Tag Archive for: understanding

US journalists targeted by foreign hackers who show sophisticated understanding of American politics

/in


As Chinese hackers scrambled to ascertain whether there would be a peaceful transfer of power in the US, they tried to break into the email accounts of high-profile US journalists, who can be softer targets for hackers than officials on US government networks.

The newly revealed hacking campaign shows just how valuable a target journalists can be to intelligence services in search of clues about US policy. To try to lure them, the attackers wrote email subject lines about then-President Donald Trump’s attempts to overturn the 2020 election, pandemic relief legislation and other enticing issues.

It’s unclear how successful the hacking campaign was — Proofpoint said it blocked the malicious emails that it found. But more journalists need to be aware of the issue because the number of capable hacking groups targeting journalists is “unprecedented,” said Ryan Kalember, Proofpoint’s executive vice president for cyber strategy. “And it’s only likely to increase.”

Proofpoint attributed the Chinese hacking efforts to a group that the UK government has linked with China’s civilian intelligence agency, the Ministry of State Security.

CNN has requested comment from the Chinese Embassy in Washington, DC. Beijing routinely denies hacking allegations and has repeatedly accused the US of engaging in cyber attacks against China.

Journalists are perennial targets for cyber espionage because they regularly interact with US government officials, whistleblowers and critics of authoritarian regimes — information that foreign intelligence services look to exploit. And breaching the computer network of a major newsroom could offer the hackers a foothold for a long-running intelligence collection effort.

Cybersecurity vigilance is all the more necessary for journalists, experts say, as the US prepares for midterm elections this fall and foreign actors may try to use media outlets to sow discord or spread disinformation about voting — as Russian operatives did in the 2016 presidential election.

Newsrooms should “take the time to review [hacking] incidents affecting others in your industry,” advised Runa Sandvik, the former senior director for information security at The New York Times. “Have a plan in place….

Source…

Understanding Private 5G LANs in the Enterprise

/in


Wireless connectivity in the enterprise has long been the domain of Wi-Fi technologies, but that paradigm is changing with the onset of 5G. It’s a fundamental shift that has given rise to a market for private 5G LANs.

Of course, the shift from Wi-Fi to 5G is not a zero-sum game. They can certainly exist in the same environments together, offering complementary functionalities. “Both 5G and Wi-Fi 6 […] provide higher speeds, lower latency, and increased capacity over their predecessors,” says Sujatha Gopal, chief architect and consulting partner at Tata Consultancy Services.

The two technologies provide fundamentally the same thing — high-quality Internet access — but come to it differently, so it’s something of an apples-to-oranges comparison.

Wi-Fi uses unlicensed spectrum, has lower deployment and maintenance costs, and is ideal for connecting large numbers of devices like PCs and tablets. Secure access requires SSIDs, which requires end users to manually authenticate at least once. (Open networks, of course, require no gatekeeping but are inherently insecure.)

5G (and its predecessor, LTE) is a service mobile carriers provide that requires a subscription of some kind for access. It offers a wider range for connectivity and is ideal for connecting swaths of mobile devices, from smartphones to smart devices to connected cars. Authentication requires less human intervention than Wi-Fi; 5G relies upon on-device SIMs instead of SSIDs, and although private 5G LANs offer granular access management as a feature, end users don’t have to do anything to connect.

“Ultimately, using 5G or Wi-Fi 6 depends on the specific use case,” says Gopal.

Enterprises can get the most out of 5G by using the technology to create a private LAN. Ostensibly, this combines the simplicity of a typical wireless LAN with the benefits of 5G technology.

5G LANs operate on the Citizens Broadband Radio Service (CBRS) spectrum. The FCC created new rules in 2015 that allowed for a three-tiered spectrum access and authorization system. The changes paved the way for the CBRS to allow companies to create private 5G LANs on the third (free) tier. The CBRS prevents similar networks from interfering with one…

Source…

Understanding Russia’s “Sovereign Internet”: What Happens If Russia Isolates Itself from the Global Internet?

/in


Click here for Flashpoint’s coverage of the role of intelligence in Russia’s war on Ukraine.

Russia moves to control the information narrative

The Russian government ordered state-owned portals to connect to its state-controlled domain name system servers by March 11—and, to switch to Russian hosting providers and localize elements that may not in the future run on the websites. In reaction to sanctions against Russian banks by the US, the EU, and the UK—as well as (as of this publishing, unheeded) calls to the Internet Corporation for Assigned Names and Numbers (ICANN) to disconnect Russian top-level domains—authorities also instructed Russian financial institutions and other companies to replace security certificates that have been or will be withdrawn from them, with Russian certificates. 

This is the latest in a series of intentional steps to establish firmer control over the Russian internet, following its invasion of Ukraine. It also includes the blocking of access to several social media platforms and independent news sites in order to censor information about the war from reaching Russian citizens. 

Russia’s strategic motivation: Protection from cyber attackers

According to Deputy Prime Minister Dmitry Chernenko these steps have been taken to protect Russia from cyber attacks. This is a plausible explanation given the fact that a vast majority of threat groups have sided with Ukraine during this war. Well known groups, such as Anonymous and AgainstTheWest, have been actively attacking and breaching Russian networks for weeks.

However, the steps prompted observers and Russian-speaking threat actors alike to speculate that Russia’s “disconnection” from the global internet was imminent. This would happen under a 2019 Law on Sovereign Internet. However, there have been questions about the feasibility and the usefulness of this move. According to Russia’s legislation, disconnecting Russian internet infrastructure from the global internet would be a defensive move, although this leaves a wide room for interpretation. In addition, it is presently unclear whether Russia meets the technical conditions for an effective disconnection. 

Below, we examine what…

Source…

Understanding cybersecurity from machine learning POV

/in


Cybersecurity has undergone massive shifts technology-wise, led by data science. The extraction of security incident patterns or insights from cybersecurity data and building data-driven models on it is the key to making a security system automated and intelligent.

Cybersecurity data science is a phenomenon where the data and analytics acquired from relevant cybersecurity sources suit the data-driven patterns that give more effective security solutions. The concept of cybersecurity data science makes the computing process more actionable and intelligent when compared to traditional ones in cybersecurity. Therefore, an ML-based multi-layered framework for cybersecurity modelling is sought after today.

Today, companies depend more on digitalisation and Internet-of-Things (IoT) after various security issues like unauthorised access, malware attack, zero-day attack, data breach, denial of service (DoS), social engineering or phishing surfaced at a significant rate. Cybercrime causes disastrous and sometimes irreversible financial losses that affect both organisations and individuals. A data breach costs $8.19 million in the United States and $3.9 million on an average, according to an IBM report. Meanwhile, the annual cost for the global economy from cybercrime is $400 billion. 

What is cybersecurity data science?

Data science brought about a global change in various industries. However, it has become an important segment for the future of robust cybersecurity systems and services. This comes after cybersecurity has become all about data. For example, while detecting cyber threats, it analyses security data in files, logs, network packets, or other sources. Commonly, security professionals did not use data science to detect cyber threats. Instead, they used file hashes, custom-written rules, and manually defined heuristics.

Although it has its own merits, it requires a lot of manual labour to keep up with the ever-changing threat landscape. On the other hand, data science can change the industry with machine learning algorithms that can be used to extract insights of security event patterns from training data for detection and prevention. It can be used to detect…

Source…