EU adopts cyber resilience act – and other cybersecurity news to know this month
Cyber resilience act: a new EU law establishes cybersecurity requirements for digital products such as TVs and toys. Image: Unsplash/Adi Goldstein
- This regular round-up brings you key cybersecurity stories from the past month.
- Top cybersecurity news: October marks Cybersecurity Awareness Month; EU adopts cyber resilience act; American Water recovers from cyberattack; US judges warned of cyber risks in election cases.
- The World Economic Forum’s Centre for Cybersecurity provides an independent and impartial platform to reinforce the importance of cybersecurity as a strategic imperative and drive global public-private action to address systemic challenges.
1. EU implements cyber resilience act to protect digital product users
The European Union has adopted a new law establishing cybersecurity requirements for products with digital elements, including home cameras, fridges, TVs and toys.
The "cyber resilience act" aims to create a cohesive framework for cybersecurity across the EU by setting uniform standards for the design, development and production of hardware and software products.
All applicable products will display a CE marking, indicating compliance with safety and security standards. While exceptions apply to specific categories such as medical devices, aeronautical products and cars, the law will cover all products connected directly or indirectly to other devices or networks.
The regulation will empower consumers to prioritize cybersecurity when choosing digital products, simplifying the identification of those with adequate security features, according to the European Council.
The law is expected to take effect 36 months after its official publication, following legislative approval by EU leaders.
2. American Water restores systems after cybersecurity incident
American Water, the largest US water and wastewater utility, is reconnecting its systems after a cybersecurity incident reported on 7 October.
Serving over 14 million people across 14 states, the company confirmed its water and wastewater facilities were unaffected. Systems are being restored with enhanced security protocols and billing has resumed.
“This attack highlights the vulnerability of water treatment facilities and other critical infrastructure to cyberattacks,” Nick Creath, Senior Global Product Manager at Rockwell Automation told cybersecurity news site, Dark Reading.
He added that operators must prioritize cybersecurity to minimalize vulnerability to future attacks.
"This incident serves as a wake-up call for operators to ensure that cybersecurity is integrated into both new and legacy systems to prevent service disruptions or more severe consequences."
3. News in brief: Top cybersecurity stories this month
US federal judges have been warned of potential cyber threats targeting election-related litigation. During a recent Judicial Conference meeting, US Circuit Judge Michael Scudder urged vigilance, citing foreign efforts to spread misinformation and past breaches, including a 2020 attack on the judiciary's document-filing system.
Britain has imposed sanctions on 16 members of a Russian cybercrime group. 'Evil Corp' has allegedly been directed by Russian intelligence to target NATO allies, Reuters reports. The sanctions, coordinated with US and Australian officials, include asset freezes and travel bans.
Türkiye is reviewing security measures for communication devices used by its armed forces following the deadly blasts in Lebanon, a defence ministry official told Reuters.
South Korean law-makers have passed a bill making it a crime to possess or view sexually explicit deepfake images and videos. The legislation imposes penalties that include prison terms and fines.
An international law enforcement operation has dismantled Ghost, an encrypted platform used for drug trafficking and money laundering, Europol announced. Resulting in 51 arrests and the seizure of weapons, drugs and over $1.11 million in cash, the operation involved authorities from multiple countries, including the US, Australia and several European nations.
Wi-Fi networks at several UK train stations were temporarily suspended on 25 September following a cybersecurity incident, according to the Guardian. Reports indicated that some passengers accessing the networks were redirected to a webpage featuring Islamophobic messages and details of past terrorist attacks.
How is the Forum tackling global cybersecurity challenges?
4. More about cybersecurity on our blog
October is Cybersecurity Awareness Month, highlighting the growing challenges of AI-generated disinformation and increased cyber risks. As the world faces these threats, here are 10 key events and statistics to help understand the global cybersecurity landscape in 2024.
The COVID-19 pandemic has drastically reshaped global education, pushing institutions to rely on digital devices for teaching. However, this shift has also led to a rise in cyberattacks targeting the education sector. To combat these threats, institutions must develop cyber action plans and integrate cybersecurity into their curricula. Learn more about the urgent need for enhanced cybersecurity in education.