Any nation-state behind recent hijackings of Domain Name System (DNS) records should, in theory, be held responsible under the latest cyberwarfare norms agreement made by 20 countries at the UN in 2015, says America’s top cyber diplomat.
“One of the norms is disrupting physical infrastructure providing services to the public, and I think that fully encapsulates the internet’s DNS function,” Amb. Robert Strayer told CyberScoop Tuesday on the sidelines of the Atlantic Council’s International Conference on Cyber Engagement.
In January of 2019, the Clemson Tigers and Alabama Crimson Tide competed at one of the largest sporting events in the country: The National Collegiate Athletic Association’s (NCAA) fifth National Championship game of the College Football Playoffs. There were 75,000 fans in attendance.
Events like these are vulnerable to a host of security risks. In fact, the event was monitored by students from Norwich University’s Applied Research Institute (NUARI) who used artificial intelligence decision automation software (Norwich used Respond Software) to monitor, analyze and resolve more than 243,000 events and threats during the game. There were 200,097 threats that required deeper investigation; the team diagnosed 431 as malicious and mitigated 13 events that specifically targeted the stadium. The game seamlessly took place without trouble.
One only needs to open their favorite homepage or scan ubiquitous media feeds to know that security professionals face an increasingly complex and ever-changing risk landscape, filled with uncertainty and contingency. While zero-day vulnerabilities, ransomware and unpatched software continue to pose significant threats themselves, a new and potentially more dangerous threat continues to grow within the corporate environment – one’s own employees. For example, an April 2018 Ponemon Institute survey of IT security professionals across 700 organizations reported that the average cost of a single breach due to employees or others with access was over $8.7 million
Over the past several years, the law enforcement community has grown increasingly concerned about the conduct of digital investigations as technology providers enhance the security protections of their offerings—what some of my former colleagues refer to as “going dark.”
Data once readily accessible to law enforcement is now encrypted, protecting consumers’ data from hackers and criminals. However, these efforts have also had what Android’s security chief called the “unintended side effect” of also making this data inaccessible to law enforcement. Consequently, many in the law enforcement community want the ability to compel providers to allow them to bypass these protections, often citing physical and national security concerns.
Medical device manufacturers grappling with a multitude of cybersecurity issues await final direction from the federal government on better protecting patients and managing risk.
The comment deadline is March 18 for the Food and Drug Administration’s draft premarket cybersecurity guidance. The proposed guidance provides updated recommendations for device manufacturers on how they can better protect their products from risks like ransomware or a catastrophic attack on a health system.
Walled off inside the National Security Agency complex in Fort Meade, Md., leaders of U.S. Cyber Command are preparing for digital combat against state-backed hackers targeting critical energy infrastructure.
The top-secret work comes after a decade of relentless probing by cyber units from Russia and China. It follows two years of sobering revelations about accelerating efforts by America's adversaries to break into electric grid and pipeline control rooms.
The Industrial Internet of Things (IIoT) sees networks of connected industrial devices working together to collect and analyze data in order to help deliver new insights and optimize business processes. It can range from the smallest sensors to large industrial equipment.