15 Burst results for "Cybersecurity Directorate"

"cybersecurity directorate" Discussed on Cyber Security Headlines

Cyber Security Headlines

02:23 min | Last month

"cybersecurity directorate" Discussed on Cyber Security Headlines

"John mates reiterating the site. Self-proclaimed commitment to free speech and pledging to welcome all of you back soon in a separate interview with fox news. Made said he was confident. The social network could come back online by the end of january. Cnn reports that parlor is now hosted by epic which also hosts the fringe websites. Hsen and gap amazon suspended parlor from its web services. Earlier this month finding the platform failed implement a system that effectively identified and removed content. That incited violence dark. Net forum joker stash shutting down. Besides operator said joker stash shut down on february fifteenth through messages and advertisements on other hacking forums. While no specific reason was given for the closure the site has received increased attention from law enforcement of late with interpol and the fbi seizing multiple servers and several domains. That temporarily disrupted operations. Joker stash has been active since two thousand fourteen and served as a trading platform cybercriminals to trade and sell stolen credit card information and other financial assets tied to numerous data breaches microsoft defender to enable utter remediation by default. This will be enabled for those microsoft defender for endpoint customers. Opting into public previews as a february sixteenth. Twenty twenty one microsoft said the change from semi to full automation for remediation was made after data showed that customers with automation enabled had forty percent more high confidence. Malware samples removed and customers using lower levels of automation wants full. Automation is enabled microsoft. Defender will auto create a remediation action that removes or contains a malicious entity found after analyzing suspicious activity the previous default required manual approval of mediation. Actions the change in defaults will not override device group definitions and can be changed by. Admin's the nsa appoint to cyber director. The united states national security agency announced that roy joyce was appointed to head the cybersecurity directorate. The division within the nsa was only found in october. Two thousand nineteen and joyce will succeed. Its first director and neuberger. Joyce has worked for the nsa cybersecurity and signals intelligence division since nineteen eighty-nine currently serving as a special liaison for the us embassy in london from twenty thirteen. To two thousand seventeen he served as chief of the nsa's tailored access operations and before that he was deputy director of the agency's information assurance directorate. Our sponsor for today's show is armies. Can.

february sixteenth John october forty percent Joyce microsoft london february fifteenth Cnn nsa end of january first director roy joyce fox news today two thousand seventeen Hsen Earlier this month states thirteen
"cybersecurity directorate" Discussed on Intelligence Matters

Intelligence Matters

37:14 min | 7 months ago

"cybersecurity directorate" Discussed on Intelligence Matters

"As a foreign intelligence agency were responsible for understanding a broad range of threats. . Presented by governments to the United States, , one of those threats include our cyber threats how nations may be using cyber to achieve their national objectives that might be intellectual property theft for example, , to counter department offensively valid by accelerating foreign governments ability to actually productized particular RDA for weapon that may be targetting critical infrastructure of a country. . As part of threatening that country or as part of putting pressure on a given country. . How are we doing against the cyber threats are we? ? Barely keeping up, , are we catching up? ? Are we getting ahead of the game or? ? Is it always going to be hard for the defender. . Overall technology is getting more secure. . Technologies Belt more securely today. . So. The . fundamental resilience is is improving known. . You have open source products. . We have lots of is looking at a given technology and helping find vulnerabilities and address them. . That being said for an ever-more connected economy in ever more connected society, , and as we build more connections, , sometimes systems that were not necessarily built for those kinds of connections we bring and introduce new risks on the third poll the positive side there's far more awareness about those risks and how to approach addressing them identifying what are the most important assets to protect. . Seems to be an effort on the part of NSA to kind of open up a blackbox and Kinda shut the reputation no such agency we want to be trusted to achieve or we believe we can uniquely contribute to team USA on either the first step. . Is conveying who we are conveying the culture. . That's here the commitment to American values. . Certainly. . When a part of our mission is an intelligence mission in a democracy, , you have an obligation to ensure that the Americans. . We serve feel they understand the values by which we live. . And neuberger is the current director of the national security. . Agency's Cybersecurity Directorate. . She has held a variety of jobs in both the public and private sectors. . We just sat down with an to talk about her career, , her and her director. . It's multiple responsibilities and how she sees a cyber threats facing our country. . I'm Michael Morale and this is intelligence matters. . So an welcomed to intelligence matters, , it is great to have you on the show. . It's great to be here. . So I think the place to start and is with your