Post Tags: Cyber, cyber news, cybersecurity, cybersecurity news
By Colby Proffitt
1.) Winter Olympics’ Security on Alert, but Hackers Have a Head Start (February 8, 2018)
https://www.nytimes.com/2018/02/08/technology/winter-olympics-hackers.html
Summary: The Department of Homeland Security is warning Americans planning to attend the 2018 Winter Olympic Games in Pyeongchang that cybercriminals are likely to be targeting the Games.
Why it matters: In last week’s roundup, we talked about both the benefits and cyber challenges of using IoT as part of the games. This article again emphasizes the likelihood of an attack, likely from the Russians since Russian athletes were banned at the games this year. As this article notes, more than 300 Olympic-related computer systems have already been hit, but how those hacks could lead to larger attacks is still to be determined. The cyber defense challenge isn’t just knowing who the attacker is or where the attack is coming from, but also identifying and understanding how the target systems and data could be compromised and used maliciously.
2.) 2017: Worst Year Ever for Data Loss and Breaches (February 6, 2018)
https://www.infosecurity-magazine.com/news/2017-worst-year-ever-for-data-loss/
Summary: Last year set the record for both the most breaches and the most data compromised in a year, as several new trends (like a surge in cloud storage misconfigurations) characterized the proceedings.
Why it matters: This article offers some specific statistics on 2017 data breaches. Time will tell if that number increases over the course of 2018. The ultimate goal is to stop breaches altogether, but what’s important is that organizations take action to ensure that they discover the breaches internally, before outsiders, allowing the organization to alert consumers, while also limiting the ability of malicious actors to effectively use the breached data.
3.) An ‘Iceberg’ of Unseen Crimes: Many Cyber Offenses Go Unreported (February 5, 2018)
Summary: Utah’s chief law enforcement officer was deep in the fight against opioids when he realized that a lack of data on internet sales of fentanyl was hindering investigations. So the officer, Keith D. Squires, the state’s public safety commissioner, created a team of analysts to track and chronicle online distribution patterns of the drug.
Why it matters: This article highlights a number of tactics used by cyber criminals – tactics that have proven both effective and lucrative – and demonstrates that many of the tools used to fight cybercrime and measure cyber trends in the US are outdated. Monitoring cyber trends can help authorities prepare for future attacks and predict both targets and methods likely to be deployed. However, if the necessary data cannot be effectively tracked and analyzed, it’s difficult to make such predictions and take appropriate defensive action.
4.) Trump Seeks $1B Budget for Homeland Security Cybersecurity (February 13, 2018)
https://biglawbusiness.com/trump-seeks-1b-budget-for-homeland-security-cybersecurity/
Summary: The Department of Homeland Security would get $1 billion for its cybersecurity mission under President Donald Trump’s fiscal year 2019 budget request released Feb. 12.
Why it matters: President Trump’s overall budget for DHS increased approximately $5.1 billion from fiscal year 2017, which shows the administration’s focus on cyber. Although it’s a step in the right direction, allocating funds is only a preliminary step to actually taking action to stop cyber adversaries and prevent future damage.
5.) 81% of Cybersecurity Pros See Value in Threat Intelligence (February 8, 2018)
https://www.infosecurity-magazine.com/news/81-of-cybersecurity-see-value-in/
Summary: The perceived value of threat intelligence is growing, with 68% of organizations currently creating or consuming data around the latest cybersecurity campaigns.
Why it matters: This article highlights findings that reflect a more proactive and aggressive approach towards cyber threats. Leveraging threat intelligence allows organizations to view an organization’s cyber state in near-real time and make more informed and timely decisions on how to effectively defend the organization’s networks, systems, and data.