Tag Archive for: CLOSE

Opinion | There’s a Big Gap in Our Cyber Defenses. Here’s How to Close It.

/in


The problem is well known. The difficulty lies in resolving deeply felt concerns over any increase in government surveillance authority, no matter how important the purpose. We are also paralyzed by a sense of fatalism that cyber vulnerabilities are simply the price we pay for being online, and an erroneous belief that the Constitution stands in the way of any solution.

Most cybersecurity experts agree an effective public-private cyber information-sharing system is essential in stopping foreign cyber maliciousness before it causes too much damage. But information sharing isn’t enough; it would be hamstrung from the start if the government cannot seamlessly and quickly track malicious cyber activity from its foreign source to its intended domestic victims. If some government agency had that legal power, then it could, for example, quickly check out a domestic IP address after an alert from the NSA that the address was communicating with a suspicious overseas server. If that IP address showed questionable activity, the government and the private sector jointly could take steps to reconfigure firewalls or otherwise curtail the hack. Admittedly, this wouldn’t prevent hacks and attacks that were based on previously unknown software bugs (so called “zero-day exploits”). But the reality is that most large-scale hacks by foreign countries rely on already known software imperfections and hardware deficiencies.

The issue is that almost any kind of domestic cyber inspection, even in hot pursuit of a foreign adversary, would be considered a “search” within the Constitution’s Fourth Amendment, which requires searches and seizures by the government to be not “unreasonable” and in many (but by no means all) cases to be based on a search warrant issued by a judge. The notion that searches could possibly be electronic was of course not in the Framers’ minds when adopting the amendment in 1792, but the “reasonableness” standard has allowed courts over the years to apply it to new techniques and technologies, including cyber surveillance.

To track foreign cyber malevolence in a new domestic legal framework, we would need a cyber monitoring capability that was so limited and…

Source…

Ransomware Attack Prompts Haverhill Public Schools to Close – NBC Boston

/in


Schools in Haverhill, Massachusetts, will be closed Thursday after the district’s computer system was hit with a ransomware attack.

The Haverhill Public School District said its IT department noticed early Wednesday morning that something was wrong with the system, shutting down the network “before large scale corruption of the system occurred.”

The school’s entire system, including its remote learning platform, is not operational, the district said.

Thursday was supposed to be the first day back in the classroom for students in grades 2 through 4.

The district says it is planning to consider Thursday a snow day and make it up on Friday, June 18.

Source…

The 4 Key Security Gaps Every Security Team Needs To Close In 2021

/in


2021 will be another challenging year for cybersecurity professionals.  Security teams now face a plethora of new challenges brought on by the rapid deployment of tools, technologies and processes that enabled business continuity over the last 12 months.  Many of these challenges stem from the widespread shift to remote working which, in a matter of days, completely changed the threat landscape for most organisations. 

The rushed nature of the remote working rollout now poses some major data security issues, which are compounded by the impending shift to a hybrid working model in the long term.  In a recent Gartner survey of business leaders across HR, Legal, Compliance, Finance and Real Estate, 82% of respondents said they are planning to permit remote working some of the time as employees return to the workplace, while almost half intend to let employees work remotely full time. 

It is the combination of employees working flexibly – both onsite and remotely – that cements the challenge for security teams in 2021.  The increasing severity of the threat landscape is clear.  Deloitte’s Cyber Intelligence Centre observed a significant spike in phishing attacks, malspams and ransomware in 2020, with threat actors using COVID-19 as bait to mislead employees working outside the confines of the corporate environment.  The closing weeks of the year presented an even greater threat, with what looks to be the most widespread advanced persistent threat (APT) attack in the history of cyberwarfare.  According to Microsoft, the sophisticated nation state attack – which penetrated a vast range of both public and private sector organisations – was a “moment of reckoning” in the evolution of cybersecurity threats. 

As this evolution continues its relentless march forwards, security leaders and practitioners across all industries will need to focus on closing four key security gaps to ensure their organisation is both productive and secure in 2021.   

  1. The proliferation of mobile devices

The ‘new normal’ has changed both the scope and definition of how organisations will need to think about ‘mobile security’ in 2021.  With more employees now…

Source…

Manchester United defends close goal of cyber attackers in recent ransomware event

/in


Manchester United confirmed it had experienced a cyber attack on Friday evening, but stated that its defensive IT formation had identified the attack, shutting down impacted systems to contain the event and protect data. One of the key points of Manchester United’s online statement was its affirmation that it had “extensive protocols and procedures in place for such an event and had rehearsed for this risk“, allowing the team to go ahead with its match against West Bromwich Albion and to ensure all club media channels were unaffected. These ‘cyber fire drills‘ are clearly becoming ever more vital to ‘big game targets‘ and Manchester United appears to have benefited from such preparedness.

Ranking third in the world out of the most valuable football teams, with a total valuation of more than £2.9 billion, the attack on Manchester United is a further example of the rising number of ransomware attacks worldwide during the pandemic, with a particular uptick in big-game hunting and the corresponding value of ransom demands.

Recent investigations have highlighted that the number of distributed denial-of-service (DDoS) attacks observed in the third quarter of 2020 was four times higher than the first quarter of 2020 (Cloudfare). Further, CrowdStrike identified that 39% of UK organisations suffered a ransomware attack in the last 12 months and that on average pay USD 1.2 million, higher than the average USD 1.1 million globally. With these statistics in mind, it appears to be more important than ever that companies are prepared for such attacks, managing against the risk of exfiltration and encryption by, amongst other security protocols, partitioning and backing up systems, as well as understanding the legality and regulatory position of making ransomware payments.

Recently, a survey by CrowdStrike also revealed that UK businesses are paying more ransom to cybercriminals than their peers in other parts of the world.

The study found that 39 per cent of UK organisations have suffered a ransomware attack in the last 12 month, and they paid approximately £940,000 ($1.2 million) ransom on average – higher than the global average of $1.1 million.

Source…