<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>ENISA Archives - EMFSA</title>
	<atom:link href="https://www.emfsa.co.za/tag/enisa/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.emfsa.co.za/tag/enisa/</link>
	<description>Electromagnetic fields South Africa</description>
	<lastBuildDate>Sat, 05 Mar 2022 08:41:45 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://www.emfsa.co.za/wp-content/uploads/2021/02/cropped-EMFSA_logo-fv-32x32.png</url>
	<title>ENISA Archives - EMFSA</title>
	<link>https://www.emfsa.co.za/tag/enisa/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>ENISA: Security in 5G &#8211; Challenges and Best Practices</title>
		<link>https://www.emfsa.co.za/news/enisa-security-in-5g-challenges-and-best-practices/</link>
		
		<dc:creator><![CDATA[Editor]]></dc:creator>
		<pubDate>Sat, 05 Mar 2022 08:41:44 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[5G]]></category>
		<category><![CDATA[Cybersecurity]]></category>
		<category><![CDATA[ENISA]]></category>
		<category><![CDATA[NFV]]></category>
		<guid isPermaLink="false">https://www.emfsa.co.za/?p=26285</guid>

					<description><![CDATA[<p>Source: European Union Agency for Cybersecurity (ENISA) February 24, 2022 NFV Security in 5G &#8211; Challenges and Best Practices This report explores relevant challenges, vulnerabilities and attacks to the Network Function Virtualization (NFV) within the 5G network. NFV changes the network security environment due to resource pools based on cloud computing and open network architecture. [&#8230;]</p>
<p>The post <a href="https://www.emfsa.co.za/news/enisa-security-in-5g-challenges-and-best-practices/">ENISA: Security in 5G &#8211; Challenges and Best Practices</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: European Union Agency for Cybersecurity (ENISA)</p>



<p class="wp-block-paragraph">February 24, 2022</p>



<p class="wp-block-paragraph"><strong>NFV Security in 5G &#8211; Challenges and Best Practices</strong></p>



<p class="wp-block-paragraph">This report explores relevant challenges, vulnerabilities and attacks to the Network Function Virtualization (NFV) within the 5G network. NFV changes the network security environment due to resource pools based on cloud computing and open network architecture. 60 security challenges grouped in 7 categories have been identified and explored. Among others, this report exposes vulnerabilities, attack scenarios and their impact on the 5G NFV assets. To address these upcoming challenges, security controls and best practices are put forward in this report, taking into account the particularities of this highly complex, heterogeneous and volatile environment. In particular, 55 best practices categorized in Technical, Policy and Organizational categories have been identified.</p>



<p class="wp-block-paragraph"><a href="https://www.enisa.europa.eu/publications/nfv-security-in-5g-challenges-and-best-practices">https://www.enisa.europa.eu/publications/nfv-security-in-5g-challenges-and-best-practices</a></p>



<p class="wp-block-paragraph"></p>
<p>The post <a href="https://www.emfsa.co.za/news/enisa-security-in-5g-challenges-and-best-practices/">ENISA: Security in 5G &#8211; Challenges and Best Practices</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Significance and security risks of 5G technology – EU Council Adopts conclusions</title>
		<link>https://www.emfsa.co.za/news/significance-and-security-risks-of-5g-technology-eu-council-adopts-conclusions/</link>
		
		<dc:creator><![CDATA[Editor]]></dc:creator>
		<pubDate>Wed, 04 Dec 2019 21:13:52 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[5G]]></category>
		<category><![CDATA[Cybersecurity]]></category>
		<category><![CDATA[Economy]]></category>
		<category><![CDATA[ENISA]]></category>
		<category><![CDATA[Eu]]></category>
		<category><![CDATA[Infrastructure]]></category>
		<category><![CDATA[Legal]]></category>
		<category><![CDATA[Risks]]></category>
		<guid isPermaLink="false">https://www.emfsa.co.za/?p=11473</guid>

