When it comes to cyber-threats and defense, the U.S. government says that critical infrastructure threats are a growing concern. Rob Joyce, senior advisor of cybersecurity strategy for the National Security Agency (NSA), said that while attacks targeting the systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors have been around for awhile, the trend “is going the wrong way.”
Attackers have been targeting critical infrastructure for a while: including the 2016 Ukrainian outage and going all the way back to the 2013 Iranian DDoS attacks. According to a Kaspersky Lab report earlier this year, a full 41.2 percent of industrial control system (ICS) were attacked by malicious software at least once in the first half of 2018.
Read more about the cyber-threats to critical infrastructure on Threatpost.
Adam Kujawa, Director of Malwarebytes Labs, has been contemplating the evolution of malware attack and defense, attempting to work out strategies to stay ahead of cybercriminals in what has always been a technological game of leapfrog.
While malware has continued its trajectory of increasing stealth and persistence, defenders currently have the edge with their introduction of artificial intelligence (AI) and machine learning (ML). Meanwhile, the criminals have adapted their methodology by seeking to ‘fly under the radar’ of defense systems, and to add persistence to their infiltrations.
Read more about Adam Kujawa’s view on the evolution of malware attack and defense on SecurityWeek.
To address the growing concern of cyber-warfare, NATO has launched the “Cyber Coalition 2018” in Estonia. The exercise is a “War Game” focused on defense and counter-attack in the arena of digital battle.
The activity is taking place just 50 kilometres (30 miles) from the border with Russia, seen by the West as the biggest cyber threat after a string of attacks blamed on the Kremlin. Targets have included world sports bodies, the US Democratic Party and the world chemical weapons watchdog in the Netherlands. NATO says such assaults are becoming more “frequent, complex, destructive and coercive”, and are launched not just by state actors like Russia, China and North Korea but also by criminal gangs intent on extortion and “hacktivists” looking to embarrass big organisations.
Different credentials are used by billions of users daily to authenticate themselves in their physical and digital lives. From physical keys to tokens and cards to login and password combinations – all are vulnerable to attack. According to Verizon, 81% of hacking-related breaches leveraged either stolen and/or weak passwords.
Obtaining valid credentials using multiple mechanisms and tools continues to be extremely lucrative for a cyber-criminal. However, with a greater understanding of the lifecycle of a stolen credential, under-pressure security teams can put in place effective countermeasures to prevent attacks and mitigate the damage when one happens.
Read more about how early detection of compromised credentials can help mitigate the damage of cyberattacks on Infosecurity Magazine.
UK ministers are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.
The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”. It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.
Nearly two-thirds of business professionals aren’t confident in their abilities to prevent and address serious cyberattacks, according to a recent report from the Ponemon Institute and Illusive Networks. The report analyzed how effective organizations are in minimizing damage caused by silent attackers.
The study surveyed 627 IT and IT security practitioners within the US, who are all involved in the IT security solutions and practices within their organizations. Security budgets are expected to increase in the coming year, with threat detection spending growing from 32% to 40%, but preventative security control spending is dropping from 31% to 18%, the report found.
Read more about the findings of the new report on TechRepublic.
The United States will soon officially have a single agency that takes the lead role for cybersecurity. Congress has passed legislation to establish a new cybersecurity agency within the Department of Homeland Security. The House on Tuesday unanimously passed the measure, the CISA Act, which won Senate approval earlier. It now awaits President Trump’s signature.
The new Cybersecurity and Infrastructure Security Agency will have the same stature as other units within DHS, such as the U.S. Secret Service or Federal Emergency Management Agency. The National Protection and Programs Directorate, or NPPD, will be reorganized into the new agency.
C-level executives rank cybersecurity as the no. 1 challenge they face for the third consecutive year, as more than 85% of companies report experiencing a breach in the past three years, according to a recent report from global management consulting firm A.T. Kearny.
However, only 39% of the 400 executives and board members surveyed said their company has fully developed and implemented a cyber defense strategy, putting them at increased risk for future attacks. 37% said their company has yet to create a cyber defense strategy at all, while the remaining 24% said their company has developed a strategy, but has yet to fully implement it.
Read more about the findings of the A.T. Kearny report on TechRepublic.
The three nations that are the largest cyber threats to the United States are, in no particular order, North Korea, Russia and China. They have been reverse-engineering our technology for a number of years, dating back to the beginning of the Cold War. The originators of some of the most devastating cyber-attacks have been based in these three countries, such as WannaCry and mass cryptocurrency theft (North Korea), Petya/NotPetya (Russia), and multiple data breaches (China).
The end of the Cold War meant that the countries that threatened American democracy didn’t go away. They adapted to use technology to attack us instead. Now that the extent of these attacks is being made known, we have two choices, according to CSO’s Mitchell Parker. Either we can continue to do little, or own and accept what’s happened and improve our situation.
Read more about Mitchell Parker’s insights on CSO.
On September 20, 2018, the White House released a new cybersecurity strategy with several important changes in direction meant to give government agencies and law enforcement partners a greater ability to respond to cybercrime and nation-state attacks.
The new U.S. cyber strategy makes one message clear: America will not sit back and watch when attacked in cyberspace. On the contrary, in areas ranging from critical infrastructure to space exploration to intellectual property protection, the USA will respond offensively, as well as defensively in cyberspace.
Read everything you need to know about the new U.S. national cybersecurity strategy on Tripwire.