career before you joined the national security. . Agency. . You had a career in the private sector. . Can you tell us about that and tell us what you did in the private sector and then what drew you into government, , service. . Sure. . So I was in running technology at a at a financial services company during that time period when financial services companies really moved off mainframe environments to the Web. . Decline server technology. . So that piece of both taking an operations and emission and its associated technology and people and culture really Shaked shaped the way I approach a lot of those problems today. . And I was raised in in a family where my dad came as a refugee all my grandparents came as refugees to the US and they just. . Constantly instilled in US how grateful we should be for the opportunity to be born in America and raised in America, , with its freedoms with its ability to pursue one's dreams and and that we owed it for that and. . I was driving home from from work in. . In two, , thousand six, , we just done a large acquisition of. . Companies of banks, , custodian operations. . And on the radio, , they were talking about the bombing of mosque. . Samara Moscow in smaller rock and just the. . Soldiers dying civilians dying and the troubles there and I I still don't know why but I thought of my dad and. . That's myself. . Perhaps now's the time to repay a little bit of of that in some way and. . I've been a graduate student at Columbia had a I had a professor tell me about the White House fellows program and encouraged me to apply and I kind of I have to admit was a bit of the New Yorker Countless New York ever. . <hes> kind of put that aside and for whatever reason I just felt that calling at that moment called him and said I'll apply and fast forward I was assigned to the Pentagon. . With zero military background. . And you learned a lot about the culture very drawn to that shared commitment and spent a year in the Pentagon worked for the navy and then came to NSA. . Couple years later. . What did they doing at the Pentagon and the Navy? ? So I was the deputy chief management officer, , the Navy essentially, , the Navy had a number of broad enterprise wide technology efforts which they were working again, , bring that you people mission. . Technology Triangle. . And they asked me to help work on a couple of working directly for the secretary of the Navy figure out why a of them were struggling and then help them get on track. . So I worked on that and I often get asked by people. How . did YOU END UP AT NSA? ? A pretty funny story in that I had a seventy six year old and I was commuting from Baltimore and the. . The work life balance was a bit tough and I met somebody and he asked me about. . How he was doing and I commented that I really love the work but it was a little hard for me to do the juggle. . And he said, , you know I happen to know that NSA standing up you director NSA standing up cyber command and I know they need people with your kind of of background. . So how about if I make a phone call there? ? And I went for an interview commute was thirty minutes and it sounds so foolish but. . That was pretty much what it took. . Interesting interesting. . So the private sector and then the Department of Defence which is as you know this huge enterprise and then NSA and this is a this is not an easy question I know about kind of the similarities and differences of those three different experiences. . It all begins with people. . In every organization missions have to adapt and change <hes>. . They adopted change in the private sector because perhaps you have a competitor, , perhaps the customer spaces adapted. . Certainly financial services saw that we're the scale of data was just increasing the scale of trains was increasing and the traditional manual processes couldn't keep up. . So we automation with needed to reduce errors and help us keep on track with we're trading was going. . Technology could deliver on that, , but the the business of the organization had to change to fully take advantage of the technology and the way people did that mission and use technology had to change along the way. . So I think in each of those organizations that taught me that for that, , that triangle has to be kind of guided together to get to an outcome mission technology and people if you really want to be able to fully. . Whether it's take advantage of a market or stay ahead of an adversary in our own mission here in the ICU dod that triangle has to work together and you have to communicate every those three planes together when talking about why the changes needed. . So an in your tenure at NSA, , you've served as its first chief risk officer. . The assistant deputy director of operations, , the head of the Russia's small group, , and now the head of the Cybersecurity Directorate. . Can you take us through your trajectory there how did your responsibilities differ from roll to roll? ? Absolutely, , and so I came into an Santa's small team part of a small team that was standing up cyber command, , the chief risk officer role was. . was created after the media leaks period of two, , thousand, , thirteen where we learned that. . Really appreciating risk mount looking at in a holistic way across partnership risk operational. . Risks Technology risks. . We learned that we needed to adapt the way we looked at risk and then change according to that. . So I think in each of those roles. . Either, , the adversary was changing around us a threat was changing around us. . We. . Wanted to take advantage fully of an opportunity <hes> and I was responsible for taking the big picture strategic goals, , translating those two measurable outcomes and objectives and helping you know contribute, , communicate the why and then