					<description><![CDATA[<p>Source: https://www.consilium.europa.eu/en/policies/cybersecurity/  Press release 3 December 2019 Today the Council adopted conclusions on the significance of 5G to the European economy and the need to mitigate security risks linked to 5G. The conclusions stress that 5G networks will form a part of crucial infrastructure for the maintenance of vital societal and economic functions. The conclusions also support [&#8230;]</p>
<p>The post <a href="https://www.emfsa.co.za/news/significance-and-security-risks-of-5g-technology-eu-council-adopts-conclusions/">Significance and security risks of 5G technology – EU Council Adopts conclusions</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Source: https://www.consilium.europa.eu/en/policies/cybersecurity/</p>
<ul>
<li class="tag-institution-meta tag-ceu"> Press release 3 December 2019</li>
</ul>
<h6>Today the Council adopted conclusions on the <strong>significance of 5G to the European economy </strong><strong>and the need to mitigate security risks linked to 5G</strong>.</h6>
<p>The conclusions stress that 5G networks will form a part of crucial infrastructure for the maintenance of vital societal and economic functions.</p>
<p>The conclusions also support the findings in the European 5G Risk Assessment published in October by the member states coordination group on network and information security.</p>
<p>The approach to 5G network security is to be comprehensive and risk-based. 5G security is seen as a continuous process, which starts with the selection of the vendors and lasts the whole way through the production of the network elements and the lifetime of the operation of the networks.</p>
<p>Non-technical factors should also be considered when a supplier&#8217;s risk profile is drawn up and components critical for national security should be sourced from trustworthy parties only.</p>
<p>Council conclusions on the significance of 5G to the European economy and the need to mitigate security risks linked to 5G – full text:</p>
<p><a href="https://www.emfsa.co.za/wp-content/uploads/2019/12/st14517-en19.pdf">st14517-en19</a></p>
<h6 class="margin-0">Cybersecurity in Europe: stronger rules and better protection</h6>
<p><a href="https://www.consilium.europa.eu/en/policies/cybersecurity/">https://www.consilium.europa.eu/en/policies/cybersecurity/</a></p>
<p>The post <a href="https://www.emfsa.co.za/news/significance-and-security-risks-of-5g-technology-eu-council-adopts-conclusions/">Significance and security risks of 5G technology – EU Council Adopts conclusions</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>5G and distributed denial of service (DDoS)</title>
		<link>https://www.emfsa.co.za/news/5g-and-distributed-denial-of-service-ddos/</link>
		
		<dc:creator><![CDATA[Editor]]></dc:creator>
		<pubDate>Mon, 28 Oct 2019 12:37:10 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[5G]]></category>
		<category><![CDATA[Critical Systems]]></category>
		<category><![CDATA[DDos]]></category>
		<category><![CDATA[Denial of Service]]></category>
		<category><![CDATA[ENISA]]></category>
		<category><![CDATA[Eu]]></category>
		<category><![CDATA[FDA]]></category>
		<category><![CDATA[Financial Institutions]]></category>
		<category><![CDATA[Healthcare]]></category>
		<category><![CDATA[Hospitals]]></category>
		<category><![CDATA[Infrastructure]]></category>
		<category><![CDATA[IOT]]></category>
		<category><![CDATA[Local Governments]]></category>
		<guid isPermaLink="false">https://www.emfsa.co.za/?p=10663</guid>

