Tag: Lessons | Page 5

The new AUKUS alliance holds some lessons for India

September 21, 2021/in Internet Security

In a surprise, virtual statement on September 15, the heads of government of Australia, the UK and US announced the formation of a trilateral security pact, to be known by the acronym, AUKUS. Without naming China, US President Joe Biden announced, in a press conference, that “in order to deal with rapidly evolving threats,” the US and Britain would share, with Australia, intelligence and advanced technologies in areas like artificial intelligence, cyber-warfare, quantum computing and nuclear submarine construction.

The surprise at the formation of AUKUS is for a number of reasons. Firstly, the three nations are already allied to each other, in more ways than one — the US and UK are NATO allies, and Australia, New Zealand and the US are linked by the ANZUS pact. All three are also members of the “Five Eyes” intelligence alliance. Secondly, this announcement, coming just days before the first in-person summit meeting of the Quadrilateral Security Dialogue (Quad), places a question mark over the continuing relevance of this forum and its long-overdue actualisation. Finally, the inclusion of a much-diminished, post-Brexit UK in such a long-range alliance is bound to raise a few eyebrows.

China has made no secret of its neurosis about the Quad as well as the naval exercise, “Malabar,” both of which, now, have a common membership, comprising the US, India, Australia and Japan. Beijing’s apprehensions arise from the suspicion that this concatenation could be a precursor to “containment” – the Cold War strategy which eventually brought the USSR to its knees.

While frequently heaping scorn on their attempts at synergy and coordination, China loses no opportunity to send intimidatory messages to the Quad nations. This has led to palpable trepidation amongst members of this grouping, who have remained over-cautious in their utterances and tended to “tip-toe” around the “dragon” in their midst. The Quad has neither created a charter nor invested itself with any substance; fearing that it would be dubbed an “Asian NATO.” China, on its part, has dismissed the Quad as a “headline-grabbing idea which will dissipate like sea-foam”.

So far, China has had its…

Source…

DigiCOOP delivers cybersecurity lessons as it ramps up shift to digital transactions in rural areas

September 5, 2021/in Computer Security

TEAMS OF DigiCOOP, the digital platform of the biggest financial cooperative in Mindanao, has started teaching members about cybersecurity alongside the push to shift more transactions online.

Ana Cuisia, chairman of Taxion Cooperative that provides the DigiCOOP platform to the First Community Credit Cooperative, Inc. (FICCO), said they have found out that scammers have been on the prey for people in rural areas.

“The team soon realized that transitioning non-digital platform users to the digital space needs to go beyond merely acclimatizing them to the functionalities of an app or a browser-based platform. On the ground, we have heard horror stories about cooperative store owners who unknowingly (or knowingly but with no malicious intent) shared their computer passwords or their own user credentials with outside parties,” she said in a statement.

The 67-year old FICCO, which has over 400,000 members mostly in Mindanao, launched the DigiCOOP for members in July. It is targeting to have at least 75% or 300,000 of members switch to digital services by the end of the year.

Ms. Cuisia said they have been conducting orientation and trainings to cooperatives in the countryside, which now include a session on cyber security.

“Technology and education are the great equalizers of opportunities,” she said.

DigiCOOP, which can be used through a mobile application or an internet browser, can be used by FICCO members for financial services such as bills payment, loan availment, money transfer, and online purchase.

Alongside the digital shift, FICCO is also launching 10 digiCOOP Business Centers in Mindanao this year to expand membership.

Ms. Cuisia said in an email interview that the physical stores will complement the digital platform in terms of attracting more clients who may or may not be able to go online.

“DigiCOOP would like to cater to the most underserved which may not have access to smartphones or internet connection, and that’s why we have made the services offline too, through the digiCOOP business centers,” she said. — MSJ

Source…

Incident Response Process – CompTIA Security+ SY0-501 – 5.4

July 22, 2021/in Video

Colonial CEO Defends Hack Response and Offers Lessons Learned

June 8, 2021/in Internet Security

(Bloomberg) — The chief executive officer of the pipeline company hit by a ransomware attack last month apologized to a U.S. Senate panel for the incident that paralyzed the East Coast’s flow of gasoline, diesel and jet fuel, while defending his company’s response and offering tips for future hacking victims.

“We are deeply sorry for the impact that this attack had, but are also heartened by the resilience of our country and of our company,” Colonial Pipeline Co. CEO Joseph Blount Jr. said at Tuesday’s hearing.

Blount’s appearance before the Senate Homeland Security and Governmental Affairs Committee comes as Congress readies its response to the hack, which affected 45% of the East Coast’s fuel supply, driving up gasoline prices and sparking shortages at filling stations after the company shut the roughly 5,500-mile pipeline on May 7.

The senators’ questions for Blount were direct but relatively gentle. Blount was contrite — and sometimes vague — on some details about the company’s cybersecurity protections. When asked about Colonial’s cybersecurity budget, for instance, he said they had spent $200 million on information technology over five years without specifying how much was defending against hacks.

Blount said responding quickly to contain the threat and swiftly communicating with the government were among the most important lessons he learned from the incident.

The hackers, who the FBI said have been linked to a group known as DarkSide operating in Russia, were able to breach the company’s computer system April 29 using a virtual private network — or VPN — account, an encrypted internet connection that allowed employees to remotely access the company’s computer network. Blount testified that the VPN account only had single-factor authentication.

The “legacy” network “was not intended to be in use,” said Blount, who took over as Colonial CEO in 2017. He added that the company is still trying to determine how the hackers gained the needed credentials to exploit it.

Senator Rob Portman, a Republican from Ohio and the ranking member on the committee, called out this failure. “Mr. Blount you’re a victim, and we understand that,”…

Source…

Tag Archive for: Lessons