Maggioli Spa (MAG) in collaboration with Focal Point sprl (FP) and Hyperborea Srl (HYPER) is currently investigating, in the context of the CYRENE EU H2020 project, potential cyber attack paths on interconnected Critical Infrastructures (CIs) which operate for the provision of supply chain services. An attack path is performed when an adversary successfully exploits gradually a sequence of vulnerabilities (vulnerability chains) identified upon a number of interconnected assets of interdependent IT infrastructures aiming to infiltrate into critical systems of a supply chain service (SCS) and cause damage to them. In this manner, they may sabotage the normal operations of the services by taking advantage of them to conduct malicious actions or cause a data leak. This could considerably harm organizations involved that could even distort the entire supply chain service performance leading to serious consequences, such as financial loss or compromise of people’s privacy from data exposure.
To be able to tackle such events and improve the level of security on CIs, the technical aspects of attacks and adversaries’ behavior need to be highly analysed. In the frame of the CYRENE’s Risk and Conformity Assessment working procedures to promote a solution that evaluates the security, resilience, and reliability of SCS infrastructures, MAG along with FP and HYPER has delved into relevant and complex attack scenarios and developed an approach that measures the cascading effects on these infrastructures in view of an attack path implementation. As the next step, MAG is currently working on deploying an attack behavior simulation environment that will utilize the produced metrics to recognize attack patterns and provide forecasting capabilities related to attacks on SCS infrastructures. Through this environment, supply chain end-users will be allowed to experiment with different attack scenarios and review the results and the impact on their assets which are used for the SCS execution.
An attack graph discovery experience is loading . . . stay tuned!
So what do you think? Would your organization use the CYRENE Solution? Reach out to us and share your views either by using our contact form or by following our social media accounts on Twitter and LinkedIn.
Don’t forget to subscribe to our Newsletter for regular updates!
This blog is signed by: the MAG team
Project Coordinator: Sofoklis Efremidis
Institution: Maggioli SPA
Duration: 36 months
Participating organisations: 14
Number of countries: 10
Mrs. Ifigeneia Lella joined ENISA in 2016 as Cybersecurity Officer. Invited as a speaker at the CYRENE INFO DAY 2022 she will present the ENISA Threat Landscape project. Join us physically or virtually on Friday, October 7th at 09:00 CEST Register here: https://t.co/DW39nlpqZh...Read More
@CYRENE_H2020 is expanding its presence on the web! Follow us on our social media! Check out here where you can find us online and connect with us on LinkedIn, Youtube, and Twitter #supplychain #cybersecurity #standardisation https://t.co/KdVGiRFVxQRead More
We are happy to invite you to the CYRENE 3rd INFO DAY, which will take place between 09:00 and 16:30 CET on the 7th of October 2022 at CRF premises in Turin, Italy, and also virtually via the Microsoft Teams platform. Register now: https://t.co/4n5VUg4ViPRead More
@CYRENE_H2020 was one of the sponsors of the CyberHOT Summer School 2022. that started yesterday, Thursday 29th, and continued today Friday, September 30, under the auspices of the NATO Maritime Interdiction Operational Training Center (NMIOTC). https://t.co/PjUWBvPcFIRead More
This project has received funding from the European Union’s Horizon 2020 Research and Innovation program under grant agreement No 952690. The website reflects only the view of the author(s) and the Commission is not responsible for any use that may be made of the information it contains.