Colleagues, the US financial,
communications, transportation and especially energy infrastructures are all
prime targets for Russian state-sponsored cyber threats. Without energy (power)
the other mission-critical infrastructures are rendered useless. US
DHD has stated “Russia has attempted to attack
targets that include "energy, nuclear, commercial facilities, water,
aviation, and critical manufacturing sectors since March 2016”. Russian hackers made their way to machines with access to
critical control systems at power plants that were not identified. The hackers
never went so far as to sabotage or shut down the computer systems that guide
the operations of the plants. A chief suspect is Russia’s Internet
Research Agency located in St. Petersburg. While past attempts have come up
short we must fully assume that Russia is using quantum cryptography techniques
to break into US and European energy systems. Bottom line: The US needs to aggressively
move from a defensive an asymmetric and continuously to dispute, destroy and
Russian infrastructure while forcing the enemy to divert their offensive
resources to protecting their homeland. Post your comments and subscribe today! Lawrence, Cyber Security Defender
(https://cybersecuritydefender.blogspot.com)
Our mission is to provide world-class cybersecurity Training and Certification programs to individuals and businesses globally.
Tuesday, May 15, 2018
Monday, May 14, 2018
How Serious is the Security Risk of the newly Discovered “Efail” Encryption Threat?
Colleagues, researchers at Germany’s
KU Leuven, Ruhr University Bochum and Munster University published a new
paper detailing the risk of Efail
to OpenPGP and S-Mine
encryption standards. OpenPGP,
the commonly employed email encryption method was OpenPGP was originally
derived from the PGP software. Whereas, S/MIME is based on asymmetric
cryptography to protect your emails from unauthorized access.
Efail enables an attacker to use the target’s own email client to decrypt
previously acquired messages and return the decrypted content to the attacker.
Efail exploits plaintext-recovery attacks on email standards as
opposed to network protocols TLS, IPsec and SSH. The email apps deemed to be
most at risk include Mozilla Thunderbird, iOS Mail and Apple Mail. Two
mitigation techniques have been identified. First, decrypt emails outside of
their primary email client. And second, disable HTML rendering.
Open issue: Just how serious and widespread of a threat does Efail represent to
corporate and individual email users? Let us
known your comments and subscribe today! Lawrence, Cyber Security Defender
(https://cybersecuritydefender.blogspot.com)
Saturday, May 12, 2018
Assessing the Impact of GDPR on the EU’s Consumer-First Policy
Colleagues, balancing the online protection of consumers vis-à-vis
free trade and commerce flows is a challenge to any government. This challenge
is at the very forefront of the EU’s new General Data Protection
Regulation which goes into effect on May 25, 2018. The GDPR includes nine significant changes for
EU citizens relative to its predecessor Data Protection Directive 95/46. They
include Breach Notification, Right to Access, Right to be Forgotten, Data
Portability, Privacy by Design, Data Protection Officers, Extra-Territorial
Scope, Consent and Penalties. The UK’s 66m citizens will live under GDPR
governance until Brexit goes into effect on March 29, 2019. Bottom line: What
impact will GDPR have on consumers and businesses alike in the months and years
ahead? For the moment let’s take a 30k foot handicap of the world’s three major
economic trading zones: North America (standing firm), Europe (a vibrant
history trying to maintain parity) and Asia (on a voracious growth trajectory).
While EU-based businesses will feel little-to-no impact, how will
multi-national corporations based in North America and Asia respond? In
essence, what is their risk-reward posture for doing business on the European
continent? Share your comments and join us today!
Lawrence, Cyber Security
Defender (https://cybersecuritydefender.blogspot.com)
Thursday, May 10, 2018
AI Being Weaponized to Launch Next Gen Cyber Security Warfare
Colleagues, while offensive cyber security warfare motives
remain largely unchanged – economic, financial, technological and political –
2018 is seeing the relentless rise of AI weaponized cyber security attacks and
state-sponsored warfare. On the surface there is nothing new when it comes to
spear-phishing, malware, DDoS, automated bots, ransomware and KYC breaches.
However, as these measures and methods are “AI-enabled” the threats they pose
are a quantum leap ahead of their conventional predecessors. Warfare tools such
as Sentry MBA, Death by Captcha and each phase of the infamous kill chain model. Bottom line: The increased cyber threat posed by AI
required a comparably higher level of defensive cyber warfare methods which
place even greater demands on limited OPEX by governments, businesses and
non-profit entities across the globe. We will continue to address this dire
topic in our posts and related resources. Share your thoughts today!
Lawrence, Cyber Security
Defender (https://cybersecuritydefender.blogspot.com)
AI Gains Momentum in Empowering Proactive Cyber Security
Colleagues, 2018 is likely the year in which AI-powered
cyber security prevention approaches parity with its arch-nemesis
AI-powered cyber security attacks There are four key areas organizations can
focus their offensive-proactive cyber security posture, most notably DDoS
attacks: Threat Prediction, Detection, Protection and Mitigation. Where to begin? We recommend
assessing the following solutions to determine which best meet your needs: E8 (now part of VMware), Darktrace, Cyland, Palo Alto Networks, Vectra and the new Symantec-Bay
Dynamics partnership. Take a look and share
your thoughts today! Lawrence, Cyber Security Defender (https://cybersecuritydefender.blogspot.com)
Thursday, May 3, 2018
What Impact will Malware Botnets have on Cryptocurrency Mining?
