Security News

To some extent, cybersecurity fatigue and complacency have left gaps where threat actors have exploited old vulnerabilities, including gaps in logging and patching, to get a stalwart beachhead into the network. These threat actors can also pose a significant threat to geopolitical stability worldwide.

Cyber warfare and cyber attackers are an ever-present threat, as state-sponsored bad actors and individual cybercriminals alike continue to evolve their tactics. Due to the changing nature of cyber threats and attack methods, defense strategists often struggle to discern whether a cyberattack is classified as an "Armed attack" or an "Imminent armed attack." Unlike traditional military attacks, cyberattacks can originate from anywhere, and attackers often leverage sophisticated tactics to obscure the perpetrator's identity.

Thousands of pages of secret documents reveal how Vulkan's engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. The company's work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia's foreign intelligence organisation.

Cybercrime and cyber attacks across the world are on the increase, and the best form of defence against whatever they might throw at you is to assume you're going to be attacked and beef up your operational resilience to better deal with the fallout before it actually happens. Misha will explore how geopolitics affects the way cybercriminals create and deliver ransomware and the steps that nation states, public and private sector organisations are taking to protect themselves.

At the recent meeting of the North Atlantic Council in Madrid, NATO heads of state agreed to boost resilience to cyber and hybrid threats. NATO members will strengthen their cyber defenses through enhanced civil-military cooperation, and expand industry partnerships.

Russia's invasion of Ukraine has cleared the way for a new battlefront with the West in cyberspace, with experts warning of an escalation in cyberwarfare. "We expect to see that probably beyond just Ukraine, disinformation to target Western audiences, cyberespionage against key NATO members, as Russia tries to understand the next moves when it comes to sanctions or other steps that Western governments will play," Luke McNamara, principal analyst at cybersecurity consulting firm Mandiant, told The Register.

Just when we thought 2020 couldn't get worse, security firm FireEye broke the news that the compromise of a software solution by IT solutions provider SolarWinds had resulted in security breaches across the public and private sector, at dozens of companies and government agencies, including the U.S. Departments of Commerce, Treasury, Justice, Defense, and the Center for Disease Control. The National Security Agency, the main body tasked with protecting government assets from hackers, did not detect the breach.

The Ministry of Defence's multibillion budget overrun has been caused in part because of its spending splurge on flashy new "Cyber" capabilities, according to the National Audit Office. The MoD faces a budget black hole measured in billions thanks to its profligacy - and even the announcement of a cash top-up of £4bn per year between now and 2024, on top of its £41.2bn annual budget, won't be enough to plug it, according to the auditors.

This is especially alarming during a period of unprecedented global disruption, as 50% of infosec professionals agree that the increase of cyberwarfare will be detrimental to the economy in the next 12 months. CISOs and infosec professionals however are shoring up their defenses - with 51% and 48% respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.

A report published recently by the U.S. Army describes North Korea's cyber warfare capabilities and provides information on various units and their missions. In terms of computer warfare, the Army says North Korea primarily conducts these types of attacks because they represent a low-cost and low-risk method for targeting the enemy's computers, they can be used to counter the enemy's superior conventional military capabilities, and they can "Upset the status quo with little fear of retaliation."