Tag Archive for: leaders

China’s technological advances raise security concerns for lawmakers, defense leaders


China’s cyber capabilities are drawing more focus from Congress, U.S. defense and intelligence officials and private businesses as Washington’s relationship with Beijing becomes more adversarial amid stiff economic competition and China’s efforts to expand its influence as a world power.

While there are lingering concerns about a military conflict with China over Taiwan, many of the battles the U.S. is trying to prepare for and prevent do not involve direct altercations that lead to military warfare.

Many of the recent U.S. initiatives are related to limiting China’s access to American-made technology that can be used to advance its military objections, protecting data from falling into the Chinese government’s hands and bolstering cyber defenses amid concerns about Beijing’s advancing capabilities.

The most recent high-profile example is a Congress-led effort to ban the popular video app TikTok over its parent company’s connections to Beijing. A bill passed the House with broad bipartisan margins and President Joe Biden has pledged to sign it if it passes the Senate, which is more uncertain with questions from lawmakers about targeting a specific company and if it will address the root of the issues with TikTok.

The root of the issue with TikTok is a Chinese law that could compel ByteDance, TikTok’s parent company, to give Americans’ data to China’ intelligence agencies or coerce the app to use its algorithm to sway public discourse. In addition to using its algorithm to create a profile of a user to feed them content they are more likely to stay on the app and watch, people can also opt into sharing more data with TikTok through allowing access to contacts or by simply divulging it in posts on the platform.

TikTok is the most well-known and prominent example of the risks lawmakers and intelligence experts say presents a risk to Americans’ data security, but there are other problems lingering.

Among them is China’s heavy investments and capabilities with blockchain technology. Blockchain is known for its connection to cryptocurrencies but has seen its uses expand with time to cloud-based storage and other applications.

China has invested…

Source…

4 Lessons Security Leaders Can Learn


Ivanti has had a rough start to the year. In January and February, the IT software company disclosed a series of VPN vulnerabilities impacting the Ivanti Connect Secure and Ivanti Policy Secure gateways. In February, the Cybersecurity and Infrastructure Security Agency (CISA) warned that threat actors were actively exploiting these vulnerabilities.  

As exploitation continued, CISA became one of the impacted organizations. The federal agency took down two of its systems affected by exploitation of the Ivanti vulnerabilities, The Record reported.  

“About a month ago CISA identified activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses. The impact was limited to two systems, which we immediately took offline. We continue to upgrade and modernize our systems, and there is no operational impact at this time,” a CISA spokesperson shared in an emailed statement.  

What lessons can CIOs, CISOs, and other enterprise security leaders learn from these vulnerabilities, Ivanti’s response, and the exploitation of the bugs?  

Understand the VPN Vulnerabilities 

“From Jan. 10 to Feb. 8, there were five vulnerabilities disclosed; the nature of these vulnerabilities allows an unauthenticated actor to execute arbitrary commands with elevated privileges,” Nick Hyatt, director of threat intelligence at managed detection and response (MDR) company Blackpoint Cyber, tells InformationWeek in an email interview.  

Related:How to Evaluate a CISO Job Offer

The five vulnerabilities that impacted the Ivanti Connect Secure and Ivanti Policy Secure gateways are CVE-2023-46805 (CVSS 8.2), CVE-2024-21887 (CVSS 9.1), CVE-2024-21888 (CVSS 8.8), CVE-2024-21893 (CVSS 8.2), and CVE-2024-22024 (CVSS 8.3).  

This crop of VPN flaws in Ivanti’s products has led to criticism of the company’s cyber incident response. The company will likely need to work to regain customer trust following the exploitation of these bugs. In the meantime, enterprise leaders may be considering their choice of VPN solution.  

“There are other solutions out there that do this exact same thing that haven’t appeared on CISA KEV [Known Exploited Vulnerabilities Catalog] as much,” says…

Source…

IT leaders think immutable data storage is an insurance policy against ransomware


IT leaders consider immutable storage as a must-have in the fight against cyberattacks, according to Scality.

immutable storage

Ransomware threats are now understood by organizations to be inevitable. Reports show 1 in 4 organizations that pay a ransom never get their data back, and just 16% are able to recover without paying a ransom.

This reinforces immutable data storage’s role as an essential last line of defense within a cybersecurity toolkit. With this type of storage, data cannot be deleted or modified once written, increasing data safety and ensuring organizations have the power to restore data with 100% accuracy in the event of a breach.

94% of IT leaders either already rely on such data storage or plan to implement it within the next 12 months, and an additional 2% plan to deploy it within the next three years.

69% consider this data storage essential to their corporate cybersecurity, and only 12% of those who deployed immutable data storage say it is not essential.

Vertical market and regional nuances

Comparisons among IT leaders surveyed across vertical industries and specific countries reveal many notable differences.

Vertical market

Manufacturing organizations (95%) are most likely to deploy immutable storage, and 84% consider it essential to their corporate cybersecurity. Financial services firms (74%) report the lowest reliance on this storage, and 60% say it’s essential to their corporate cybersecurity.

Regional

A majority of IT leaders across all regions currently use or plan to use immutable data storage: The US has the highest level of current or planned deployments, with 98% of respondents either having implemented it or planning to do so within the next year. This is followed by France at 96%, Germany at 94% and the UK at 85%.

While a relatively low number (12%) of IT leaders worldwide who currently use immutable data storage do not regard it as “essential” to their cybersecurity strategy, a larger percentage resides in the UK: 24% of UK respondents have deployed it but say it is not essential to their cybersecurity, compared to 11% in France, 9% in the US and 6% in Germany.

“Widespread deployment of immutable storage reinforces an increased awareness of…

Source…

US offering rewards for information on leaders of ransomware group


The U.S. is offering rewards for information on leaders of the LockBit ransomware group.

LockBit is a syndicate operating since 2019. It accounted for 23 percent of the nearly 4,000 attacks globally last year in which ransomware gangs posted data stolen from victims to extort payment, according to the cybersecurity firm Palo Alto Networks, per The Associated Press.

“The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware group,” State Department spokesperson Matthew Miller said in a Wednesday statement.

“Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly disruptions to operations and the destruction or exfiltration of sensitive information,” Miller’s statement continued. “More than $144 million in ransom payments have been made to recover from LockBit ransomware events.”

Miller’s statement follows another announcement by the United Kingdom’s National Crime Agency (NCA) on the disruption of the LockBit group with the help of international law enforcement agencies including the FBI on Tuesday.

NCA Director General Graeme Biggar called the agency’s investigation with other international partners “a ground-breaking disruption of the world’s most harmful cyber crime group.”

“Through our close collaboration, we have hacked the hackers; taken control of their infrastructure, seized their source code, and obtained keys that will help victims decrypt their systems,” Biggar said in an NCA release.

U.S. Attorney General Merrick Garland also said that law enforcement from the U.S. and the U.K. “are taking away the keys to their criminal operation.”

“And we are going a step further — we have also obtained keys from the seized LockBit infrastructure to help victims decrypt their captured systems and regain access to their data,” Garland said in the NCA release. “LockBit is not the first ransomware variant the U.S….

Source…