacks where 2fa applications and VPN’s themselves were used as the vectors for successful breaches. A New Approach The VeroGuard Platform offers a unique solution to securing connected environments, by providing secure Identity and Access Management controls, virtual network separation, data encryption and flow control.  VeroGuard’s products have Common Criteria (CC) certification (defence level security) and can be quickly and cost effectively deployed to legacy, new and hybrid environments. The platform was specifically designed for protecting identity, access and data on the open internet and works by inserting an HSM between the device being accessed and the network connectivity delivering an impenetrable defensive layer for online protection. When initiating connectivity, the inline HSM must connect to and verify itself with the platform HSM, which then creates a secure encrypted tunnel using hardware derived keys and encryption protocols for data flows and any user verification needs. HSM-to-HSM verification and communication is not new – however until now they have been expensive and limited to terrestrial connection. Two-way HSMs are utilised in banking (e.g.: ATM’s, Eftpos) and military systems around the globe for securing critical communications. Typically, the technology is used in guided missile control where it is crucial that command messages cannot be decrypted, or the command plane hijacked. VeroGuard brings this mutual two-way hardware verification for use in OT environments, at scale and without the high cost. Form factors include the VeroCard HSM for humans, and the VeroMod HSM for machines/devices. The VeroCard HSM enables users to be verified to access networks, applications and devices authenticating via the combination of the specific users VeroCard and their secret PIN. Every login attempt is verified by the secure connection back to the VeroGuard Platform. The VeroMod IoT Shield is a commoditised Hardware security module (HSM) which connects inline and creates a “virtual air gap” between the device and any connectivity. VeroMod IoT Shield brings HSM-to-HSM technology for verification and encryption to any device. This guarantees access requests to and from all machines and provides the highest level of encryption to all data in transit. VeroGuard is unmatched for security and scalability as the only online platform that always uses HSM-to-HSM protection time after time, for identity verification, communications, data integrity and switching services. The rapid adoption of technology presents universal concerns for service providers: Increased digital services/devices and interconnectivity between systems means an increased attack surface for cybercrime. Rapid rise in data volumes, flows and complexity of management means increased opportunities for identity breaches Transitioning from legacy systems and navigating the complexity of hybrid environments Complex layers for identity and security become more costly with many mixed environments Expansion of stakeholders and associated integration requirements (suppliers, citizens, 3rd party providers, businesses). VeroGuard Systems offers a solution that begins with indisputable proof of identity for all online and digital communications. It is the only platform available anywhere in the world that can guarantee defence certified identification security for both people and machines. By providing host connections into the VeroGuard platform the VeroMod effectively provides point-to-point connection over open networks. User access is provided with permission verified by the VeroGuard platform before being able to access networks, devices and data. Machine to machine connections are verified in the same way with the digital identity provided by the VeroMod. All VeroGuard HSM-to-HSM connections are protected using  elliptic-curve Diffie–Hellman encryption set for post quantum protection, with a DUKPT (Derived Unique Key Per Transaction) key management protocol meaning that the keys are derived within the HSM and there is no possibility of the keys being intercepted or stolen. Each time a connection is initiated a new set of encryption keys are generated. There is an opportunity to harness this technology now and build a safe and secure digital ecosystem for T&L companies, their suppliers and contractors. How can this technology be harnessed to benefit the Transport & Logistics Industry? Credential compromises remain one of the largest reasons for breaches of systems, as well as one of the most easily preventable with the appropriate system infrastructure. The next generation of IoT systems must be designed with identity and data security at their core – but changing out infrastructure is costly and slow. To stay ahead of the curve and defend against the threats outlined in the introduction, the next generation of T&L system architecture must include: A unified platform to reduce the complexity of layers of technology built up over decades A cybersecurity platform architecture that is identity centric - purpose built for protection over open networks A digital identity that is robust, tethered to the user, re-usable in many places and can’t be tampered with Machine/human identity and communications that cannot be breached or compromised A solution that can be readily retro-fitted to existing networks and fleet assets An identity layer that facilitates hyper convergence of IT and IoT functions to simplify and reduce costs rather than duplicating across networks and participants Privacy controls and low friction interfaces for users Essentially, once deployed VeroGuard creates a virtual airgap for your fleet asset environment. Access is controlled via the irrefutable identity provided by the platform, and communications from devices or nodes are encrypted via the impenetrable security of the HSM-to-HSM technology core to the success of the Platform. VeroGuard Systems is the next generation of platform to secure connected systems, machines and data. The VeroGuard Platform practically ELIMINATES credential and identity compromise on open networks to act as the core of any zero-trust deployment. Any company migrating to the Cloud, connecting OT and IT networks, wanting to exploit open networks for machine communications, or looking to secure their supply chain should assess the VeroGuard Platform.

