Tag: Cyber Defense

Is Malware Heading Towards a WarGames-style AI vs AI Scenario?

Adam Kujawa, Director of Malwarebytes Labs, has been contemplating the evolution of malware attack and defense, attempting to work out strategies to stay ahead of cybercriminals in what has always been a technological game of leapfrog.

While malware has continued its trajectory of increasing stealth and persistence, defenders currently have the edge with their introduction of artificial intelligence (AI) and machine learning (ML). Meanwhile, the criminals have adapted their methodology by seeking to ‘fly under the radar’ of defense systems, and to add persistence to their infiltrations.

Read more about Adam Kujawa’s view on the evolution of malware attack and defense on SecurityWeek.

NATO Practicing Cyber-Warfare Games

To address the growing concern of cyber-warfare, NATO has launched the “Cyber Coalition 2018” in Estonia. The exercise is a “War Game” focused on defense and counter-attack in the arena of digital battle.

The activity is taking place just 50 kilometres (30 miles) from the border with Russia, seen by the West as the biggest cyber threat after a string of attacks blamed on the Kremlin. Targets have included world sports bodies, the US Democratic Party and the world chemical weapons watchdog in the Netherlands. NATO says such assaults are becoming more “frequent, complex, destructive and coercive”, and are launched not just by state actors like Russia, China and North Korea but also by criminal gangs intent on extortion and “hacktivists” looking to embarrass big organisations.

Read more about the NATO cyber war games on The New American.

Why Deep Defense Should Start with Detecting Compromised Credentials

Different credentials are used by billions of users daily to authenticate themselves in their physical and digital lives. From physical keys to tokens and cards to login and password combinations – all are vulnerable to attack. According to Verizon, 81% of hacking-related breaches leveraged either stolen and/or weak passwords.

Obtaining valid credentials using multiple mechanisms and tools continues to be extremely lucrative for a cyber-criminal. However, with a greater understanding of the lifecycle of a stolen credential, under-pressure security teams can put in place effective countermeasures to prevent attacks and mitigate the damage when one happens.

Read more about how early detection of compromised credentials can help mitigate the damage of cyberattacks on Infosecurity Magazine.

UK ‘wholly’ unprepared to stop devastating cyber-attack, MPs warn

UK ministers are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.

The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”. It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.

Read more about this story on The Guardian.

The majority of business pros aren’t able to prevent cyberattacks

Nearly two-thirds of business professionals aren’t confident in their abilities to prevent and address serious cyberattacks, according to a recent report from the Ponemon Institute and Illusive Networks. The report analyzed how effective organizations are in minimizing damage caused by silent attackers.

The study surveyed 627 IT and IT security practitioners within the US, who are all involved in the IT security solutions and practices within their organizations. Security budgets are expected to increase in the coming year, with threat detection spending growing from 32% to 40%, but preventative security control spending is dropping from 31% to 18%, the report found.

Read more about the findings of the new report on TechRepublic.

Congress Approves New DHS Cybersecurity Agency

The United States will soon officially have a single agency that takes the lead role for cybersecurity.  Congress has passed legislation to establish a new cybersecurity agency within the Department of Homeland Security. The House on Tuesday unanimously passed the measure, the CISA Act, which won Senate approval earlier. It now awaits President Trump’s signature.

The new Cybersecurity and Infrastructure Security Agency will have the same stature as other units within DHS, such as the U.S. Secret Service or Federal Emergency Management Agency. The National Protection and Programs Directorate, or NPPD, will be reorganized into the new agency.

Read more about the new US Cybersecurity Agency on BankInfoSecurity.

Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy

C-level executives rank cybersecurity as the no. 1 challenge they face for the third consecutive year, as more than 85% of companies report experiencing a breach in the past three years, according to a recent report from global management consulting firm A.T. Kearny.

However, only 39% of the 400 executives and board members surveyed said their company has fully developed and implemented a cyber defense strategy, putting them at increased risk for future attacks. 37% said their company has yet to create a cyber defense strategy at all, while the remaining 24% said their company has developed a strategy, but has yet to fully implement it.

Read more about the findings of the A.T. Kearny report on TechRepublic.

Defense, security and the real enemies

The three nations that are the largest cyber threats to the United States are, in no particular order, North Korea, Russia and China. They have been reverse-engineering our technology for a number of years, dating back to the beginning of the Cold War. The originators of some of the most devastating cyber-attacks have been based in these three countries, such as WannaCry and mass cryptocurrency theft (North Korea), Petya/NotPetya (Russia), and multiple data breaches (China).

The end of the Cold War meant that the countries that threatened American democracy didn’t go away. They adapted to use technology to attack us instead. Now that the extent of these attacks is being made known, we have two choices, according to CSO’s Mitchell Parker. Either we can continue to do little, or own and accept what’s happened and improve our situation.

Read more about Mitchell Parker’s insights on CSO.

U.S. National Cyber Strategy: What You Need to Know

On September 20, 2018, the White House released a new cybersecurity strategy with several important changes in direction meant to give government agencies and law enforcement partners a greater ability to respond to cybercrime and nation-state attacks.

The new U.S. cyber strategy makes one message clear: America will not sit back and watch when attacked in cyberspace. On the contrary, in areas ranging from critical infrastructure to space exploration to intellectual property protection, the USA will respond offensively, as well as defensively in cyberspace.

Read everything you need to know about the new U.S. national cybersecurity strategy on Tripwire.

An investigation into how cyber ready businesses really are

The more cyber ready a business becomes, the better its overall business outcomes. Vodafone’s Cyber Ready Barometer notes 48% of cyber ready businesses are reporting more than 5% increases in annual revenue as well as high stakeholder trust levels. Despite this, the research also shows that only 24% of businesses globally could reasonably call themselves cyber ready.

Cyber readiness, according to the report, is a mix of different measures including cyber operations, cyber strategies, cyber resilience, an understanding of risk and employee awareness.

Read more about the findings of the Vodafone report on Help Net Security.