Tag Archive for: Evolving

Critically Analyzing ‘Evolving Cyber Operations’ And Implications For Pakistan – OpEd – Eurasia Review

/in


A recent report by RAND Cooperation titled “Evolving Cyber Operations” provides a comprehensive analysis of cyber operations and capabilities, particularly focusing on the lessons from the Ukraine conflict. It presents a critical look at the evolving nature of cyber warfare, the role of cyber proxies, and the shift from traditional cyber defense strategies to a resilience-focused approach.

It emphasizes cyber resilience over deterrence. The report emphasizes a shift from deterrence to resilience in cyber defense strategies. It argues that democracies cannot rely solely on deterring cyberattacks but must focus on minimizing disruption to critical data and services. The report also highlighted the role of cyber proxies. The conflict in Ukraine highlighted the significant role of cyber proxies. These proxies, whether aligned with Russia or Ukraine, have demonstrated their capacity to influence conflicts beyond direct cyberattacks, particularly in shaping political narratives and international opinions

Political and Social Resilience: Political and social resilience is identified as crucial in cyber defense. The Ukrainian experience shows the importance of maintaining political will and leveraging a diverse range of actors, including civil society and the private sector, in building a robust defense. International Collaboration remains one of the most important: The report underscores the importance of international partnerships in cyber defense. Sharing intelligence, technology, and tactics among allies can significantly enhance a nation’s cyber capabilities The use of proxies in cyber warfare has evolved, with groups like Killnet and the IT Army of Ukraine playing significant roles. These groups have blurred the lines between traditional state-aligned proxies and transnational political actors

Implications for Pakistan’s National Security

Enhancing Cyber Resilience: Pakistan should prioritize building a resilient cyber infrastructure that can withstand and quickly recover from cyberattacks. This involves not just technological solutions but also a comprehensive strategy encompassing political, social, and economic dimensions.

Diverse Cyber Defense Strategy:…

Source…

Evolving China-based cyberwarfare demands greater regional resilience

/in


In a speech at this year’s Shangri-La Dialogue, hosted by the International Institute for Strategic Studies in Singapore, Australian Prime Minister Anthony Albanese set out a balanced approach to handling China’s aggressive regional expansion: ‘Australia’s goal is not to prepare for war,’ he said, ‘but to prevent it through deterrence and reassurance and building resilience in the region.’

He went on to say that Australia and its regional allies need to ‘make it crystal clear that when it comes to any unilateral attempt to change the status quo by force, be it in Taiwan, the South China Sea, the East China Sea or elsewhere, the risk of conflict will always far outweigh any potential reward’.

China has recently shown a greater willingness to test the boundaries of physical confrontation. In the cyber domain, however, it has long engaged in aggressive tactics, where the rewards significantly outweigh the potential risks. This is bad news for Australian government organisations, local companies and their counterparts across Southeast Asia, which are having to divert significant resources to protect themselves against evolving Chinese cyber espionage, intellectual property theft and other cyberattacks.

CrowdStrike Intelligence is highly confident that China-nexus adversaries will continue to target both Southeast Asia and Australia in the government, telecommunications, military and civil-society sectors in support of national intelligence-collection priorities. We also expect to see a ramping up of cyber espionage in the AUKUS area as Australia strengthens its defence ties with the US and UK.

Concern around China-based cyber activity has only grown. The extraordinary disclosure in May that VANGUARD PANDA (better known as Volt Typhoon), a China-sponsored adversary group, had been lying dormant in US critical infrastructure networks for at least months suggests persistent assertiveness from China-based cyber actors in support of China’s cyber goals.

To reference the prime minister’s assessment, building resilience and reassurance is vital to deterring such attacks. Understanding more about China-based cyber activities in the region is an important place to…

Source…

The Evolving Face of Cybersecurity

/in


Without an incident response plan, it can take a business an average of 71 days to recover. A business with a plan might recover in 20 days.

Without an incident response plan, it can take a business an average of 71 days to recover. A business with a plan might recover in 20 days. That’s a difference of 51 days during which business is compromised, if not suspended. “What’s your loss of revenue?” asked Connery.

And, a cyber incident doesn’t end with the demand for money from the attackers, or with the lost revenue while the business struggles to perform during and after the attack. There are also regulatory fees, new Securities and Exchange Commission (SEC) reporting regulations, Federal Trade Commission (FTC) standards, notification of government entities and notification of customers whose information was compromised.

For businesses without a plan, recovery will take time. Backups may have been destroyed. Systems need to be rebuilt. “If that happens inside your organization, you must have options,” said Connery. “You have to think through what the next steps are going to be.”

One option is to pay the hackers to get data back. Another is to use an old copy of data that might be six months out of date. And the whole time the business is losing customer faith, losing time, losing revenue.

When it comes to cyberattacks, it isn’t if a business is at risk. It is. It isn’t if there’s an attack. It’s when.

Common Threats and Vulnerabilities

“Cyberattacks can take various forms,” explained Mark Doering, chief information security officer, Link Technologies. “There’s phishing and malware and denial of service attacks, which is preventing access to systems, social engineering which is the phone calls and texts you get soliciting a response and pretending to be someone else.”

There are also structured query language (SQL) injections, which attack data applications by injecting malicious SQL statements into entry fields for execution, affecting execution of predefined SQL commands and allowing attackers to spoof identity and tamper with data; zero-day attacks that exploit previously unknown vulnerabilities in systems; and nation-state cyberattacks from foreign entities.

“From my perspective, [Nevada sees] pretty much the same sorts of phishing attacks, ransomware,…

Source…

International Ransomware Gangs Are Evolving Their Techniques. The Next Generation Of Hackers Will Target Weaknesses In Cryptocurrencies

/in


(MENAFN– The Conversation) In May 2023, the Dallas City Government was hugely disrupted by a ransomware attack. Ransomware attacks are so-called because the hackers behind them encrypt vital data and demand a ransom in order to get the information decrypted.

The attack in Dallas put a halt to hearings, trials and jury duty, and the eventual closure of the Dallas Municipal Court Building. It also had an indirect effect on wider police activities, with stretched resources affecting the ability to deliver, for example, summer youth programmes . The criminals threatened to publish sensitive data, including personal information, court cases, prisoner identities and government documents.

One might imagine an attack on a city government and police force causing widespread and lengthy disruption would be headline news. But ransomware attacks are now so common and routine that most pass with barely a ripple of attention. One notable exception happened in May and June 2023 when hackers exploited a vulnerability in the Moveit file transfer app which led to data theft from hundreds of organisations around the world. That attack grabbed headlines, perhaps because of the high profile victims, reported to include British Airways, the BBC and the chemist chain Boots.

According to one recent survey , ransomware payments have nearly doubled to US$1.5 million (£1.2 million) over the past year, with the highest-earning organisations the most likely to pay attackers. Sophos, a British cybersecurity firm, found that the average ransomware payment rose from US$812,000 the previyear. The average payment by UK organisations in 2023 was even higher than the global average, at US$2.1 million.

Meanwhile, in 2022 The National Cyber Security Centre (NCSC) issued new guidance urging organisations to bolster their defences amid fears of more state-sponsored cyber attacks linked to the conflict in Ukraine. It follows a series of cyber attacks in Ukraine which are suspected to have involved Russia, which Moscow denies.

This article is part of Conversation Insights
The Insights team generates long-form journalism derived from interdisciplinary research. The team is working with academics from different…

Source…