bringing the team of people along to get their each other's efforts was a bit different. . But you know. . We talked about the risk of doing the risk of not doing weighing that appropriately <hes> we talked about the insuring that as we approached new missions policy and technology move together, , and certainly when we looked at the elections work in two, , thousand, , eighteen, , the Russia's small group work we saw we're adversaries of have used influence operation since the time of Adam and Eve perhaps would have changed was again the ability to use social media to both focus and directed to have larger impact. . So focusing on the Russia's small group for just a second and what was that what was the what was the mission and what were your responsibilities with regard to the two thousand eighteen election's to the extent that you can talk about that. . Absolutely. . So the mission was ensuring the integrity of the two thousand eighteen midterm elections ensuring that we I understood the threat second that we appropriately tipped all the information we had about the threat to key partners across the US government. . Certainly, , FBI from a counter infants perspective digest from Cybersecurity of elections, , infrastructure perspective, , and they finally that we would support Cyber Command. . If if authorized to impose costs, , it's were attempts to disrupt. . Disrupt the election. . So. . After the two thousand eighteen election's president trump publicly confirmed that cyber command played a role in deterring the Russians in two thousand eighteen are they're important lessons from what happened in two thousand eighteen about how we as a country can defend ourselves against this this insidious threat. . Yes. So . you know across the government, , we look at two key polls. . Integrity one is <hes> attempts to malignly influence population whether that is to highlight social discord to highlight issues that divide the population or to. . Hand up sheer inappropriate. . You know share information as part of shaping individuals ideas, , and then the second is potentially interfering hacking into elections infrastructure as part of efforts to change the vote and I think the first pieces, , the value of resiliency. . The sense that you know once trust is lost, , it's very hard to regain. . So the knowledge for the American public that there are hundreds of people across the US government committed to and working to ensure the integrity of our elections. . When it comes to counter influence though the biggest resilience as each of us. . As Americans when we're reading something asking who might be trying to influence me what is the source of that information I fully confident in that source of that information. . And then finally the role of the role of technology and the role of Public Private Partnership. . In as part of elections integrity. So . for us in the intelligence community were constantly watching for which adversaries maybe seeking to to shape a populations thinking to shape an election and then rapidly tipping that to partners or. . To the private sector to ensure that they're both aware of techniques and our countering them on their platforms. . So we've since learned shocked last week the updates from deny that the Russians continue to engage in election interference, , the Chinese, , the Iranians, , and the punchline of all that for me is it's really hard to deter. . Foreign interference right and I'm wondering if it's something special about foreign interference or if it's more about cyber at the end of the day and the difficulty of seeing cyber attributing it if you see it, , how do you think about that question absolutely I think it is more about cyber than about elections from a cyber perspective when we look at fully both protecting cyber infrastructure and then to your second point about attribution, , there's complexity laying what we call the red on top of the we may see threats. . That are talked about strategic perspective and then we partners across the US government a looking to see where does that present itself? ? Where are the given vulnerabilities in a given infrastructure? ? The powers when you can lay the two together and say, , here is a nation state that has intent to interfere in whatever that is an election critical infrastructure. . I Pete Best and then translate that to the tactical level to say that network scanning or that vulnerability in hardware or software may well be used to achieve the objective putting that in place, , and then most importantly preventing it because at the end of the day riding report about a victim and notifying the victim is far less satisfying than being able to put that together and prevent the adversary cheating their objective. . So we've already started to shift now into your new role, , right which was relaunched in October I believe. . So be great if you could, and , if you could explain for our listeners I, , what NASA's two main missions are. . Again and then cybersecurity and the difference between them just to give folks here level set absolutely. . So Ns as a foreign intelligence agency were responsible for understanding a broad range of threats. . Presented by governments to the United States, , one of those threats include our cyber threats how nations may be using cyber to achieve their national objectives as that might be intellectual property theft for example, , to counter the department defensively Thallady by accelerating foreign governments ability to to actually productized particular rnd for weapon that may be targetting critical infrastructure of a country. . As part of threatening that country or as part of putting pressure on a given country. . So that is the threat information on the second side. . And say has cybersecurity