Sage Advice - Cybersecurity Blog

At the very least, a high-profile, bull’s-eye breach teaches the victimized organization some hard lessons. Though it’s not an easy exercise for most SOC teams, C-suites, and boards, it’s far better to learn these tough security lessons upfront, by thoroughly testing their people, processes, and technologies.

For a brisk morning tour of Tor, darknets, and dark marketplaces, attendees of the 2017 CyberCrime Symposium couldn’t have asked for a more entertaining, informative guide than Neil Wyler. Grifter, as he’s known in the security community, launched his impressive career at age 11, when he began hacking computer systems. Eventually, he switched sides. Currently a threat hunting and incident response specialist at RSA Security, he’s been running technical operations for the Black Hat Security Briefings for 15 years, and serves as a senior staff member for DEF CON.

Though it’s a natural evolution, the very existence of cybercrime-as-a-service (CaaS) shocks people. Never mind the annual global costs attributable to CaaS, or how much it hampers innovation. In his keynote at the 2017 CyberCrime Symposium, McAfee Chief Scientist Raj Samani made sure attendees understood the CaaS threat — calling his content the “most depressing 45 minutes” they’d ever get at a security event — by mapping its rise and rapid expansion.

As much as cybersecurity professionals need to be concerned about insider threats, the bulk of data breaches are still the work of outside forces. "In 2015, 77.7% of all the data breaches we tracked came from the outside,” said Jake Kouns, CISO for Risk Based Security, a consultancy that helps organizations apply analytics to real-time data to monitor activity, and CEO of the Open Security Foundation, which oversees the Open Source Vulnerability Database (OSVDB.org) and DataLossDB.org. “While insiders may hurt you worse because they know where the crown jewels are, breaches are much more likely to be coming from the outside.”

Cybersecurity professionals get no relief. For every threat they counter, there are hundreds more waiting to strike, or some new point of vulnerability to consider. With the IP-enabling of every manner of device, machine, and facility, physical security managers are in the same pressure cooker as their IT counterparts. We’ve entered the era of cyber convergence, where both groups will have to join forces to protect their organizations as the battle escalates.

The call to improve the cybersecurity of our nation’s critical infrastructure began with the signing of an Executive Order in February of 2013.  Critical infrastructure includes services such as electricity generation, transmission, and distribution, water supply, financial services, and public health.  They are the things that, if destroyed or disabled could have a debilitating effect on our society and economy. 

Ransomware cyberattacks are on the rise. If your computer is infected with ransomware, a type of malware (malicious software), you are not able to access data until a ransom is paid to the attacker. After the ransom is paid the data will usually be released.

Ransomware is opportunistic in nature; computers are typically infected by a user clicking on a malicious email attachment or visiting an infected website.

Malware, short for “malicious software,” is software (or script or code) designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems and mobile devices. 

Most security professionals have at least a basic understanding of Stuxnet. However, because the story behind the malicious worm used to attack Iran’s nuclear program is so complex, many of those covering it in news stories, features, and reports have only addressed aspects of the events. Not so Kim Zetter, who literally wrote the book on the subject—2014’s Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon, an in-depth account of the unfolding of the attack that fills in the gaps left by all the media coverage.

As a national correspondent covering intelligence and national security for The Daily Beast, Shane Harris spends a lot of time immersed in the world of cybersecurity. In his presentation at the 2015 CyberCrime Symposium, “The Internet is a Battlefield,” he took attendees through a sequence of events that built, brick by brick, revelation upon revelation, U.S. understanding of cybersecurity as a top national security issue.