Colleagues, the rise of Cryptocurrency
mining – whether via mining ASICs, pools or cloud-based solutions – has
been accompanied by a significant increase in malware … specifically botnets.
Bitmain, ViaBTC,
Slush, F2pool, BTC, Bitclub Network, HashFlare, Genesis Mining and others all
need to take increased measures to protect against the onslaught of new
malware. Smominru and DDG are among the
more ominous server-based botnets while ADB.A, Mirai and Loapi all pose serious
threats to crypto mining. So which solutions are available to the crypto mining
sector? WAFs from F5, Imperva and Akamai each provide some degree to
protection, however, the Crypto mining botnet threatscape appear to be
outpacing the development of effective solutions leaving – at least in the
near-term - Crypto Mining with big holes in its defense arsenal. Send us your thoughts and subscribe
today! Lawrence, Cyber
Security Defender (https://cybersecuritydefender.blogspot.com)
Wednesday, May 2, 2018
Will the Repeal of Presidential Policy Directive 20 Give POTUS Greater Cyber Warfare Offensive Prowess?
Colleagues, US NSA official are advocating the repeal of Presidential
Policy Directive 20 (PPD 20) in an effort to provide the US Presidential
with greater flexibility, freedom and proactive use of offensive cyber warfare
strategies. The Cyber Security Defender strongly supports this move. PPD 20 was
originally approved by President Obama to help combat cyber threats from state
and non-state foreign actors including Russia, China, Iran, North Korea and
others. Unlike the War Powers Resolution for conventional warfare which involves a request
from POTUS and approve by the US Congress, declaration of cyber warfare is a
much more grey area. We believe that the state actors mentioned above have invested
in offensive cyber warfare capabilities at a far larger and faster rate than
the US over the past decade. Nonetheless, POTUS needs to address issues of
cyber jurisdiction and priority with a firm hand when it comes to the CIA and
NSA. Nonetheless, new National Security Advisor John Bolton’s advocacy of
ending PPD 20 has unquestionable merit and needs to be acted upon with due
haste. Share your thoughts and subscribe today! Lawrence, Cyber Security Defender
(https://cybersecuritydefender.blogspot.com)
Tuesday, May 1, 2018
NATO Wins the CCDCOE Locked Shields Cyber Warfare Competition
NATO Centres of
Excellence (COEs) are nationally or multi-nationally funded
institutions that train and educate leaders and specialists from NATO member
and partner countries, assist in doctrine development, identify lessons
learned, improve interoperability, and capabilities and test and validate
concepts through experimentation. Locked
Shields 2018, the largest and most complex international live-fire cyber
defense exercise in the world, organized by NATO Cooperative Cyber Defense
Centre of Excellence. In 2018 exercise includes new critical infrastructure
components and integrates protection of critical
infrastructure is essential for ensuring the efficient operation of both
military and civilian organizations, it is the foundation of our modern digital
lifestyle. The CCDCOE focuses on preventing and mitigating threats from state
and para-governmental bodies including Russia, China, North Korea, Iran, ISIS
and AQAP. Their CyCon 2018
Conference will be held May 30-June 1 in Estonia. Visit us and
subscribe today! Lawrence, Cyber
Security Defender (https://cybersecuritydefender.blogspot.com)
Monday, April 30, 2018
How Vulnerable are Cryptocurrency Wallets to DNS Attacks?
Friends, as we now know countless of Myetherwallet
users began to report suspicious activity on April 24, 2018 when trying to
access the web-based Ethereum interface. As the web’s most popular client-side Ethereum
wallet, MEW is widely used for buying Cryptokitties, sending money to
crowdsales and beyond. BGP (Border
Gateway Protocol) messages to the internet's core routers to convince them to
send traffic destined for some of AWS's servers to a renegade box in the US.
The rogue machine then acted as AWS's DNS service, and gave out the wrong IP
addresses for MyEtherWallet.com, pointing some unsuspecting visitors to the
dot-com at a phishing site that stole their money. Bottom line: Just how vulnerable
are today’s Cryptocurrency wallets to DNS and related cyber attacks? The April 24 event not only sent
shockwaves through the MEW community but also calls into question of the
integrity of the broader Cryptocurrency juggernaut. Send us your
comments today! Lawrence, Cyber
Security Defender (https://cybersecuritydefender.blogspot.com)
Will Byzantine Fault Tolerance Enable Blockchain Adoption Beyond Cryptocurrencies?
Friends, Byzantine fault tolerance (BFT) is the resistance of a fault-tolerant computer system, especially distributed computing systems, towards electronic component failures where there is
imperfect information on whether a component is failed. In a "Byzantine
failure", a component such as a server can inconsistently appear both
functioning and failed to failure-detection systems, presenting different
expressions to different observers. Perhaps nowhere is BFT more
essential than on a Blockchain. Most traditional distributed computing
environments have central configuration databases or authorities that can help
right wrongs in the event that Byzantine failures occur. Blockchain applications, starting
with Bitcoin’s Proof-of-Work consensus method, are today proposing solutions to
this challenge. Can BFT and/or dBFT help solve this dilemma? Send us your
comments. Lawrence, Cryptocurrency
Academy (https://cryptocurrencyacademy.blogspot.com)
Subscribe to:
Posts (Atom)