mission. . We're celestial known <hes> We build the keys codes and cryptography that's used to protect all of US government's most sensitive communications thinking nuclear command control weapon systems, the , president's communications with allies, , and we provide technical advice to mitigate those same threats that I talked about. . So the really the he integration of the two missions where we think the magic is where we can say here's what we think adversaries are seeking to do, , and here's how from a cybersecurity perspective we recommend you protect against. . So so what motivated and the relaunch of the directorate and has its mission changed at all really good question. . So we recognize that we were at a crossroads with national security as both technology and society ships were happening. . We saw only kinds of technology that people want to from small satellites to Internet of things and each of those presents huge advancements. . But they also present cybersecurity risk. . Along with that, , we saw various nation surtees. . New Technologies think North Korean crypto currencies to get around sanctions to achieve their own objectives and we said we really need to up our game to more quickly be understanding those threats and ensuring that. . We could both provide advice to build new technologies as early as possible, , but also to counter adversaries use of those same technologies to achieve their national security. . We're GONNA take a quick break to hear from our sponsor. . Dumb. . We'll be right back with more discussion with an neuberger. . At Lockheed Martin, , we're on a mission. . Your mission. . Not just the next mission but the one that's two steps ahead. . That's why we've not only taken the lead in hyper sonics, , but we're helping you integrate technology faster than. . It's why we're not only developing the laser weapons systems you'll need but deploying them in the field. . Our mission is to build the integrated solutions you can depend on because the world is depending on you. . So and what are the what are the primary areas of Focus for your directorate? ? What kind of people work there? ? What's their skill set and what kind of customers do you serve? ? Questions. . So the first parties. . Operationalizing Intelligence. . How do we ensure that from the intelligence that we see we took anything that's unique. . And timely quickly so that we can prevent the victim. . So that's the first, , the first piece of of work, , our areas of focus are. . Both understanding that giving guidance encryption, , we believe encryption. . A key protection <hes> particularly in telecommunications environment that in many cases is entrusted. . So both in building the government's special encryption, , modernizing that as well as providing advice and insights on how to best use. . Encryption the text of people who work cure are like we see him any organizations abroad gamut we have intelligence analyst. . We have country-specific experts have a broad swath of technical experts, , encryption network technologies, , hardware, , and software vulnerability analysts as well but the power is weird that can be integrated where you can say. . How do you build on route of trust all the way through to an end point? ? Had you properly defend network and take a step back and do risk analysis to say? ? We are the gaps in your resilience and we're should your next dollar investment to closest gaps Right, , and then what about customers is your is, , is it <hes> just the Department of Defense? Is ? that the US government is even broader than that? ? How do you think about who it is you're working for? ? Yup Great Question. . So there's a specific set work we do for what we call national security systems systems carrying classified information national security information <hes> the director. . Vanessa is also the national manager for National Security Systems, , that's the authority under which as I mentioned, we , have we build the keys codes and cryptography responsible for distributing threat information as well. . So those are across the US government with a particular focus on duty. . Weapons Systems. . And Related Systems. . A second set of key partners and customers are dhs I. D. H., , S. and its role supporting critical infrastructure. . And, , the sector specific agencies, , and like I said the the real magic of understanding the critical infrastructure, , we're it's key gaps and vulnerabilities are and being able to marry that up with what a foreign government may be intending to do and providing focused insight. . Across the US government, , there is broad use of commercial technologies, particularly , duty and and national security system. So . you may have seen when we're issuing advisories were also issuing advice on how to secure and configure those commercial technologies well because we see that. . Those are used all across. . Sensitive, , systems as well. . Your director has issued I think a dozen or so. . Advisories about cybersecurity threats. . Can you talk about why you guys do that? ? What the criteria is for quitting one of those out and then how do you think about the impact they have? ? Do You keep metrics on that? ? How do you think about? ? Advisories absolutely. . So. . Our advisories other way we really do them for three reasons. . One is if we see a nation state actor using a particular vulnerability against the system care about we find that it really drives urgency of action people run faster when they're pursued, , and if we can say, , this nation state actor is using this vulnerability. . Here's the mitigation advice to protect yourself against that we see impact and I'll talk about that how we measure that impact at the end. . The second thing is there's a deep expertise here because we build and we