Informed by our daily reporting, the Gate 15 Threat and Risk Analysis Cell (TRAC) is happy to release our first weekly reports of 2017 addressing the global, all-hazards threat environment.
Wednesday’s Threat Dashboard addressed two critical infrastructure cybersecurity concerns relating to medical devices and the Healthcare and Public Health (HPH) 
Sector as well as energy and the US Department Of Energy’s Quadrennial Energy Review. The weekly also noted Daesh’s newest issue of their e-mag Rumiyah, where the terrorist group promotes arson attacks against a variety of potential targets (to include a variety of commercial facilities, residential structures, automotive facilities, hospitals, schools, churches [specifically calling out a Dallas, Texas mega church] and encouragement for starting forest fires) and we also addressed the confusion that comes with physical attacks and false alarms, noting that recent events should reinforce the need for established emergency plans validated via regular drills and more complex operational exercises.
Thursday’s Torpedo Report, takes a deeper dive on medical device cybersecurity, with a broader look at the collaboration and proactive leadership exemplified by the National Health Information Sharing and Analysis Center (NH-ISAC), Medical Device Innovation Safety and Security Consortium (MDISS) to work with members and partners to enhance the security and resilience of the HPH Sector. Jon Crosson and Dave Pounder wrote, “Medical devices are big business and we assess with high confidence that the threats from malicious actors seeking to capitalize on personal and health data contained within critical medical devices will only grow over the next year. Medical devices can be vulnerable to security breaches that can impact the safety and effectiveness of the device. Though medical devices are unique, the cybersecurity threats to medical device security are the same that threaten other software-controlled, network-enabled devices. As more connected medical devices are being introduced into the ecosystem, more security vulnerabilities are likely to be exposed. The vulnerabilities increase as medical devices are connected to the Internet, hospital networks and to other medical devices. Medical device security is now recognized as a public health issue with potential impacts to patient safety and critical infrastructure.”
Addressing the Medical Device Vulnerability Intelligence Program for Evaluation and Response (MD-VIPER; the ISAO for the medical device community), and the broader community of ISACs and ISAOs, The Torpedo continues stating, “The issues being addressed through MD-VIPER demonstrate the way ISAOs and ISACs can bring together members, experts and other key stakeholders to collaborate in a deliberate and trusted environment. With rapid innovation and increasing dependence of physical systems on internet-based technology, information sharing organizations will continue to play a critical role in bringing together individuals and organizations to understand evolving and potential threats and to identify best practices and actions that can mitigate disruptive and potentially life-threatening attacks.”
Shifting focus to terrorism threats and Daesh’s Rumiyah, the team notes that this publication, in addition to other terrorist writings, could easily be dismissed as aspirational propaganda, but these publications do reach an audience and are proven influencers for would-be jihadists. These publications give voice to the core leadership to encourage their supporters to carry on attacks, and provide advice and assistance on evading detection and carrying on their fight. Therefore, the threats mentioned therein are relevant and leaders should be aware of the encouraged and viable threat courses of action.
“However, there is also a need to reasonably assess the propaganda and maintain perspective. It would be an oversimplification to assess a direct correlation between attacks mentioned within these magazines and the conduct of a physical attack. In some instances, an attack will occur, only to be included within this propaganda after the fact. Additionally, arson attacks, as specifically mentioned by Daesh in this publication, were previously brought up by al-Qaeda’s Inspire Magazine in 2012. Some attributed European forest fires later that year to the group, and just last November a notable fire in Israel was claimed by an al-Qaeda linked group. While Daesh does represent the most active voice among jihadists right now, the basic threats, terrorist tactics, techniques and procedures are not necessarily innovative or original. Organizations should continue to remain cognizant of all potential threats and the impacts to their organizations and, after assessing the risk, conduct appropriate preparedness and operational activities to counter the most serious concerns.”
The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.
To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.
Follow our Gate 15 team on Twitter: @Gate_15_Analyst; and our Gate 15 page on LinkedIn and subscribe to our free daily and weekly products!
