• How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks

    With the genuinely significant potentials of Artificial Intelligence, the probability of attackers weaponizing it and using it to boost and expand their attacks is a huge threat. One of the biggest concerns is that hackers can use AI to automate cyberattacks on a massive scale. Now, our adversaries are relying on human resources to craft and coordinate their attacks. Cybercrime and cybersecurity landscape are going to change –not for the better – if and when they learn to use AI and machine learning to do the dirty work. So, the three main implications of Artificial Intelligence to the threat landscape are the augmentation of today’s threats and attacks, the development of new threats, and the variation of the nature of existing threats.

  • North Korean Hacking Groups Hit with Treasury Sanctions

    The Department of the Treasury hit three North Korean groups with new sanctions Sept. 13 for conducting cyberattacks against critical infrastructure, including the infamous WannaCry ransomware attacks. Treasury’s Office of Foreign Asset Control announced that Lazarus Group, an advanced persistent threat believed to be working at the behest of the North Korean government and two of its subgroups, dubbed Bluenoroff and Andariel, was responsible for unleashing WannaCry, which wrought havoc across hospital and health care organizations in as well as other sectors in the United Kingdom and other industrial sectors in 2017, as well as the 2014 Sony hack.

  • West Needs to Be Ready for Terrorist “Dirty” Cyber Bomb

    The West must take necessary precautions to prevent terrorists from launching a “dirty” cyber bomb, Lt.-Gen. (ret.) Vincent Stewart, who stepped down a few months ago from his post as deputy head of the US Cyber Command. Stewart that while the West took cyberattacks from nation-states seriously, it is vastly underestimating the danger of a massive ISIS or al-Qaeda cyberattack which could cripple a country’s entire infrastructure. While drawing attention to cyber terrorism, Stewart acknowledged that a nation state like Russia was still the most dangerous cyber adversary with “Russia viewing itself as a global power” and Russian President Vladimir “Putin believing he is almost the czar.”

  • New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction

    For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine’s national grid operator, Ukrenergo. Just before midnight, they used it to open every circuit breaker in a transmission station north of Kyiv. The result was one of the most dramatic attacks in Russia’s , an unprecedented, automated blackout across a broad swath of Ukraine’s capital. In an insidious twist in the Ukrenergo case, Russia’s hackers apparently intended to trigger that destruction not at the time of the blackout itself but when grid operators turned the power back on, using the utility’s own recovery efforts against them.

  • Israel Planted Eavesdropping Devices to Spy on Trump, WH officials: U.S. Intelligence Officials

    The U.S. intelligence community has concluded that Israel was behind the placement of cellphone surveillance equipment near the White House and at other locations in Washington, D.C. Politico reports that a former senior U.S. official with first-hand knowledge of the issue said that the U.S. intelligence community believes the devices were installed to spy on President Donald Trump and top administration officials.

  • Watch out: Your Devices May Be Listening to You

    We have become accustomed to carrying our mobile phones and tablet devices everywhere we go. The mobile phone has essentially become an integral part of our everyday lives, helping us to communicate, make payments and socialize. Unfortunately, the smart devices of today are equipped with many different types of sensors that may be listening in on our conversations.

  • Warning Issued After Malware Is Found to Have Hijacked Bitcoin Blockchain

    Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned. The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.

  • Why the 2020 Campaigns Are Still Soft Targets for Hackers

    Three and a half years have passed since John Podesta, the chairman of Hillary Clinton’s presidential campaign, fell for a phishing email—granting Russian hackers, and thereby the world, access to his Gmail account and coming to embody the devastating ways foreign governments can meddle in democratic politics. In light of that trauma, the current crop of presidential campaigns has made progress in fortifying their digital operations. But according to those who have worked with the campaigns on these efforts, they nevertheless remain vulnerable to attack and lack cybersecurity best practices.

  • Making “Internet of Things” More Secure

    Devices connected to the internet of things, now becoming standard components in new buildings, can increase energy performance while reducing costs. But such highly connected sensors can also bring potential security vulnerabilities. Several University of Washington schools and offices will team up to research how organizational practices can affect the interagency collaboration needed to keep the “internet of things” — and institutional systems — safe and secure.

  • Insurance Companies Are Fueling Ransomware Attacks

    Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. the FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.

  • Calling Off Iowa’s “Digital Caucuses” Is a Wise Display of Caution

    Caution and restraint are not known as the hallmarks of the digital revolution. Especially when there’s the admirable possibility of increasing participation by going digital, the temptation to do so is strong—and rarely resisted. But a decision reportedly taken by the Democratic National Committee, however, presents a significant display of caution that deserves both attention and praise. “Showing restraint usually isn’t exciting or flashy,” Joshua Geltzer writes. “But it can be admirable. And, here, organizations like the DNC that take these steps deserve our collective applause for erring on the side of caution, especially in a world replete with cybersecurity and election interference threats.”

  • Ransomware Attacks on Cities Are Rising – Authorities Must Stop Paying Out

    A ransomware campaign that targeted twenty-three U.S. cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks. These events come not long after similar attacks on governmental and business organizations in Indiana, Florida and elsewhere. They reflect a general shift in ransomware tactics from “spray and pray” attacks on large numbers of individual consumers, to “big game hunting”, which targets organizations, usually through people in positions of power.

  • Integrating EMM & APP Vetting Solutions for Maximum Security

    A new study released by the DHS S&T describes a continuous approach to mobile app vetting that integrates the capabilities of enterprise mobility management (EMM) solutions with app vetting tools to improve the security of mobile devices.

  • How to Measure Cybersecurity

    Many experts agree that there are no universally recognized, generally accepted metrics by which to measure and describe cybersecurity improvements, and that, as a result, decision-makers are left to make choices about cybersecurity implementation based on qualitative measures rather than quantitative ones. Robert Taylo argues that the “search for quantitative metrics and dismissal of qualitative metrics ignores the dynamic nature of the challenge of ensuring cybersecurity, as well as the critical role of processes and procedures. Cybersecurity is a matter not just of the equipment and tools in place but also of how the equipment and tools are used by people, and how the organization ensures that the equipment and tools and methods of use are kept up to date. Qualitative measures that are discernible and reproducible are and will continue to be essential in helping to guide sound investment and operational decisions.”

  • NotPetya Ushered in a New Era of Malware

    NotPetya ushered in a new era of implant-enabled warfare where public opinion is as much the target as traditional IT systems. This wasn’t “hack and leak” or “inauthentic amplification” on social media. This is information operations by using malware to create a narrative, and shows what the future of conflict looks like: one where malware not only disrupts our business operations but also targets our minds and influences media coverage. NotPetya created significant downtime and a whopping $10 billion in damages, but its most subversive impact was how it deceived the public.