					<description><![CDATA[<p>DDoS attacks have been around for 20 years, but the current tech environment is fuelling a renewed interest for them, with 5G set to play a fundamental role. 5G holds a lot of promise for improved communications but may well worsen the DDoS nightmare as it is unfortunately, a breeding ground for distributed denial of service (DDoS) [&#8230;]</p>
<p>The post <a href="https://www.emfsa.co.za/news/5g-and-distributed-denial-of-service-ddos/">5G and distributed denial of service (DDoS)</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>DDoS attacks have been around for 20 years, but the current tech environment is fuelling a renewed interest for them, with 5G set to play a fundamental role.</p>
<p>5G holds a lot of promise for improved communications but may well worsen the DDoS nightmare as it is unfortunately, a breeding ground for distributed denial of service (DDoS) attacks. As a refresher, DDoS attacks are a malicious method of disrupting a website/online service by overwhelming it with too much traffic.</p>
<p>If a website is rendered inoperable, the effects can be felt even years later. The impact can result in lost sales, wasted budgets, dissatisfied users (who may never return), and data theft. What’s more, DDoS attacks can be very damaging to a company’s reputation. Perhaps most frightening of all is that anyone can fall victim at anytime. Think financial institutions, healthcare, local governments – anyone. Thus, this style of attack is highly powerful and should not be underestimated. The biggest risk is that large-scale DDoS attacks take down financial institutions and critical infrastructure. Thus, DDoS mitigation that can cope with attacks in the range of terabits becomes a crucial necessity.</p>
<p><img decoding="async" class="aligncenter wp-image-10668 size-full" src="https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-1.jpg" alt="" width="455" height="70" srcset="https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-1.jpg 455w, https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-1-300x46.jpg 300w" sizes="(max-width: 455px) 100vw, 455px" /></p>
<p><img fetchpriority="high" decoding="async" class="aligncenter wp-image-10670 size-full" src="https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-3.jpg" alt="" width="632" height="337" srcset="https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-3.jpg 632w, https://www.emfsa.co.za/wp-content/uploads/2019/10/ENISA-3-300x160.jpg 300w" sizes="(max-width: 632px) 100vw, 632px" /></p>
<p>ENISA: The first malware targeting safety systems of critical infrastructure: during the reporting period, we have observed Triton which is the first malware that targets Safety Instrumented Systems (SIS)86,87,88 Safety instrumented systems are designed to shut down industrial processes when unsafe operating conditions are reached. Successful exploitation of such systems could lead to serious implications (see Stuxnet89 and Industroyer90). It is expected that the ICS/SCADA domain will be increasingly targeted by advanced threat actors having the capability and intent to execute such operations.</p>
<p><img decoding="async" class="aligncenter wp-image-10669 size-full" src="https://www.emfsa.co.za/wp-content/uploads/2019/10/Denial-of-service.jpg" alt="" width="704" height="329" srcset="https://www.emfsa.co.za/wp-content/uploads/2019/10/Denial-of-service.jpg 704w, https://www.emfsa.co.za/wp-content/uploads/2019/10/Denial-of-service-300x140.jpg 300w" sizes="(max-width: 704px) 100vw, 704px" /></p>
<p>On the 1 st of October 2019 the FDA released a statement informing patients, health care professionals, IT staff in health care facilities and manufacturers of a set of cybersecurity vulnerabilities if exploited by a remote attacker—may introduce risks for medical devices and hospital networks. URGENT/11 affects several operating systems that may then impact certain medical devices connected to a communications network, such as wi-fi and public or home Internet, as well as other connected equipment such as routers, connected phones and other critical infrastructure equipment. These cybersecurity vulnerabilities may allow a remote user to take control of a medical device and change its function, cause denial of service, or cause information leaks or logical flaws, which may prevent a device from functioning properly or at all.</p>
<blockquote class="wp-embedded-content" data-secret="4yGIjxhsVw"><p><a href="https://www.emfsa.co.za/news/fda-informs-patients-providers-and-manufacturers-about-potential-cybersecurity-vulnerabilities-for-connected-medical-devices-and-health-care-networks-that-use-certain-communication-software/">FDA informs patients, providers and manufacturers about potential cybersecurity vulnerabilities for connected medical devices and health care networks that use certain communication software</a></p></blockquote>