break encryption. . So encryption related technologies like the peons like you. . You may recall the windows ten cryptographic vulnerability in January. . Those are areas we focus on because we know those are sometimes hard to understand technically hard to implement. . So if we can give very practical advice, , them will issue those as well to help that be put in place, , and then the third would be <hes> where there's a timely need and we're getting a lot of questions and we feel that putting out a product helps guide people and thinking about how to think about security I'll give an example. . As. . As covid. . Pressed a lot of organizations across the US government particularly duty as well to move to telework. . We started getting a lot of questions about secure collaboration. . which commercial tools were safe to us and our goal was teaching people how to evaluate what safe to us. . So we issued a product we're laid out the different attributes like. . Code is available for review its end to end Krypton and a few other such attributes, , and then we rated different secure collaboration publicly available tools against them and the cool part was we had companies call and say, , well, , you didn't get something quite right or can we be included as well and we said absolutely, , we issued a second version and then we have another one coming out next week because our goal was making it as useful as possible and also helping teach people. . How to assess. . Different. . Products for security. . You ask the question about how we measure impact. . So there's three different measures we've been using. . The first is, , do we see patch rates go up? ? They'll do we see for vulnerabilities that we've talked about here is a foreign actor might be using a boehner ability to achieve an objective. . Can we watch those patriots go up and it was really cool to see. . And a number of cases we've we've watched that increase. . The second piece is there is a very capable and active cybersecurity industry has the information shared enable them to better protect. . Sensitive US government national security systems networks, , and you know in the case of the Xm vulnerability that we issued, , we're advisory where we talked about the particular unit of Russian intelligence using the XML male vulnerability. . It was really great to see five different cyber-security entities using that to identify other. . Russian intelligence infrastructure and then take that down. . So that was success for us that we made it harder for that adversary to achieve its objectives, , and then the third one is really the feedback on the number of downloads and the feedback from administrators saying this was useful. . This was unique timely and actionable could act on it, , and then in May you guys took what I thought was an unprecedented step of actually openly attributing the exploitation of vulnerability to the Russian, , Gru. . and. . That seemed to rare to me and I'm wondering why you decided to actually name Russia in this instance. . So I it is rare because as you noted earlier, , implicitly attributions hard. . You may have seen a prior product where we highlighted one st state using another country's. . Infrastructure to achieve its objective and then highlight he just hard attribution is. . So when it's done, , it needs to be done with precision to be confident. . In that and we chose to do it because. . We see that it makes targeted network owners more quickly patch and secure and build the resilience of their systems network administrators have way more vulnerabilities to address than they have time for or frankly money for and way more alerts than they can act on. . So we can say this particular vulnerability is being used by a nation State Intelligence Service. . We see them we see network administrators moving quickly and addressing it, , and that's a fundamental goal. . Fundamental goal is improving cybersecurity. . If you kind of step back and look at look at the big picture here, , you know, , maybe from a thirty five thousand foot level how are we doing? ? The cyber threats are we barely keeping up? ? Are we catching up? ? Are we getting ahead of the game or? ? Is it always going to be hard for the defender. . In this game in because the guy on the offense can always come up come up with something new how you think about sort of where we are in the history of of the threat of cyber and defense against it. . I think we points overall technology is getting more secure. . Technologies built more securely today. . So the fundamental resilience is is improving you know when you have open source products, , we have lots of is looking at a given technology and helping find vulnerabilities and address them. . That being said were an ever more connected economy in an ever-more connected society, , and as we build more connections, , sometimes two systems that were not necessarily built for those kinds of connections. . Data Systems. . In that way, , we bring and introduce new risks. . On the third poll on the positive side, , there's far more awareness about those risks and how to approach addressing them identifying what are the most important assets to protect and ensuring good practices are in place and it's far easier than ever to put that in place. . So I think it's a mixed story on the one hand more more technologies built more securely, , and there are communities of individuals working together to ensure their secure on the other hand far more. . Technology some of which. . Is connected in ways that bring risk <hes> in ways that we always have to and I guess the third part, , which is where we started adversary seeking to take advantage of those risks to achieve their objectives. . So. . If you if you were standing in front of a large multinationals