In the ever more connected world, operational environments and the Operational Technology (OT) controlling them are a new frontline for cyberattacks. Digital transformation driving manufacturing, energy and utilities has created unprecedented efficiencies which have also exposed those organisations to a greater extent to the potential of cyberattack. There are multiple reasons for the increased threat. For one, the expanded use of technology, which opens new communications and wireless channels that are connected directly to companies’ digital ecosystems, is a soft target for hackers. Another is the fact that OT suffers from lagging cyber regulations and standards, inadequate cybersecurity awareness – this impact heightened further by a shortage of cyber-defence talent. With remote operations becoming increasingly commonplace, more and more devices and machines are required to be connected online to maintain a satisfactory level of service delivery. This represents a step change in work practices in that traditional OT devices were never originally designed to be connected to the internet, and therefore new models for cyber security are required.  The impact of a cyberattack can be costly and disruptive to operations, and has the potential to create further liability, particularly when sensitive customer data is breached. With the expanding threat surface and a shrinking available talent pool to deploy the new security posture required, companies using OT must look to new technology to augment the existing network, protect un-patchable devices and uplift the overall identity and encryption architecture of their operating environment. The more connected systems become, the larger the respective attack surface becomes and the more attractive they become as targets for cyberattacks. In 2022 we saw multiple international cyber security agencies (including Australia) issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of new malware, as well as the disclosure of a growing list of operational technology vulnerabilities. VeroGuard’s technology maintains network integrity for legacy and new infrastructure when connected or exposed to open networks. Providing highly phish-resistant MFA for access to networks and devices and strong post quantum level data encryption for device communications, companies can accelerate digital transformation plans by providing a certified virtual airgap between the OT environment and open internet connectivity. VeroGuard is the only platform worldwide to have Common Criteria certification for access on open networks, meaning it has been verified by the Australian Cyber Security Centre (ACSC) for use in Defence and other government departments with high assurance requirements for online access. Background The OT industry continues to face an expanding cyber threat landscape which presents a substantial challenge to operations.  The Australian Government has acknowledged the fact that technology in critical infrastructure environments is key to national security and economic prosperity – as reflected with the amendments to the Security of Critical Infrastructure Act – by introducing financial and criminal penalties for non-compliance.  The problem for all industries using OT equipment is the same attack developed to disrupt the operations of large utilities, can easily find its way into the operational environment of any factory. “Insecurity by design” remains very relevant in traditional OT, and that is why a shift in security infrastructure to account for open network connectivity and all the variables it presents is so necessary.  The past decade has shown that one of the biggest security problems continues to be the lack of basic controls, and attackers have exploited this in practice with the recently discovered malware Industroyer2 and InController/PipeDream.  Insecure by design vulnerabilities abound evidenced by a recent investigation by Vedere Labs which found 56 vulnerabilities affecting 10 major OT vendors. Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of devices, bypass authentication, compromise credentials, cause denials of service or have a range of operational impacts. The most common issues[1] found from internal audits and vulnerability scans include: Unmanaged assets are connected everywhere. Operational systems are deployed with their default credentials unchanged. OT networks that were initially designed to be highly segregated have become flatter than realised. Ports on all kinds of systems in all kinds of remote locations are wide open. OEMs are accessing the machines they sold remotely, and no one is managing this. Disclosed vulnerabilities on old OS’s have never been evaluated for possible patching. The functional silos between separate security disciplines (e.g., cybersecurity, physical security, supply chain security, product security, health and safety) are creating seams that bad actors can exploit. No centralised governance exists for end-to-end security processes and decisions. Identity and credential compromise remain the biggest threat, IBM recently found that 78% of incidents began with a phishing attack (consistent with their 2021 findings).  In fact, we know that 95% of all cyberattacks are on identity and credentials and that over 85% of all breaches involve compromised credentials. That is why the average time to discover and remediate a breach has blown out to over 327 days (IBM Data Breach report 2022). It is not appropriate to simply embrace the cybersecurity operations from existing IT practices. While IT network and operating system patching and identity management practices are well established, the ability to manage devices and systems in the same manner is not as straight forward.  “Patching at will” for example is not always an option for OT devices. Though traditional air gap defences can mitigate against many of the vulnerabilities on devices, switching back to this defence mechanism removes the benefits of connectivity and a new approach is required. Some of the key mitigation strategies (aside from patching, monitoring, training and awareness – these are all “after the fact” activities and not prevention) in every advisory are to: Require phish-resistant multi-factor authentication for all remote access Implement and ensure robust network segmentation between operational and corporate networks to limit the ability of malicious cyber actors to pivot to the OT network after compromising the IT network. Implement demilitarized zones (DMZs), firewalls, jump servers, and one-way communication diodes to prevent unregulated communication between the IT and OT networks. It is important to note that without strong Identity and Access management control over any additional tools, the criminals will find a way through.  This is on ongoing occurrence online with bad actors simply bypassing second factor authentication (2fa) and detection software. There have been attacks where 2fa applications and VPN’s themselves were used as the vectors for successful breaches. [1] Gartner Guide for Operational Technology Security A New Approach The VeroGuard Platform offers a unique solution to securing connected environments, by providing secure Identity and Access Management controls, virtual network separation, data encryption and flow control.  VeroGuard’s products have Common Criteria (CC) certification (defence level security) and can be quickly and cost effectively deployed to legacy, new and hybrid environments. The platform was specifically designed for protecting identity, access and data on the open internet and works by inserting an HSM between the device being accessed and the network connectivity delivering an impenetrable defensive layer for online protection. When initiating connectivity, the inline HSM must connect to and verify itself with the platform HSM, which then creates a secure encrypted tunnel using hardware derived keys and encryption protocols for data flows and any user verification needs. HSM-to-HSM verification and communication is not new – however until now they have been expensive and limited to terrestrial connection. Two-way HSMs are utilised in banking (e.g.: ATM’s, Eftpos) and military systems around the globe for securing critical communications. Typically, the technology is used in guided missile control where it is crucial that command messages cannot be decrypted, or the command plane hijacked. VeroGuard brings this mutual two-way hardware verification for use in OT environments, at scale and without the high cost. Form factors include the VeroCard HSM for humans, and the VeroMod HSM for machines/devices. The VeroCard HSM enables users to be verified to access networks, applications and devices authenticating via the combination of the specific users VeroCard and their secret PIN. Every login attempt is verified by the secure connection back to the VeroGuard Platform. The VeroMod IoT Shield is a commoditised Hardware security module (HSM) which connects inline and creates a “virtual air gap” between the device and any connectivity. VeroMod IoT Shield brings HSM-to-HSM technology for verification and encryption to any device. This guarantees access requests to and from all machines and provides the highest level of encryption to all data in transit. VeroGuard is unmatched for security and scalability as the only online platform that always uses HSM-to-HSM protection time after time, for identity verification, communications, data integrity and switching services. The rapid adoption of technology presents universal concerns for service providers: Increased digital services/devices and interconnectivity between systems means an increased attack surface for cybercrime. Rapid rise in data volumes, flows and complexity of management means increased opportunities for identity breaches Transitioning from legacy systems and navigating the complexity of hybrid environments Complex layers for identity and security become more costly with many mixed environments Expansion of stakeholders and associated integration requirements (suppliers, citizens, 3rd party providers, businesses). VeroGuard Systems offers a solution that begins with indisputable proof of identity for all online and digital communications. It is the only platform available anywhere in the world that can guarantee defence certified identification security for both people and machines. By providing host connections into the VeroGuard platform the VeroMod effectively provides point-to-point connection over open networks. User access is provided with permission verified by the VeroGuard platform before being able to access networks, devices and data. Machine to machine connections are verified in the same way with the digital identity provided by the VeroMod. All VeroGuard HSM-to-HSM connections are protected using  elliptic-curve Diffie–Hellman encryption set for post quantum protection, with a DUKPT (Derived Unique Key Per Transaction) key management protocol meaning that the keys are derived within the HSM and there is no possibility of the keys being intercepted or stolen. Each time a connection is initiated a new set of encryption keys are generated. There is an opportunity to harness this technology now and build a safe and secure digital ecosystem for companies, their suppliers and contractors. How can this technology be harnessed to benefit the Industry? The focus of cyber security for Operational Environments is to support the health and safety, reliability and resilience, even in the event of a