Cyber Weekly Roundup – July 13, 2018

Weekly Roundup

Cyber Weekly Roundup – July 13, 2018

By Colby Proffitt

1.) Opinion: To hackers, we’re Bambi in the woods (July 11, 2018)

https://www.myajc.com/news/opinion/opinion-hackers-bambi-the-woods/eSeYhaNSCQRopfMfbIgC1M/

Summary: Countries like Russia and China have implanted malicious software in the American electrical grid, nuclear power plants and water systems to have the capacity to mount such attacks — and we have done the same to them.

Why it matters: While this article doesn’t offer any concrete solutions to the growing cyber challenges the U.S. is facing, it does offer a good depiction of just how severe a successful cyber attack on the U.S. could be. One call to action, however, is an increased cost for cyber attacks. This article is a refreshing take on the state of cyber – while many are quick to point out how the U.S. is falling behind and is subject to a devastating attack at any second, this article claims that while that may be true, the U.S. also poses the same threat to it’s adversaries. That leaves the U.S. in the similar stalemate-checkmate predicament that arose with the development of the nuclear bomb and WMDs – who strikes first, and how hard, and is the fear of consequences great enough to deter a first strike?

2.) 100% of corporate networks ‘highly vulnerable’ to attacks, here’s how to secure yours (July 10, 2018)

https://www.techrepublic.com/article/100-of-corporate-networks-highly-vulnerable-to-attacks-heres-how-to-secure-yours/

Summary: All corporate networks are highly vulnerable to attacks that would give hackers full control of their infrastructure, according to a Tuesday report from Positive Technologies

Why it matters: Federal contractors recently came under fire for failing to follow email security best practices (see #5 in the June 22 Roundup), and this study from Positive Technologies, offers more evidence that many organizations just aren’t doing what they should be when it comes to protecting their networks, systems, and data. This article offers four recommendations to make corporate networks more secure – but will companies actually follow them?

3.) Australia to ban Huawei from 5G rollout amid security concerns (July 11, 2018)

https://www.cnet.com/news/australia-to-ban-huawei-from-5g-rollout-amid-security-concerns/

Summary: Australia will reportedly no longer allow Huawei to supply security equipment for country’s upcoming 5G rollout.

Why it matters: Continuing the story from previous weeks, the U.S. isn’t the only country now expressing concerns over the Chinese phone company. This week, Australia announced that it will ban Huawei from supplying security equipment for the upcoming 5G rollout. This is important because it marks a different kind of ban – one that is country-wide, not just limited to military bases. We can expect that other security-conscious countries will follow suit, and it will be equally as interesting to see if the U.S. pushes the ban to the next level.

4.) U.S. intel chief warns of cyber threats to U.S. infrastructure (July 13, 2018)

http://kfgo.com/news/articles/2018/jul/13/us-intel-chief-warns-of-cyber-threats-to-us-infrastructure/

Summary: U.S. Director of National Intelligence Dan Coats warned on Friday of a looming devastating cyber assault on critical U.S. infrastructure, saying nearly two decades after the Sept. 11 attacks the “warning lights are blinking red again.”

Why it matters: This short article doesn’t tell us much that we don’t already know, but it does beg the question why Dan Coats was meeting with a room full of think tanks – and what exactly was discussed? Attacks have already happened, and more are coming – can closed-room conversations such as this one save the U.S. from a major attack before it’s too late?

5.) Google Chrome Feature Guards Users From Spectre Attacks (July 13, 2018)

https://www.nextgov.com/cybersecurity/2018/07/google-chrome-guards-users-spectre-attacks/149713/

Summary: Google has introduced a new feature to protect the users of its Chrome browser from a Spectre-type attack. The tech giant made the announcement in a blog post on Wednesday.

Why it matters: In a sea of disheartening cyber news, it’s nice to hear about an advance in security, especially one that’s free to the public. With the only drawback being memory overhead, Chrome has taken action to provide a safer experience for its users. And no, it’s not a bulletproof safeguard against Meltdown and Spectre, but it’s another hoop malicious actors have to clear. In today’s cyber world, there is no such thing as an iron fortress. But, the more obstacles your fortress has, the less enticing it is, and the longer it will take to conquer.