<p><iframe loading="lazy" class="wp-embedded-content" sandbox="allow-scripts" security="restricted"  title="&#8220;FDA informs patients, providers and manufacturers about potential cybersecurity vulnerabilities for connected medical devices and health care networks that use certain communication software&#8221; &#8212; EMFSA" src="https://www.emfsa.co.za/news/fda-informs-patients-providers-and-manufacturers-about-potential-cybersecurity-vulnerabilities-for-connected-medical-devices-and-health-care-networks-that-use-certain-communication-software/embed/#?secret=4yGIjxhsVw" data-secret="4yGIjxhsVw" width="600" height="338" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe></p>
<p>On the 9th of October 2019 the EU Member States published  a report on EU coordinated risk assessment of 5G networks security.</p>
<blockquote class="wp-embedded-content" data-secret="dNybbZylFk"><p><a href="https://www.emfsa.co.za/news/eu-wide-coordinated-risk-assessment-of-5g-networks-security/">EU-wide coordinated risk assessment of 5G networks security</a></p></blockquote>
<p><iframe loading="lazy" class="wp-embedded-content" sandbox="allow-scripts" security="restricted"  title="&#8220;EU-wide coordinated risk assessment of 5G networks security&#8221; &#8212; EMFSA" src="https://www.emfsa.co.za/news/eu-wide-coordinated-risk-assessment-of-5g-networks-security/embed/#?secret=dNybbZylFk" data-secret="dNybbZylFk" width="600" height="338" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe></p>
<p>5G’s anticipated exponential spread of high-speed bandwidth and connected IoT means that in addition to widespread motivation, easily available attack tools, and proliferating IoT attack sources, dramatically bigger attacks will be possible because the “5G highway” will have many more lanes to enable vastly higher rates of traffic—both good and bad.</p>
<p>DDoS in a 5G environment</p>
<p>Unfortunately, cyber criminals can make big bucks through 5G vulnerabilities, and what’s worse is that they know it. 5G boasts hyperconnectivity, but this is most certainly going to create an influx of malicious traffic. As the number of connected devices and 5G deployments increase, so will the number of attacks. In particular, cyber criminals will take advantage of any poorly secured devices. However, it’s not just the amount of attacks that are a concern, but how quickly they can spread too.</p>
<p>There is an element of naïvety about business’s capabilities to combat 5G threats in the first place. CISOs (chief information security officers) already struggle to get resources to handle current threats while business leaders push for 5G adoption. Meanwhile, cybercriminals will take the opportunity to exploit higher capacity bandwidth that 5G provides to launch attacks on an unprecedented scale. Most CISOs don’t have the resources they need for pre-5G attacks anyway! Business leaders are ever so enthusiastic about getting on 5G, but CISO resources are so thin on the ground that it may not be enough.</p>
<div>Not only that, but with 5G, we’re delving into the unknown. It’s still a pioneering technology, so we are yet to uncover new vulnerabilities it’s sure to introduce.</div>
<div>
<blockquote class="wp-embedded-content" data-secret="bVQxsv6hNX"><p><a href="https://www.emfsa.co.za/news/massive-ddos-attack-hits-afrihost-axxess-liquid-telecom-webafrica/">Massive DDoS attack hits Afrihost, Axxess, Liquid Telecom, Webafrica</a></p></blockquote>
<p><iframe loading="lazy" class="wp-embedded-content" sandbox="allow-scripts" security="restricted"  title="&#8220;Massive DDoS attack hits Afrihost, Axxess, Liquid Telecom, Webafrica&#8221; &#8212; EMFSA" src="https://www.emfsa.co.za/news/massive-ddos-attack-hits-afrihost-axxess-liquid-telecom-webafrica/embed/#?secret=bVQxsv6hNX" data-secret="bVQxsv6hNX" width="600" height="338" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe></p>
</div>
<div></div>
<div>Sources:</div>
<div></div>
<div><a href="https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018">https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018</a></div>
<div><a href="https://www.scmagazineuk.com/security-concerns-5g-era-networks-ready-massive-ddos-attacks/article/1584554">https://www.scmagazineuk.com/security-concerns-5g-era-networks-ready-massive-ddos-attacks/article/1584554</a></div>
<div><a href="https://www.allot.com/blog/telegram-ddos-attack-blames-china/">https://www.allot.com/blog/telegram-ddos-attack-blames-china/</a></div>
<div></div>
<div>
<p><a href="https://www.em360tech.com/continuity/tech-news/opinion-piece/5g-and-ddos-attacks/">https://www.em360tech.com/continuity/tech-news/opinion-piece/5g-and-ddos-attacks/</a></p>
</div>
<div></div>
<div></div>
<p>The post <a href="https://www.emfsa.co.za/news/5g-and-distributed-denial-of-service-ddos/">5G and distributed denial of service (DDoS)</a> appeared first on <a href="https://www.emfsa.co.za">EMFSA</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