cyber-attack. Credential compromises remain one of the largest reasons for breaches of systems, as well as one of the most easily preventable with the appropriate system infrastructure. The next generation of connected OT systems must be designed with identity and data security at their core – but changing out infrastructure is costly and slow. To stay ahead of the curve and defend against the threats outlined in the introduction, the next generation of T&L system architecture must include: A unified platform to reduce the complexity of layers of technology built up over decades A cybersecurity platform architecture that is identity centric - purpose built for protection over open networks A digital identity that is robust, tethered to the user, re-usable in many places and can’t be tampered with Machine/human identity and communications that cannot be breached or compromised A solution that can be readily retro-fitted to existing networks and fleet assets An identity layer that facilitates hyper convergence of IT and IoT functions to simplify and reduce costs rather than duplicating across networks and participants Privacy controls and low friction interfaces for users Essentially, once deployed VeroGuard creates a virtual airgap for your fleet asset environment. Access is controlled via the irrefutable identity provided by the platform, and communications from devices or nodes are encrypted via the impenetrable security of the HSM-to-HSM technology core to the success of the Platform. VeroGuard Systems is the next generation of platform to secure connected systems, machines and data. The VeroGuard Platform practically ELIMINATES credential and identity compromise on open networks to act as the core of any zero-trust deployment. Any company migrating to the Cloud, connecting OT and IT networks, wanting to exploit open networks for machine communications, or looking to secure their supply chain should assess the VeroGuard Platform.

Due to its widespread reliance on a huge network of locations, devices and people to provide adequate services, the energy industry faces perhaps more threat from cyber-crime than any other sector. While these threats have always been present, the effect of recent global events on daily operations has severely increased the possibility of attack. With the post-pandemic shift to work from home practices, as well as a push towards “cleaner, greener and cheaper” energy, the industry is faced with the need to rapidly take advantage of efficiencies presented by digital transformation and cloud computing. This represents a step change in work practices for the sector, in that traditional energy OT was never originally designed to be connected to the internet, and new models for cyber security are required. With remote operations becoming increasingly commonplace, more and more devices and machines are required to be connected online to maintain a satisfactory level of service delivery. Insofar as the energy industry is concerned, the sheer scale of services being provided means that practically all aspects of operations are now inescapably facing being connected to the internet, and by extension the IoT (Internet of Things). With the expanding threat surface and a shrinking available talent pool to deploy the new security posture required, companies using OT must look to new technology to augment the existing network, protect un-patchable devices and uplift the overall identity and encryption architecture of their operating environment. The more connected systems become, the larger the respective attack surface becomes and the more attractive they become as targets for cyberattacks. In 2022 we saw multiple international cyber security agencies (including Australia) issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of new malware, as well as the disclosure of a growing list of operational technology vulnerabilities. VeroGuard’s technology maintains network integrity for legacy and new infrastructure when connected or exposed to open networks. Providing highly phish-resistant MFA for access to networks and devices and strong post quantum level data encryption for device communications, companies can accelerate digital transformation plans by providing a certified virtual airgap between the OT environment and open internet connectivity. VeroGuard is the only platform worldwide to have Common Criteria certification for access on open networks, meaning it has been verified by the Australian Cyber Security Centre (ACSC) for use in Defence and other government departments with high assurance requirements for online access. Background The energy industry continues to face an expanding cyber threat landscape which presents a substantial challenge to operations.  The Australian Government has acknowledged the fact that technology in operational environments is key to national security and economic prosperity – as reflected with the amendments to the Security of Critical Infrastructure Act – by introducing financial and criminal penalties for non-compliance. Complicating matters further, “insecurity by design” remains very relevant in traditional OT, and that is why a shift in security infrastructure to account for open network connectivity and all the variables it presents is so necessary.  The past decade has shown that one of the biggest security problems continues to be the lack of basic controls, and attackers have exploited this in practice with the recently discovered malware Industroyer2 and InController/PipeDream.  Insecure by design vulnerabilities abound evidenced by a recent investigation by Vedere Labs which found 56 vulnerabilities affecting 10 major vendors. Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of devices, bypass authentication, compromise credentials, cause denials of service or have a range of operational impacts. The most common issues[1] found from internal audits and vulnerability scans include: Unmanaged assets are connected everywhere. Operational systems are deployed with their default credentials unchanged. OT networks that were initially designed to be highly segregated have become flatter than realised. Ports on all kinds of systems in all kinds of remote locations are wide open. OEMs are accessing the machines they sold remotely, and no one is managing this. Disclosed vulnerabilities on old OS’s have never been evaluated for possible patching. The functional silos between separate security disciplines (e.g., cybersecurity, physical security, supply chain security, product security, health and safety) are creating seams that bad actors can exploit. No centralised governance exists for end-to-end security processes and decisions. Identity and credential compromise remain the biggest threat, IBM recently found that 78% of incidents began with a phishing attack (consistent with their 2021 findings).  In fact, we know that 95% of all cyberattacks are on identity and credentials and that over 85% of all breaches involve compromised credentials. That is why the average time to discover and remediate a breach has blown out to over 327 days (IBM Data Breach report 2022). It is not appropriate to simply embrace the cybersecurity operations from existing IT practices. While IT network and operating system patching and identity management practices are well established, the ability to manage devices and systems in the same manner is not as straight forward.  “Patching at will” for example is not always an option for OT devices. Though traditional air gap defences can mitigate against many of the vulnerabilities on devices, switching back to this defence mechanism removes the benefits of connectivity and a new approach is required. Some of the key mitigation strategies (aside from patching, monitoring, training and awareness – these are all “after the fact” activities and not prevention) in every advisory are to: Require phish-resistant multi-factor authentication for all remote access Implement and ensure robust network segmentation between operational and corporate networks to limit the ability of malicious cyber actors to pivot to the OT network after compromising the IT network. Implement demilitarized zones (DMZs), firewalls, jump servers, and one-way communication diodes to prevent unregulated communication between the IT and OT networks. It is important to note that without strong Identity and Access management control over any additional tools, the criminals will find a way through.  This is on ongoing occurrence online with bad actors simply bypassing second factor authentication (2fa) and detection software. There have been attacks where 2fa applications and VPN’s themselves were used as the vectors for successful breaches. [1] Gartner Guide for Operational Technology Security A New Approach The VeroGuard Platform offers a unique solution to securing connected environments, by providing secure Identity and Access Management controls, virtual network separation, data encryption and flow control.  VeroGuard’s products have Common Criteria (CC) certification (defence level security) and can be quickly and cost effectively deployed to legacy, new and hybrid environments. The platform was specifically designed for protecting identity, access and data on the open internet and works by inserting an HSM between the device being accessed and the network connectivity delivering an impenetrable defensive layer for online protection. When initiating connectivity, the inline HSM must connect to and verify itself with the platform HSM, which then creates a secure encrypted tunnel using hardware derived keys and encryption protocols for data flows and any user verification needs. HSM-to-HSM verification and communication is not new – however until now they have been expensive and limited to terrestrial connection. Two-way HSMs are utilised in banking (e.g.: ATM’s, Eftpos) and military systems around the globe for securing critical communications. Typically, the technology is used in guided missile control where it is crucial that command messages cannot be decrypted, or the command plane hijacked. VeroGuard brings this mutual two-way hardware verification for use in OT environments, at scale and without the high cost. Form factors include the VeroCard HSM for humans, and the VeroMod HSM for machines/devices. The VeroCard HSM enables users to be verified to access networks, applications and devices authenticating via the combination of the specific users VeroCard and their secret PIN. Every login attempt is verified by the secure connection back to the VeroGuard Platform. The VeroMod IoT Shield is a commoditised Hardware security module (HSM) which connects inline and creates a “virtual air gap” between the device and any connectivity. VeroMod IoT Shield brings HSM-to-HSM technology for verification and encryption to any device. This guarantees access requests to and from all machines and provides the highest level of encryption to all data in transit. VeroGuard is unmatched for security and scalability as the only online platform that always uses HSM-to-HSM protection time after time, for identity verification, communications, data integrity and switching services. The rapid adoption of technology presents universal concerns for service providers: Increased digital services/devices and interconnectivity between systems means an increased attack surface for cybercrime. Rapid rise in data volumes, flows and complexity of management means increased opportunities for identity breaches Transitioning from legacy