Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The U.S. could launch a cyberattack on Iran in response to the recent drone attack on major oil facilities in Saudi Arabia. [Read More]
Australia reportedly determined that China hacked its parliament and political parties, but decided not to make public accusations to avoid disrupting trade relations. [Read More]
The question now is not whether there will be foreign attempts against the 2020 elections, but what can be done to protect the vote. [Read More]
The US Treasury on Friday placed sanctions on three North Korea government-sponsored hacking operations which it said were behind the theft of possibly hundreds of millions of dollars and destructive cyber-attacks on infrastructure. [Read More]
The Russian hackers behind the 2016 Crashoverride/Industroyer attack that caused a power outage in Ukraine may have been hoping to cause more serious damage. [Read More]
Poland will launch a cyberspace defense force by 2024 made up of around 2,000 soldiers qualified in cybersecurity. [Read More]
A North Korea-linked hacker group tracked as Kimsuky and Smoke Screen has been using uncommon file formats to help their malware evade detection. [Read More]
Americans commemorated 9/11 with solemn ceremonies and vows Wednesday to “never forget” 18 years after the deadliest terror attack on American soil. [Read More]
The China-linked threat actor tracked as Thrip has continued to target entities in Southeast Asia and Symantec has determined that it’s actually a subgroup of Billbug/Lotus Blossom. [Read More]
Industry professionals comment on reports that an Iranian mole helped the US and Israel plant the Stuxnet malware on computers at an Iranian nuclear facility. [Read More]
FEATURES, INSIGHTS // Cyberwarfare
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace.
Enemy infrastructure is and always has been an important military target. The difference is that with increasingly automated and connected infrastructure, the ability for an enemy to target these systems digitally has increased, putting these systems at greater risk.
I believe that no other nation can match the capabilities of the United States military, but at the same time, matching the level of resources and investment in cyber being made by nation states such as China could prove impossible.
The building blocks for a robust cybersecurity strategy are not uniquely different from security requirements for a traditional enterprise...
When the Chinese government states that it is not behind most of these attacks – it is possibly telling the truth. That the Chinese government has offensive cyber capabilities are not disputed. What is not a given is that all of this activity has been officially prompted or sanctioned.
It remains to be seen how the big powers will come to agree on the precise rules to govern cyber operations – currently the international legal status is uncertain, but the little players had better concentrate on improving old and developing new defensive measures.
Cyberwar, at least the type where infrastructure or actual lives are targeted and destroyed, will not just happen for the fun of it. There are consequences to any such activity, as recent policy activity and policy makers make clear.
It is because of the ambiguities and problems of definition and categorization that an International Agreement on acceptable and agreed cyber operations is the wisest and safest course of action.
SecurityWeek Daily Briefing
- Mozilla Hardens Firefox Against Injection Attacks
- California Attorney General Outlines How State Will Enforce Upcoming Privacy Law
- Critical Flaw in Sophos Cyberoam Appliances Allows Remote Code Execution
- Why All Security Disciplines Should Use the Intelligence Cycle
- Alleged Hacker Arraigned on $1.4 Million Cryptocurrency Fraud Charges
- Majority of Simjacker Attacks Aimed at Mobile Phones in Mexico
- Thoma Bravo to Acquire Sophos for $3.9 Billion
- Compromised AWS API Key Allowed Access to Imperva Customer Data
- Amazon Calls for Government Regulation of Facial Recognition Tech
- 'Attor' Cyber-Espionage Platform Used in Attacks Aimed at Russia
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy