Author Archives: Artificialcybernet

State Department Launches New Cybersecurity BureauThe bureau will bolster US diplomatic efforts to protect against cybersecurity threats from nations like Russia and China.April 4, 2022 by See full bioThe State Department on Monday launched a new cybersecurity bureau in an effort to make digital security a part of US foreign policy at a time when authoritarian regimes in Russia and China are increasingly trying to influence the internet.The move revives a bureaucratic structure that had been dismantled by the Trump administration, which was looking to cut red tape and streamline the diplomatic office. The new bureau will put in place a high-ranking cyber diplomat along with other diplomatic personnel and expertise to focus on addressing cyberthreats, global internet freedom, surveillance risks and to work with US allies to set international norms and standards on emerging technology. Secretary of State Antony Blinken had announced the establishment of the new Bureau of Cyberspace and Digital Policy at the State Department in October as part of an effort to reorganize and modernize the agency to meet 21st century needs. The new agency comes as Russia wages war in Ukraine and experts warn that the war could spur cyberwarfare meant to take out critical infrastructure like electrical grids, banks and communications. Such attacks can cause widespread destruction and are potentially deadly if they close hospitals and nursing homes. While no widespread attack has been waged thus far, the potential exists, experts say. Meanwhile, the US has long worried about cyberattacks from China. In July, the Biden administration blamed China for the cyberattack on the Microsoft Exchange email server software in early 2021. It said hackers linked to China’s Ministry of State Security exploited vulnerabilities to “compromise tens of thousands of computers and networks worldwide.”The US government has also adopted policies to limit or ban certain companies with ties to the Russian and Chinese governments from doing business in the US, for fear that the technologies from those companies could be used to spy on Americans or attack US communications networks. The new bureau is being established more than four years after then-Secretary of State Rex Tillerson merged the Office of the Coordinator for Cyber Issues with another State Department office. In the final days of the Trump administration, then-Secretary of State Mike Pompeo tried to reestablish the Bureau of Cybersecurity and Emerging Technology.The establishment of a new bureau within the State Department has gotten bipartisan support. Earlier this year, the House passed the Cyber Diplomacy Act, which would establish a cybersecurity bureau at the State Department and ensure it’s led by an official appointed by the president with the level of ambassador. The State Department said Monday that the new office will include three policy units: international cyberspace security, international information and communications policy, and digital freedom. Eventually, the bureau will be led by a Senate-confirmed ambassador-at-large. Until President Joe Biden appoints and the Senate confirms someone to this position, Jennifer Bachus, a career member of the Senior Foreign Service, will serve as principal deputy assistant secretary for the new bureau, starting Monday, the agency announced. 

Sustainable cybersecurity starts with protecting both sides of the entry pointApril 5, 2022 by Ken Galvin2021 was a landmark year for cybersecurity — and not in a good way. Squaring up against broadening IT ecosystems, emerging threat vectors and innovative bad actors, security practitioners have been dealt a heavy hand in the past 24+ months, and if Log4j taught us anything, it’s not looking like threats will be easing up anytime soon. But as organizations look to bolster their cyber resiliency and maintain customer trust in the new year, it’s imperative that they consider cybersecurity today is not just about shoring up the endpoint; it’s just as vital to ensure your users are acting conscientiously. One false click, one false move on the user end, and your security can go out the window. To really be resilient, organizations need to understand that sustainable cybersecurity is really about protecting both sides of the entry point.Let’s look at data, for example. It’s now an enterprise given that “data intelligence” is vital to helping enterprises transform themselves to be more innovative, competitive and customer-centric. In other words, data is the lifeblood of business today. Not only does understanding data and data systems empower everyone in the organization to make faster, smarter and more strategic decisions to drive business growth, but it also plays a vital role in propelling innovation. So, protecting the gateways to your data — your endpoints — is more critical than ever before. And if you can’t manage your endpoint security — you can’t manage the security of your data, or have data privacy.For organizations looking to tighten up their cybersecurity this year, and ensure all entry points are protected and accounted for in 2022, here are a few key considerations to keep top of mind: Discovery. Ask yourself: What is hitting your network? If you do not know who or what is potentially accessing your data, you cannot secure it. You need to be able to use a variety of methods to not only discover and inventory devices that should be there, but also to detect devices that should not be.Vulnerability scanning. Not just for Windows, but also Mac and Linux systems. Most cyberattacks involve unpatched operating systems and applications that have had patches available for months — even years. Use your scan results to automatically isolate vulnerable devices and quickly remediate issues.Secure everything. Just as laptops pose their own unique access and security concerns, non-computer devices are also potential threat vectors. Ignoring the security of all your IoT devices (the fastest-growing device segment) is a disaster waiting to happen. Ensure that you’re constantly securing and assessing everything — on both sides of the endpoint — to achieve sustainable cybersecurity resiliency within your organization. In short, we can expect that the security trends that came with 2021 —  upticks in insider threats, a rise in ransomware attacks, and unprecedented data breaches — are here to stay in 2022. In order for organizations to bolster their cybersecurity resiliency and prepare for the onslaught of attacks and cybersecurity threats to come, it’s imperative that they consider that endpoint security today is a two-way street. Sustainable security starts with shoring up both sides of the entry point

5 cybersecurity mistakes you’re making.