systems and navigating the complexity of hybrid environments Complex layers for identity and security become more costly with many mixed environments Expansion of stakeholders and associated integration requirements (suppliers, citizens, 3rd party providers, businesses). VeroGuard Systems offers a solution that begins with indisputable proof of identity for all online and digital communications. It is the only platform available anywhere in the world that can guarantee defence certified identification security for both people and machines. By providing host connections into the VeroGuard platform the VeroMod effectively provides point-to-point connection over open networks. User access is provided with permission verified by the VeroGuard platform before being able to access networks, devices and data. Machine to machine connections are verified in the same way with the digital identity provided by the VeroMod. All VeroGuard HSM-to-HSM connections are protected using  elliptic-curve Diffie–Hellman encryption set for post quantum protection, with a DUKPT (Derived Unique Key Per Transaction) key management protocol meaning that the keys are derived within the HSM and there is no possibility of the keys being intercepted or stolen. Each time a connection is initiated a new set of encryption keys are generated. There is an opportunity to harness this technology now and build a safe and secure digital ecosystem for companies, their suppliers and contractors. How can this technology be harnessed to benefit the Energy Industry? The focus of cyber security for Operational Environments is to support the health and safety, reliability and resilience, even in the event of a cyber-attack. Unlike IT systems, a control system in the energy sector that is under attack cannot be easily disconnected from the network as disconnection could potentially result in safety issues, brownouts or, even blackouts. Credential compromises remain one of the largest reasons for breaches of systems, as well as one of the most easily preventable with the appropriate system infrastructure. The next generation of connected OT systems must be designed with identity and data security at their core – but changing out infrastructure is costly and slow. To stay ahead of the curve and defend against the threats outlined in the introduction, the next generation of T&L system architecture must include: A unified platform to reduce the complexity of layers of technology built up over decades A cybersecurity platform architecture that is identity centric - purpose built for protection over open networks A digital identity that is robust, tethered to the user, re-usable in many places and can’t be tampered with Machine/human identity and communications that cannot be breached or compromised A solution that can be readily retro-fitted to existing networks and fleet assets An identity layer that facilitates hyper convergence of IT and IoT functions to simplify and reduce costs rather than duplicating across networks and participants Privacy controls and low friction interfaces for users Essentially, once deployed VeroGuard creates a virtual airgap for your fleet asset environment. Access is controlled via the irrefutable identity provided by the platform, and communications from devices or nodes are encrypted via the impenetrable security of the HSM-to-HSM technology core to the success of the Platform. VeroGuard Systems is the next generation of platform to secure connected systems, machines and data. The VeroGuard Platform practically ELIMINATES credential and identity compromise on open networks to act as the core of any zero-trust deployment. Any company migrating to the Cloud, connecting OT and IT networks, wanting to exploit open networks for machine communications, or looking to secure their supply chain should assess the VeroGuard Platform.

Australia joins NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE) Locked Shields for the first time, collaborating in Partner Run facilitated by Australian Cyber Collaboration Centre. Last week the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE) facilitated the world’s largest and most complex international live-fire cyber exercise, Locked Shields 2023. The ‘Blue vs Red’ style exercise aims to train technical teams of cyber professionals (Rapid Reaction Teams) and strengthen their cooperation with legal, media, and strategic decision-making entities through a simulated hostile and vulnerable cyber and information crisis. Planning and implementation of the exercise take place throughout 11 months of the year. “No other cyber defence exercise can offer as specialised and detailed of an experience as Locked Shields can. 24 Blue Teams from around the world must keep critical infrastructure and IT systems up and running. Teams can demonstrate how well they can keep systems running under real-life situations and high pressure,” said NATO CCDCOE director Mart Noorma. “Technical specialists cannot solve a cyber crisis alone. Usually, decision-makers and experts from different governmental bodies and walks of life are those who try to repel the attacks,” explains Noorma. “This is why, in addition to cyber defence, we focus on strategy games, legal issues, and crisis communication at Locked Shields. Cooperation must be swift, because a large cyberattack can quickly escalate into a large-scale security crisis, and these kinds of exercises allow us to be better prepared,” added Noorma For the first time in the thirteen years Locked Shields has been running, Australia has participated in the Partner Run. The function of the Partner Run is to test the Game Day scenario, systems and technology before the main event in April, honing the red team tactics for the full exercise. The partner