Tag Archive for: Operations

US Cyber Command Expanded ‘Hunt Forward’ Operations in 2023

/in


Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
,
Government

US Cyber Mission Force Led 22 Defensive Cyber Operations in 2023, Commander Says

Chris Riotta (@chrisriotta) •
April 12, 2024    

US Cyber Command Expanded 'Hunt Forward' Operations in 2023
The Cyber National Mission Force was active in “hunt forward” operations across the globe in 2023. (Image: Shutterstock)

A secretive U.S. cyber military force ramped up global operations in 2023, executing more than double the average number of “hunt forward” campaigns than the previous five years, according to the head of U.S. Cyber Command.

See Also: Critical Infrastructure Cybersecurity & Risk Monitoring: Elections Infrastructure

The Cyber National Mission Force carried out 22 operations in 2023, Air Force Gen. Timothy Haugh – commander of the U.S. Cyber Command – testified to the Senate Armed Services committee Wednesday. The mission force deployed a total of 55 times since 2018, Cyber Command said in December.

Haugh told lawmakers the Cyber National Mission Force “constrained adversary freedom of maneuver” in 2023, while supporting allies and generating important insights on the evolving cyber threat landscape. Cyber Command’s hunt forward teams are deployed after partner nations invite the military force to assist in detecting malicious cyber activity on government systems and networks.

The hunt forward teams carried out cyber campaigns in all regions where the combatant command was authorized to operate in 2023, according to Haugh, resulting in the public release of more than 90 malware samples for…

Source…

Providing A Cyber Capability Focus > Space Operations Command (SpOC) > Article Display

/in




PETERSON SPACE FORCE BASE, Colo. —  The growing importance of cyber operations within the U.S. Space Force is driving a required focus on space systems at the Special Access Program level, explained Mr. David Wilcox, Space Operations Command’s Cyber Warfare Mission Area team chief. “Recognition of this gap lead to the stand-up of a Branch specifically focused on this… and I was chosen as the lead.”

As the Cyber Warfare Branch chief, Wilcox is the subject matter expert supporting SpOC’s cyberspace secure-and-defend operations for USSF missions. “Specifically, I provide subject matter expertise for integration of secure-and-defend capabilities on Special Access Program, and lead efforts for providing cyber-enabled space operations capabilities for combat power projection.”

The importance and criticality of SpOC’s cyberspace secure-and-defend operations has only increased over time. Wilcox explains, “…I know the impact of my job for SpOC and the USSF is critical to allowing our service to become a leader in cyberspace operations in support of space operations.  Our team, just with SpOC, has led USSF efforts to drive Commanders and Senior Leaders to understand the impact cyberspace risks have on total mission risk as we present our capabilities and forces in support of Combatant Commands around the globe.”

Leading a team that delivers such consequential capabilities to the security of the nation provides Wilcox a satisfaction that comes from knowing what he does, day-in day-out, is crucial and far-reaching.

Wilcox’s tenure as a Department of Defense civilian employee started with the now deactivated Air Force Space Command, and after 13 years developed into his current role which came about with senior leaders’ realization of the importance of cyber operations as part of the newly formed USSF.

“I am very satisfied with the work I do in trying to achieve the end state for SpOC and the USSF,” said Wilcox. “With the stand-up of the USSF, I feel honored to be part of something that will last years into the future and ensure and maintain access to space resources and capabilities for our nation and our Allies.”

Wilcox, an integral…

Source…

The biggest threat to operations

/in


Victor Lough, Cybersecurity Business Lead at Schneider Electric, speaks to The Manufacturer about the new NIS 2 legislative changes and the impact of this on the supply chain.

Victor’s role is to ensure that Schneider’s solutions and services are being delivered to the UK and Ireland business sector from a security perspective, as well as collaboratively with the government and market peers. Alongside this, he is raising awareness of ransomware and it being the current biggest threat to company operations.

In the UK industrial sector, there is currently a lot of collaborative work taking place around the government’s objective to make the UK the most secure location in the world to do business with. “In the last couple of years, the industry has seen a drive to ensure that everyone is pulling in the same direction. And the government is revising its Network and Information Security Directive-related legislation, aligning with the EU’s own NIS 2 update.”

The changes will have implications for the whole supply chain, requiring a wide ecosystem of essential service providers and manufacturers to rapidly advance cyber security maturity to minimise risk. In both the UK and EU, connected businesses throughout the supply chain will be expected to be cyber secure, with responsibility extending to friendly third-parties connected to systems through remote access. For utilities, this is especially crucial as any business involved in the supply chain risk huge fines.

There have been numerous changes that have impacted the sector over the last five years, specifically geopolitics, and they have influenced how businesses operate.

Because of the recent disruption, the sector has seen a stark increase in the level of ransomware attacks. “Ransomware is the biggest threat to operations right now and it is making annual profits of over $1bn per year, with more money being made from ransomware than narcotics,” Victor commented. He emphasised the call for regulation due to the fact that ransomware is being run like a business; sophisticated operations with product managers, technicians and specialists who are often backed by nation states.

Ransomware and a risk-based approach

To…

Source…

India Braces Against Phishing, Ransomware Surge and Alert Fatigue, Urging Swift Adoption of AI, and Automation for Security Operations

/in


Fortinet®, the global cybersecurity leader driving the convergence of networking and security, has revealed the outcomes of a new survey conducted by IDC on the state of Security Operations (SecOps) in the Asia-Pacific region. The survey, commissioned by Fortinet, provides valuable insights into the current SecOps landscape, emphasizing the role of Artificial Intelligence (AI) and automation. It explores various aspects, including prevalent security practices, attack frequency and impact, detection and response times, alert fatigue, the status, and impact of automation in SecOps workflows, and challenges related to skill development within the SecOps domain. Key findings from India include:

 

Current Security Challenges: Threats and Team Readiness

 

  • Most Common Cyber Threats: Phishing and Insider threats are the most predominant cyber threat in India, with Approximately 50% of organizations ranking them as their top concerns. The top five threats include phishing, insider threats, ransomware, unpatched vulnerabilities, and identity theft.

 

  • Ransomware Surge: Ransomware incidents have doubled across India, with 70% of organizations reporting at least a 2X increase in 2023, compared to 2022. Phishing and malware are the primary attack vectors. Other significant vectors include social engineering attacks, insider threats, and zero-day exploits.

 

  • Insider Threats and Remote Work: 88% of the respondents feel that Remote work has led to an increase in insider threat incidents. Insufficient training, lack of employee care, and inadequate communication contribute to this surge, emphasizing the need to address human factors in cybersecurity.

 

  • Resourcing IT Security Teams: Only 44% of businesses have dedicated IT resources for security teams. This augments the challenges faced by organizations in strengthening their security measures.

 

  • Impact of Emerging Technologies: Hybrid work, AI, and IT/OT system convergence pose significant challenges. Cloud technology adoption emerges as a primary challenge, impacting organizational vulnerability to cyber threats.

 

SecOps SOS: Struggles with Alert Fatigue and Threat Containment

 

  • Threat Containment and Preparedness: Approximately one out of three…

Source…