5 dangerous cybersecurity mistakes you’re probably makingNEWYou can now listen to Fox News articles!The FBI’s latest Internet Cybercrime Report paints a bleak picture. Last year, Americans lost more than $6.9 billion to cybercrooks.  Don’t think you’re too smart to fall for their tricks. Even savvy people can get conned out of money before realizing what happened.Continue reading “5 cybersecurity mistakes you’re making.”

Let’s Put Cyber Back in CybersecurityApril 2, 2022 by Kamyar KojouriIs there a shortage of Cybersecurity workers or are we doing this wrong?“Playing Commodore 64 at Media museum Rupriikki” by Olimar, Creative Commons BY-SA 4.0 License“You run the, um, net-trace command?” he finally responded after a long pause. He had checked the network cable, refreshed the browser, and rebooted the router twice! How could the user still have no Internet?At this point, we both knew that the interview was over. Granted, this one was a rather unusual case — a Computer Science graduate fresh out of college looking for an internship position — but you would be surprised to hear how many “experienced” cybersecurity analyst and engineering candidates have gotten off to a good start on my interviews, only to crash and burn when it gets to answering some of the most basic IT questions: Which layer of the OSI model does HTTP operate on? How do you kill a process on Linux? What is the Hosts file for?Let’s face it, Cybersecurity — not to be confused with the broader field of Information Security — is about technology. To quote from CISA, “Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information.”In other words, to be successful in Cybersecurity, one must understand and truly appreciate technology!Think about it. If a SOC analyst is not familiar with the default file structure of a Windows or Linux machine, how can you expect her to identify an LFI attack when she sees one?How can a Penetration Tester who has never heard of uuencode and echo commands transfer files to/from a victim using a reverse shell session without Meterpreter?How can you expect someone who has never touched the command line to be able to decipher this attack?cmd.exe /Q /c for /f “tokens=1,2 delims= ” ^%%A in (‘”tasklist /fi “Imagename eq lsass.exe” | find “lsass””‘) do rundll32.exe C:\windows\System32\comsvcs.dll, MiniDump ^%%B \Windows\Temp\01LAF.txt full[This, by the way, was taken from an actual LSASS Minidump attack we caught the other day.]Give me an IT generalist, I’ll give you a Cybersecurity professional!On the one hand, we keep complaining about the shortage of Cybersecurity specialists in the market, while on the other hand, we continue losing mid-level IT professionals to outsourcing or automation. Do you see where I’m going with this?When I used to work as a sysadmin back in early 2000’s, the server to admin ratio used to be somewhere around 50:1. Nowadays, that number is probably closer to 500:1 at most medium sized organizations. An article published by Computer World in 2011 even claimed that it can go as high as a whopping 10,000:1 at some dominant cloud vendors like Google.It’s not hard to see why that is the case. Office 365 and Google Workspace have killed Exchange. Box, OneDrive, Amazon S3, and Azure blobs are replacing CIFS and NFS shares stored on servers and storage arrays. Slack, Zoom, and Teams have made telephony a thing of the past. Application hosting has gone from physical servers, to virtual machines, to docker containers, to server-less micro-services, and a single DevOps engineer armed with a text editor and Ansible can replace more than a dozen systems administrators clicking “Next”, “Next”, “Finish” and watching progress bars all day long.So what can we do with all the IT knowledge and talent lying about? What do we do with the hordes of skilled computer enthusiasts who have laid their hands on anything from Commodore 64 tape drives to Nutanix storage arrays? Or the high school kid who has built a weather station in her backyard using a Raspberry Pi?Why not bring them into Cybersecurity? Ultimately, this is the type of stuff that hackers are made of, not college degrees and industry certifications.To be clear, I’m not trying to downplay the value of formal education. I have both a college degree in CIS and a number of IT and Cybersecurity certifications, but I see these as add-on ‘features’, not core requirements. Academia gives you a solid foundation to build on, and industry certifications fill your knowledge gaps, but in my opinion, at least in Cybersecurity, no degree or certification can replace the drive and passion of a 19-year old staying up until the crack of dawn trying to change the background picture of his GRUB bootloader.And there are plenty of them out there. Hire them!

Design a site like this with WordPress.com
Get started