run is a crucial component of the full-scale exercise and many of the teams in the partner run train for up to six months. In early April, with only 5 weeks of preparation the Australian Cyber Collaboration Centre in association with the University of Adelaide, facilitated the Australian participation in the Locked Shields 2023 Partner Run with its members McGrathNicol, CyberOps, Flinders University, DTEX, SecureState, SAAB, CISCO, Veroguard and SA Power Networks. Utilising the most technically advanced commercial Cyber Range in the Southern Hemisphere, the Locked Shields Partner Run was hosted at the Australian Cyber Collaboration Centre’s home base in South Australia’s Innovation Precinct, Lot Fourteen. Led by Team Manager, Ben Cornish of McGrathNicol, alongside Technical Team Leader, Derek Grocke of CyberOps, teams were formed from both Corporate and Education Partners combining workforce and students into an operational body ready to tackle, analyse and report on the most complex of cyber threats in the simulation exercise. Australia’s involvement in the Partner Run is a display of our nation’s capability and increasing strength in the international ecosystem as the cyber defence of sovereign critical infrastructure comes into even sharper focus. The Australian Cyber Collaboration Centre’s CEO, Matt Salier hosted key leaders of Australia’s business and cyber arena as part of the activation to connect on the topic, including the previous Premier, Hon. Steven Marshall MP, Defence Science and Technology Group’s Ben Luo alongside Suneel Randhawa and Ian Johnston both Research Leader Cyberwarfare Operations, University of Adelaide’s Pro Vice-Chancellor (Research Operations) & Chief Security Officer (Defence & National Security) Bruce Northcote and CISO Shuichi Sakai, SAAB’s Chief Engineer Graham Smith, Veroguard CEO Nic Nuske, Santos GM of Transformation Reneke van Soest, CyberOps CEO Daniel Floreani, Australian Space Agency CEO Enrico Palermo, Duncan Scott, Wing Commander 462SQN in the Information Warfare Directorate and Reg Carruthers Executive Director Defence and Space at Defence SA. ‘It is necessary that we provide best-in-world training for those in Australia who protect our critical systems. Regardless of public or private sector control, intense training exercises and live-fire simulations, are essential to upskill these people. Utilising our national and international networks and partners like NATO CCDCOE, we are making tremendously positive steps towards building our nation’s cyber capability.’ Matt expressed. Work will begin on Locked Shields 2024 shortly, if you are interested in learning more about the roles involved and being a part of Australia’s participation, more information can be found at: www.cybercollaboration.org.au/intlcollaboration

Rawson Verco Need Our core focus is privacy and identity security. There’s nothing out there right now that can effectively guarantee our data, identity and accounts are ours alone; the VeroCard is the best tool we’ve found to bridge that gap and provide real safety online, which is something that can’t be overstated. Importantly, the customer support and deployment process is straight forward, which makes security uptake much easier across the organisation. VeroCard is the best tool we’ve found to provide real safety online. Randall Hughson - Director RVN IT.

Australian cyber security company VeroGuard Systems has become one of three Australian companies with a Common Criteria certified product, opening new opportunities to deploy its VeroGuard Platform in defence and other high security environments. Common Criteria is an international standard (ISO/IEC 15408) for computer security certification. Reportedly utilising the same methods guided missile systems use for their communication systems, the VeroGuard Platform is certified for secure access over open networks to all systems and data. “VeroGuard is proud to be an Australian company, providing cutting-edge sovereign technology to the market which is currently dominated by global companies,” The CEO said. “Common Criteria certification provides our customers confidence that they cannot get better protection than our platform for verifying who is accessing their systems and data. This is an ‘out of the box’ zero trust solution." According to the company, VeroGuard’s digital identity platform is the world’s only digital ID platform for open networks that uses Hardware Security Module (HSM) to HSM communications. It uses a ‘personal high security card’ (a Hardware Security Module known as VeroCard) with a PIN, which removes traditional password, low security hardware and software tokens and online identity issues – guaranteeing a user’s identity online. The VeroCard has also received the highest security certification available for a PIN entry device (PCI PTS 5.1). An integral part of the certification was VeroGuard System’s advanced manufacturing facility in the Edinburgh defence precinct north of Adelaide, which manufactures VeroCard. VeroGuard Systems also recently partnered with IT integrator Kyndryl to provide government and enterprise customers access to the platform. “As the principal Systems Integrator for VeroGuard, Kyndryl welcomes the announcement of Common Criteria Certification for VeroGuard HSM for Open Networks," Collin Penman, Kyndryl Partner – Cyber Security Practice A/NZ said. "This represents a standout success of sovereign technology innovation, and demand for a higher level of security authentication, non-repudiable identification, and high attainment of cryptographic security that the Australian Defence and Federal Government Agencies market is seeking. “Now the technology has been certified, Kyndryl and VeroGuard look forward to expanding on initial deployments and continuing to successfully engage the Australian market and beyond.” Australian Defence Magazine - 23 February 2022 Source: VeroGuard Systems receives ‘defence certification’ - Australian Defence Magazine

VeroGuard Systems has become one of only three Australian companies with a Common Criteria international standard (ISO/IEC 15408) for computer security certification. VeroGuard Systems can now deploy their platform in defence and other high security environments that require Common Criteria certification. Utilising the same methods guided missile systems use for their communication systems, the VeroGuard Platform is certified for secure access over open networks to all systems and data. The digital identity platform system architecture was designed by wireless EFTPOS pioneer and VeroGuard Systems. “VeroGuard is proud to be an Australian company, providing cutting-edge sovereign technology to the market which is currently dominated by global companies,” the CEO said. “Common Criteria certification provides our customers confidence that they cannot get better protection than our platform for verifying who is accessing their systems and data. This is an ‘out of the box’ zero trust solution.” “VeroGuard’s digital identity platform is the world’s only digital ID platform for open networks that uses Hardware Security Module (HSM) to HSM communications. It uses a ‘personal high security card’ (a Hardware Security Module known as VeroCard) with a PIN, which removes traditional password, low security hardware and software tokens and online identity issues – guaranteeing a user’s identity online.” “The VeroCard has also received the highest security certification available for a PIN entry device (PCI PTS 5.1). An integral part of the certification was VeroGuard System’s advanced manufacturing facility in the Edinburgh defence precinct north of Adelaide, which manufactures VeroCard.” VeroGuard Systems is also partnering with Kyndryl to provide government and enterprise customers access to the platform. Collin Penman, Kyndryl Partner – Cyber Security Practice A/NZ says: “As the principal Systems Integrator for VeroGuard, Kyndryl welcomes the announcement of Common Criteria Certification for VeroGuard HSM for Open Networks. This represents a standout success of sovereign technology innovation, and demand for a higher level of security authentication, non-repudiable identification, and high attainment of cryptographic security that the Australian Defence and Federal Government Agencies market is seeking. Now the technology has been certified, Kyndryl and VeroGuard look forward to expanding on initial deployments and continuing to successfully engage the Australian market and beyond.” Australian Cyber Security Magazine - 21 February 2022 Source: https://australiancybersecuritymagazine.com.au/defence-certification-for-veroguard-systems/

The NSW branch of the Labor Party appears to have suffered a Windows ransomware attack, with the Avaddon strain having been used to attack the party's network. Contacted for comment, a party spokesperson told iTWire: "The matters raised are of serious concerns. We have referred the matter to police and we are conducting a full investigation." This is the second attack by this gang on an Australian entity over the last few days, with the website of the Telstra dealer, Schepisi Communications, having been taken offline after it was hit. On its site on the dark web, the group said NSW Labor had about 10 days left to make contact and "co-operate with us". Else, it said, data that had been stolen would be leaked. It claimed data about contracts, confidential information and contracts, drivers' licence details, passports, employment contracts, and resumes had been stolen. The Avaddon gang also threatened to hit the party's website with a distributed denial-of-service attack and claimed that any data that had been encrypted would not be able to be decrypted using any external tool. Photocopies of an Australian passport, a driver's licence and a number of other documents have been posted online. Avaddon has not been used in many attacks as other strains of Windows ransomware. Prior to the attack on the Telstra dealer, only two other hits were reported by iTWire: one on an aircraft leasing asset manager and the other on a small businessman in Columbus, Ohio. The security firm Emsisoft, which specialises in tackling ransomware, said in its latest report on the cost of ransomware in 2020 that there had been 2775 attacks on Australian organisations, based on submissions made to the ransomware identification service, ID Ransomware. But this was believed to be only a quarter of the actual number, Emsisoft added. Chief executive of sec outfit VeroGuard Systems, said: “Any organisation that holds valuable personal or business data on their servers is a target for cyber attacks. Unfortunately for political parties like NSW Labor, these factors are exponentially increased due to the sensitive nature of the data they hold, and the publicity and disruption hackers can generate from these attacks. "What this attack shows is that no organisation is immune to attack. In fact, the frequency and likelihood of these attacks, which recently includes schools and hospitals, has been further exacerbated by the current trend to move everything to the cloud, providing cyber criminals with greater attack options. "Protecting access to our systems The most important requirement for safeguarding cyber infrastructure is to positively assure the authentication of a user requesting access to the cyber infrastructure and services. All privacy safeguards in place are useless if a hostile intrusion can be disguised as coming from an assumed trusted source.” Sam Varghese - 7 May 2021