Articles

Articles

The race for quantum-proof cryptography

Articles, Blog, News
featured image

Lawmakers briefed on quantum computing’s threat to encryption and the urgent need for mathematical research

One of the biggest threats to privacy and national security is the ability of the immensely powerful quantum computers to break prevailing methods of encryption almost instantaneously. Once quantum computers become a reality, something that could conceivably happen in the next decade or two, all of the data protected by encrypted systems on the internet will become decrypted and unprotected, accessible to all individuals, organizations or nation-states.

Dr. Jill Pipher, President of the American Mathematical Society, VP for Research, and Elisha Benjamin Andrews Professor of Mathematics at Brown University led a briefing last week for lawmakers on Capitol Hill called “No Longer Secure: Cryptography in the Quantum Era” about the threats that quantum computing poses to existing cryptographic systems that support national and economic security. Senator Jack Reed (D-RI) began the briefing by saying “we’re acutely aware of the potential advantages and disadvantages that quantum presents. And we’re also very concerned that some of our adversaries and competitors are investing a great deal in quantum computing.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

CrowdStrike, Ukraine, and the DNC server: Timeline and facts

Articles, Blog, News
featured image

Politicizing cybersecurity only serves to undermine trust in its practices and objectivity, experts fear.

President Donald Trump, Senator John Kennedy from Louisiana and Secretary of State Mike Pompeo have all given credence to what cybersecurity experts and the US intelligence community deride as a baseless conspiracy theory pushed by Russia. That theory posits that Ukraine, and not Russia, was responsible for hacking into the networks of the Democratic National Committee (DNC) in the run-up to the 2016 presidential election.

Kennedy quickly backtracked from blaming Ukraine for the DNC hack, but nonetheless left wiggle room to return to this contention. After admitting he was “wrong” to imply Ukraine and not Russia hacked the DNC, he went on to say, “There is a lot of evidence, proven and unproven — everyone’s got an opinion — that Ukraine did try to interfere, along with Russia and probably others, in the 2016 election.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Global threat groups pose new political and economic dangers

Articles, Blog, News
featured image

Nation-state players in Iran, North Korea, Saudi Arabia and Russia are getting new objectives and changing strategies, say experts.

While widely known advanced persistent threat (APT) groups emanating from Russia and China grab most of the spotlight, an array of other nation-state and adjacent threat actors are increasingly launching cyberattacks around the globe. At this year’s Cyberwarcon conference, nearly 20 of the world’s top cybersecurity researchers presented their thoughts on these less visible and complex groups, outlining their latest strategies and developments.

Iran, which is rapidly emerging as one of the most destructive of the nation-state cyberwarfare actors, has a threat group known as APT33, one of the country’s most malicious cyber actors. APT33 has targeted aerospace, defense, and energy organizations. For the most part, the group is regionally focused, targeting Saudi-owned and -operated entities, according to Saher Naumaan, a threat intelligence analyst at BAE Systems Applied Intelligence.

APT33, also called Refined Kitten, Magnallium, Holmium and Alibaba, has been around since 2014 and is best known for its data wiping malware called Shamoon, which erased at least 30,000 computers belonging to Saudi Aramco in 2012. Since then, APT33 has been implicated in campaigns against industrial players in the Middle East and Europe.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

A new era of cyber warfare: Russia’s Sandworm shows “we are all Ukraine” on the internet

Articles, Blog, News
featured image

In-depth research on Russia’s Sandworm hacking group shows broad capabilities and scope to disrupt anything from critical infrastructure to political campaigns in any part of the world.

Speakers at this year’s CyberwarCon conference dissected a new era of cyber warfare, as nation-state actors turn to a host of new advanced persistent threat (APT) strategies, tools and tactics to attack adversaries and spy on domestic dissidents and rivals. The highest profile example of this new era of nation-state digital warfare is a Russian military intelligence group called Sandworm, a mysterious hacking initiative about which little has been known until recently. The group has nevertheless launched some of the most destructive cyberattacks in history.

Wired journalist Andy Greenberg has just released a high-profile book about the group, which he said at the conference is an account of the first full-blown cyberwar led by these Russian attackers. He kicked off the event with a deep dive into Sandworm, providing an overview of the mostly human experiences of the group’s malicious efforts.

Sandworm first emerged in early 2014 with an attack on the Ukrainian electric grid that “was a kind of actual cyberwar in progress,” Greenberg said. The grid operators in Ukraine watched helplessly as “phantom mouse attacks” appeared on their screens while Sandworm locked them out of their systems, turned off the back up power to their control rooms, and then turned off electricity to a quarter-million Ukrainian civilians, the first ever blackout triggered by hackers.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Twitter spy scandal a wake-up call for companies to clean up their data access acts

Articles, Blog, News
featured image

Two Twitter employees accessed user data on behalf of the Saudi government. Neither should have had access, and this is a sign of a bigger problem at all companies.

A tremor rippled across the information security community last week when the Justice Department announced criminal charges against two Twitter employees, Ahmad Abouammo and Ali Alzabarah, for acting as foreign agents under the direction and control of the Kingdom of Saudi Arabia. The complaint alleges that the two men used their ability to access user data to provide the Saudi rulers with private information on more than 6,000 Twitter users.

Abouammo, who was a media partnerships manager at Twitter, is a US citizen. Alzabarah, who was a site reliability engineer at the social media giant, is a Saudi citizen, while a third person who was an intermediary in the theft of some of the data and who did not work at Twitter, Ahmed Almutairi, is also a Saudi citizen.

Both former Twitter workers had access to a proprietary and confidential information for Twitter users, including the email addresses, birthdates, phone numbers and IP addresses. Alzabarah, who pulled data on four specific users at the request of the Saudis, also had access to users’ biographical information, logs that contained the users’ browser information, and a log of all of a particular user’s interactions at any given point in time, the complaint says.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

US Department of Justice push for encryption backdoors might run afoul of First Amendment

Articles, Blog, News
featured image

Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections.

On October 22, the former general counsel of the FBI Jim Baker published a lengthy and astonishing piece called “Rethinking Encryption.” In that article, the conservative-leaning current director of national security and cybersecurity at the R Street Institute advised the Justice Department and law enforcement to “embrace reality and deal with it” when it comes to encrypted communications.

Running counter to the now decades-long on-again and off-again pursuit by the Justice Department and law enforcement for a backdoor that would allow access to encrypted communications, Baker wrote that encryption “is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Cell phones don’t belong in SCIFs, says Republican congressman

Articles, Blog, News
featured image

Rep. Mike Rogers says his phone was infected by Russian malware three years ago. Also, why he believes we need fewer federal cybersecurity agencies and election laws.

An annual initiative launched 16 years ago by the Department of Homeland Security, National Cybersecurity Awareness Month (NCSAM) takes place every October. DHS’s main motivation in mounting a month of cybersecurity-related activities is to make consumers more aware of how to protect themselves online. This year’s awareness month theme is “Own IT. Secure IT. Protect IT.” with a focus on privacy, the internet of things (IoT) and e-commerce security.

DHS’s 2019 efforts include a consumer toolkit that features advice in 13 areas, from social media bots to home devices such as smart locks. The goal of the annual rite is to get organizations to promote DHS’s message about how to not click on phishing emails and the best methods to ensure secure passwords and other cybersecurity hygiene habits that ordinary users can deploy to make themselves safer. Last year, according to DHS, over 400 local events across the country focused on good cybersecurity habits.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

How enterprises can benefit from Cybersecurity Awareness Month

Articles, Blog, News
featured image

Organizations are working with the US Department of Homeland Security to enhance their own security awareness training and promote it in their communities.

An annual initiative launched 16 years ago by the Department of Homeland Security, National Cybersecurity Awareness Month (NCSAM) takes place every October. DHS’s main motivation in mounting a month of cybersecurity-related activities is to make consumers more aware of how to protect themselves online. This year’s awareness month theme is “Own IT. Secure IT. Protect IT.” with a focus on privacy, the internet of things (IoT) and e-commerce security.

DHS’s 2019 efforts include a consumer toolkit that features advice in 13 areas, from social media bots to home devices such as smart locks. The goal of the annual rite is to get organizations to promote DHS’s message about how to not click on phishing emails and the best methods to ensure secure passwords and other cybersecurity hygiene habits that ordinary users can deploy to make themselves safer. Last year, according to DHS, over 400 local events across the country focused on good cybersecurity habits.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Justice Department takes another run at encryption backdoors with ‘lawful access’

Articles, Blog, News
featured image

Law enforcement officials and experts on the distribution of child pornography gathered on Friday to make the emotional, if not technological, case that tech companies should open up their encryption schemes to police investigating crimes.

Following in the footsteps of former FBI Director James Comey and other top law enforcement officials, Attorney General William Barr is taking a swing at the growing prevalence of encryption across the digital landscape, with a particular renewed focus on the rising number of communications apps that are offering end-to-end encryption. On Thursday, the Justice Department published an open letter to Facebook CEO Mark Zuckerberg asking the social media giant not to proceed with its end-to-end encryption for its messaging services without providing law enforcement court-authorized access to the content of communications.

The letter, signed by the Attorney General, United Kingdom Home Secretary Priti Patel, Australia’s Minister for Home Affairs Peter Dutton, and Acting Homeland Security Secretary Kevin McAleenan, came on the same day the U.S. and UK governments entered into the world’s first ever CLOUD Act Agreement. The agreement, according to the Justice Department, “will allow American and British law enforcement agencies, with appropriate authorization, to demand electronic data regarding serious crime.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

CISA’s Krebs seeks more measured approach to election security heading into 2020

Articles, Blog, News
featured image

The Cybersecurity and Infrastructure Security Agency director says overhyped concern is a problem, while election officials say they reap the benefits of improved communications.

Given the too-late realization that Russia interfered in the 2016 presidential election through massive disinformation campaigns and — as the Mueller report most recently documented with a few new twists — actual efforts to hack into state elections systems, it’s no surprise that election security under the rubric of “Protect 2020” was a key theme running throughout the Cybersecurity and Infrastructure Security Agency’s (CISA) second annual Cybersecurity Summit.

Even so, CISA Director Christopher Krebs kicked off the summit by cautioning against the fearful language and overwrought concerns currently surrounding the topic of election security. “We’ve got to be more straightforward, more measured, more reasonable in how we talk about things. Election security is a great example. Are there true, absolute, fundamental risks in the infrastructure? Yes, but we have to take the hysteria out of the conversation because ultimately what we do is we drive broader voter confidence down,” he said.

[This article appeared in CSO Online. To read the rest of the article please visit here.]