Tag Archive for: expect

What to Expect From NATO’s New Strategic Concept

/in


As the leaders of the North Atlantic Treaty Organization nations prepare to meet this week in Madrid, I’m reminded of a call I received shortly after I became supreme allied commander at the alliance in 2009. It was from Secretary General Anders Fogh Rasmussen, and with the directness for which he was famous, he said: “Jim, I want you to work with Madeleine Albright on our new NATO Strategic Concept. We are on a short timeline, and it must be done right. Get in touch with her and give her all your support.”

I didn’t know Albright, who had been US secretary of state from 1997 to 2001, well. But, like pretty much everyone who did, I was in awe of her energy, good humor and drive. We contacted her team and set up an introductory call, and for the next year I was privileged to be part of her team creating a long-term strategy for the alliance, the first of the 21st century.

The result, “Active Engagement, Modern Defense,” was adopted at NATO’s 2010 summit in Lisbon. I still treasure my small, blue, battered pocket copy, signed by Albright. I literally carried it with me throughout the four years I led the alliance’s military operations.

As you would expect, the strategic concept reflected the times: It was full of references to counterterrorism, Afghanistan, the Balkans, counterpiracy and the other missions of the day. There are brief mentions of climate change and cyberwarfare, and China does not appear.

Perhaps the most ironic part of the 2010 strategy are the words: “NATO poses no threat to Russia. On the contrary: we want to see a true strategic partnership between NATO and Russia.”

While it is certainly true that NATO does not pose a threat to Russia, then or now, unfortunately, Russia under President Vladimir Putin certainly poses a threat to the alliance. Wars against Ukraine in 2014 and 2022 are testament to his ambition to dominate the Western approaches to his nation.

This week, for the first time since 2010, NATO will adopt and release a new strategic concept. Appropriately, this will occur again on the Iberian Peninsula, which juts into the broad ocean bridging the 30 members of the transatlantic alliance. What will the new strategic concept discuss, and…

Source…

Why we can expect more hacking of politicians’ phones

/in


Pegasus can infect a target’s device without the victim knowing and allow a government or organization to access personal data, including turning on cameras and microphones. Activists against surveillance have called on governments to ban or at least heavily regulate spyware companies. And the United Nations’ human rights office called on governments last year to regulate the sale and use of spyware technologies.

Yet there are still no international accords restricting spyware and even governments that ban Pegasus still face a whack-a-mole problem of other less visible and less regulated spyware companies popping up. As a result, officials are stuck employing low-tech solutions to protect themselves. Macron reportedly replaced his phone and changed his phone number last year after his number was found on a list of 50,000 allegedly targeted by NSO clients using Pegasus.

After researchers reported in April that Pegasus had infected the phones of dozens of Spanish officials including Catalan president Pere Aragonès, he started leaving his phone outside the room when he goes into important policy meetings and has sensitive conversations.

“When you are having to acknowledge or that someone is listening to you, you are very reluctant to talk privately with your partner or your relatives,” Aragonès said in an interview a few weeks after the hacks were discovered.

Citizen Lab, a research lab based at the University of Toronto, found “strong circumstantial evidence” tying the Spanish government to the hacks of Catalan officials (Catalonia has long fought for more autonomy) — a charge Spain has denied. It was two weeks later that Spain’s Prime Minister became a victim himself.

In the U.S. officials have confirmed that the FBI acquired Pegasus technology, though only for testing. And some lawmakers argue that privacy has to be balanced against the need to use all tools available to protect national security.

“It is a very tricky area, because we want to protect people’s privacy, but on the other hand, we want to be sure we have the tools to find terrorists and those kind of things,” Sen. Angus King (I-Maine), a member of the Senate Intelligence Committee, said in an…

Source…

Cybercriminals carried out a record number of ransomware attacks last year; experts expect more in 2022

/in


It might be a different year, but old threats linger—especially in cyberspace.  An advisory covering the current cyberthreat situation issued by federal agencies and international partners Wednesday outlines a growing threat posed by ransomware that’s expected to continue through 2022. 

“Cybercriminals are increasingly gaining access to networks via phishing, stolen remote desktop protocols, credentials or brute force, and exploiting software vulnerabilities,” the advisory says. Over the last year, especially, “The market for ransomware became increasingly ‘professional’ and there has been an increase in cybercriminal services-for-hire.”

With this expansion of cybercrime into more of an enterprising space, the advisory notes that ransomware groups have begun sharing victim information with each other, including victims’ network access information. They’re also diversifying extortion methods to get around defenses and evolving their practices to best exploit vulnerabilities, such as by targeting public organizations on holidays and weekends. 

And from local school districts to vital infrastructure vendors, cybercriminals have broadened their targets. The advisory highlights that nearly every aspect of the nation’s critical infrastructure was digitally attacked in some way last year, including the emergency services sector, food and agriculture, and government facilities. 

“We live at a time when every government … must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), in a statement. CISA, along with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA) and several international organizations including Australia and the United Kingdom collaborated on the advisory. “While we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience.” 

While action has been taken by federal agencies to make local governments aware of the threat, more education is needed, Easterly said, urging “organizations to review…

Source…

Security experts expect to see BlackMatter ransomware gang again soon

/in


Investors are pumping millions of dollars into encryption as unease about data security drives a rising need for ways to keep unwanted eyes away from personal and corporate information — © AFP

Further to the news that ransomware group BlackMatter, has ceased operations, many security experts are concerned that the group has not fully disappeared.

To canvass opinion, Digital Journal caught up with r George Glass, Redscan head of threat intel and Dr Süleyman Özarslan, co-founder of Picus Security and head of Picus Labs.

Picus is a Turkish security company specialising in simulating the attacks of cybercriminal gangs (including BlackMatter and DarkSide before them). 

What was BlackMatter?

BlackMatter was a relatively new ransomware threat discovered at the end of July 2021.

This group started with a run of attacks and some advertising from its developers that claims they take the best parts of other malware, such as  GandCrabLockBit  and DarkSide. According to McAfee Enterprise Advanced Threat Research (ATR), the malware has a great deal in common with DarkSide, the malware associated with the Colonial Pipeline attack which caught the attention of the U.S. government and law enforcement agencies around the world.

The main goal of BlackMatter was to encrypt files in the infected computer and demand a ransom for decrypting them. The goal is to steal files and private information from compromised servers and request an additional ransom to not publish on the Internet.

Dr Süleyman Özarslan, Picus Security

According to Özarslanwe can expect the same hacker group to return in a different guise,: “BlackMatter is operated by the same criminals behind the DarkSide ransomware gang so it’s highly likely that the perpetrators will reform under a different guise.”

This occurs, says Özarslan because: “Ransomware gangs are highly resilient and typically rebrand in 6-month cycles. After the Colonial Pipeline attack, for example, Darkside was banned from many cybercrime forums for attacking a provider of critical infrastructure – prompting the decision to reform under a new name.”   

These rogue actors are driven by “The high…

Source…