Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A piece of malware named Supernova and a zero-day vulnerability exploited to deliver this malware indicate that SolarWinds may have been targeted by a second, unrelated threat actor. [Read More]
North Korea state-sponsored hacking group Lazarus goes after entities related to COVID-19 research in recent attacks. [Read More]
President-elect Joe Bide, who has received intelligence briefings on key national security issues, says much remains unknown about the extent of the damage from the attack. [Read More]
SolarWinds told the SEC that its executives were not aware that the company had been breached when they decided to sell stock. [Read More]
Tens of phones belonging to Al Jazeera journalists were infected with Pegasus spyware using an iMessage zero-click zero-day exploit. [Read More]
VMware and Cisco have shared information on the impact of the SolarWinds incident on their systems, and VMware has responded to reports that one of its products was exploited in the attack. [Read More]
The Pentagon is proposing to end an arrangement in which a single military officer leads U.S. Cyber Command and the NSA, a move that a leading Democrat said Saturday, Dec. 19, 2020, makes him “profoundly concerned” amid a large-scale cyberattack on U.S. government computer systems. [Read More]
Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China — not Russia — may be behind the cyberattack against the United States and tried to minimized its impact. [Read More]
NATO said it was checking its computer systems after a massive cyberattack on US government agencies and others that Washington blamed on Moscow. [Read More]
Russia was "pretty clearly" behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. [Read More]

FEATURES, INSIGHTS // Cyberwarfare

rss icon

James McFarlin's picture
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
Tal Be'ery's picture
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
Jeffrey Carr's picture
The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace.
Eric Knapp's picture
Enemy infrastructure is and always has been an important military target. The difference is that with increasingly automated and connected infrastructure, the ability for an enemy to target these systems digitally has increased, putting these systems at greater risk.
Mark Hatton's picture
I believe that no other nation can match the capabilities of the United States military, but at the same time, matching the level of resources and investment in cyber being made by nation states such as China could prove impossible.
Danelle Au's picture
The building blocks for a robust cybersecurity strategy are not uniquely different from security requirements for a traditional enterprise...
Oliver Rochford's picture
When the Chinese government states that it is not behind most of these attacks – it is possibly telling the truth. That the Chinese government has offensive cyber capabilities are not disputed. What is not a given is that all of this activity has been officially prompted or sanctioned.
Oliver Rochford's picture
It remains to be seen how the big powers will come to agree on the precise rules to govern cyber operations – currently the international legal status is uncertain, but the little players had better concentrate on improving old and developing new defensive measures.
Oliver Rochford's picture
Cyberwar, at least the type where infrastructure or actual lives are targeted and destroyed, will not just happen for the fun of it. There are consequences to any such activity, as recent policy activity and policy makers make clear.
Oliver Rochford's picture
It is because of the ambiguities and problems of definition and categorization that an International Agreement on acceptable and agreed cyber operations is the wisest and safest course of action.