Tag: Cyber Defense

Security analytics to reach $12 billion by 2024

Amid a maelstrom of cybersecurity threats and rampant hacking attempts that leverage the power of the IoT against itself, organizations are forced to realize that they are on the losing side of this war.

As such, market vendors have no choice but to enhance their cybersecurity arsenal with more sophisticated tools which allow a deeper understanding of their users, devices, and systems. This will drive the security analytics market toward an impressive revenue of $12 billion by 2024, according to ABI Research.

Read more about the prognosis by ABI Rresearch on Help Net Security.

Four big questions for cybersecurity in 2019

How will cybersecurity experts remember 2018? In the past year, the Trump administration announced it would take more offensive hacking operations against foreign countries, the Department of Justice announced sweeping indictments against Chinese hackers and the U.S. intelligence community reported that foreign countries continued to interfere in American elections.

So what comes next? Read four overarching questions for the cybersecurity community in 2019 on FifthDomain.

The solution to dysfunctional cybersecurity and network teams

One might expect people on different teams of a company’s IT department to be on the same page and have a certain amount of work-related trust for each other. However, a BlueCat Networks sponsored International Data Group (IDG) survey found that this isn’t always the case.

Over 65% of respondents indicated their company has experienced two or more cybersecurity events, while only 38% of the survey participants believe their organization is capable of defending against a cybersecurity event. The report does not mince words as to why: “Business investments in network operations and cybersecurity may be shortchanged if the teams responsible for those areas aren’t collaborating.”

Read more about the report’s findings and implications on TechRepublic.

6 Ways to Anger Attackers on Your Network

When you see an attacker on your network, it’s understandable to want to give them a taste of their own medicine. But how can you effectively anger intruders when “hacking back” is illegal?

“There are times when I have really wanted to strike back, but you can’t and you don’t,” says Gene Fredriksen, chief information security strategy for PCSU. However, there are several steps you can take to anger attackers without actively targeting them in response. The idea is to get the bad guy to think twice, he explains, and let them know you’re serious.

Read about some of the most effective ways to frustrate, deceive, and annoy attackers without risking legal consequences, on DarkReading.

How the new acting Pentagon chief views cybersecurity

President Donald Trump announced in a Dec. 23 tweet that Patrick Shanahan will become acting secretary of defense Jan. 1, replacing outgoing Pentagon chief Jim Mattis two months early. While it is not clear how long Shanahan will remain in the job, he is on the short list of officials who could become the full-time Pentagon chief.

Regardless of the length of his tenure, Shanahan, the Pentagon deputy since 2017, has been one of the Pentagon’s top advocates for stronger contractor cybersecurity and IT acquisition and will lead the department months after it was given expansive and loosely defined authorities to conduct offensive cyber operations. How Shanahan will handle these greater cyber authorities, even on a temporary basis, remains an open question.

Read more about the Pentagon chief’s cybersecurity views on Fifth Domain.

Idaho lab protects US infrastructure from cyber attacks

It’s called the “Dark Side” because the 50 workers there prefer to keep the lights low so they can dim the brightness on their computer screens. Or maybe it’s because of what they do in cyber research and development. Questions about exactly what goes on at the heart of one of the United States’ primary cybersecurity facilities at the Idaho National Laboratory (INL) aren’t always answered, and photos by outsiders aren’t allowed.

What is shared is that the U.S. is rushing to catch up with what cybersecurity experts say are threats by hackers to systems that operate energy pipelines, hydroelectric projects, drinking water systems and nuclear power plants across the country.

Read more about the cybersecurity program of the INL on Phys.org.

China On The March: Cybersecurity And Hidden Risks

The recent arrest of Huawei’s chief financial officer Wanzhou in Canada at the request of U.S. officials over unspecified accusations is just the latest example of countries attempting to contain Chinese ambitions, often expressed through that country’s state-owned companies. It was widely reported that Huawei may have broken U.S. sanctions by doing business with Iran.

Trouble for the company worsened over the last week when the Wall Street Journal reported that spy chiefs from Australia, Canada, New Zealand, the U.K., and the United States agreed during a July meeting that the company’s influence needed to be limited.

Read more about the growing concerns about China’s ambitions, including its attempts to infiltrate the U.S. transportation industry, on Forbes.

Lax Controls Leave Fortune 500 Overexposed On the Net

Large companies are leaving easy-to-exploit systems exposed on the public Internet, raising the risk of a serious future compromise, according to data from two cybersecurity firms.

Rapid7 found that the average Fortune 500 firm had approximately 500 servers and devices connected to the Internet, with five- to 10 systems exposing Windows file-sharing or Telnet services. Fifteen out of the 21 industry sectors on which Rapid7 collected data had at lease one member allowing public access to a Windows file-sharing service. Both Rapid7’s report and an earlier report by security monitoring firm BitSight found that larger firms were likely to have self-inflicted holes in their defenses.

Read more about the findings of the two reports on DarkReading.

US ballistic missile systems have very poor cyber-security

No data encryption, no antivirus programs, no multifactor authentication mechanisms, and 28-year-old unpatched vulnerabilities are just some of the cyber-security failings described in a security audit of the US’ ballistic missile system released on Friday by the US Department of Defense Inspector General (DOD IG).

The report [PDF] was put together earlier this year, in April, after DOD IG officials inspected five random locations where the Missile Defense Agency (MDA) had placed ballistic missiles part of the Ballistic Missile Defense System (BMDS) –a DOD program developed to protect US territories by launching ballistic missiles to intercept enemy nuclear rockets.

Read more about the highly worrisome findings of the report on ZDNet.

Secure Critical Infrastructure Top of Mind for U.S.

When it comes to cyber-threats and defense, the U.S. government says that critical infrastructure threats are a growing concern. Rob Joyce, senior advisor of cybersecurity strategy for the National Security Agency (NSA), said that while attacks targeting the systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors have been around for awhile, the trend “is going the wrong way.”

Attackers have been targeting critical infrastructure for a while: including the 2016 Ukrainian outage and going all the way back to the 2013 Iranian DDoS attacks. According to a Kaspersky Lab report earlier this year, a full 41.2 percent of industrial control system (ICS) were attacked by malicious software at least once in the first half of 2018.

Read more about the cyber-threats to critical infrastructure on Threatpost.