board of directors in you're talking to them about cybersecurity. . What's the one or two things that you would absolutely want them to take away from from your conversation? ? What is the tangible thing you most want to protect and what's the intangible thank you most want to protect. . So if you're drug company, , what is the intellectual property that's going to be your next potentially big drug big driver of economic growth, , big driver of healing, , and then second what's the biggest intangible? ? Thank perhaps, , that's your reputation. . The way you treat your employees, , the price, , the prices that you charge and what you're, , what you're. . How much you mark that up. . Make sure that you're protecting both carefully make your your cyber security commensurate with with the risk presented to you if you lose either one. . And you mentioned you mentioned Skater Systems and I'm not sure that all my listeners know what those are just explain that and then is there something? ? Is there something special about protecting data system from protecting? ? Normal network absolutely. . So Skater Systems are essentially control systems for the core areas of infrastructure in a given country in a given company. . So think power systems clean water drug manufacturing. . and. . Those are. . Those are often complex system. . So what's unique about them is you know those systems over the years were often built four reliability in the event of a bad storm that power system would come back online with confidence as. . More technologies got connected. . So for example, , the ability to measure. . Use of power the ability to measure confidence in in water and chemical level. . Some of those systems got connected to <hes> network systems that provide a way to access them. . One of the joint products we recently issued between Ns. . WAS An ICS product because there had been some public articles about. . <hes> a given attack against skater systems in the Middle East, , and we wanted to ensure that we together with. . One of our closest partners was providing technical advice to. . Skate entities in the US based on what we were learning about those attacks. . So interest, , a couple more questions you've been terrific with your time. . Seems to be an effort on the part of an essay to kind of open up the black box and showed the reputation no such agency right. . Your conversation with me thinking example of that why is that a priority for for the agency and for General Nakasone? ? I in the cybersecurity mission fundamentally <hes> if we're not trusted we can't achieve our intact. . People take advice from those they trust and the power of. . Across the US Government Team USA work cyber. . There each organization plays its position within that role. . You Know My counterpart at Digest Chris Crabs often talks about them being the national risk managers. . At an essay, , we believe what we can bring uniquely is that integration of intelligence series of seeking to do what their capabilities are, , what their infrastructure looks like and how to defend against cyber security advice to counter that, , and that's always continuing because technologies change adversaries, , goals change, , and the resilient always has to be increased to meet that. . So we want to be trusted to achieve what we believe. We . can uniquely contribute to team USA on cyber. . The first step to doing that is conveying, , we are conveying the culture that's here the commitment to American values, , and certainly WanNa part of our mission is an intelligence mission. . In a in a democracy, , we have an obligation to ensure that the Americans we serve. . Feel they understand the values which we live. . So your your former colleague and my really good friend Glenn Gerstl road. . Op Ed about a year ago about what he saw the. . Profound implications of the Digital Revolution on national security, , and he raised a lot of concerns and among those was the sheer pace and scale and volume of technological change and. . And data that's GONNA force intelligence agencies including NSA to fundamentally change how they do business I was GonNa say thinking big picture about those kinds of challenges. . What are you trying to tackle I? ? Would've the adjustments look like, , how do you? ? How do you think about the challenge that Glenn laid out? ? Absolutely, , so I from the perspective of large amounts of data and ensuring, , we can make sense of them. . Ensuring that we can do big data analysis to help. . Triage the information we identify and determine what are people are big assets put their time on to determine he's and how to act on them. . So for example. . We we're looking at machine learning to classify malware and we're certainly looking at. . Machine learning potentially to help us identify vulnerabilities scale particularly when we look at systems that represent thirty years of technology like muffins systems, , how do you secure a weapon system? ? That's been out there and represent each phase of technology and have confidence in its resilience and in command and control. . And then finally. . We have an obligation to both bring those technologies to be on our mission and understand how adversaries might use that and manage that accordingly. . So for example, , <hes> as we think about artificial intelligence and the potential to automatically. . Direct weapon. . In the United States we have strong values around how we would think about automation versus human control. . In other countries around the world, , there might be different ways that those kinds of decisions are approached. . So how do we ensure that we both? ? Bring that integration of. . Compliance and technology to the way we pursue it but also be aware of those gaps and keep an eye on the risks of those gaps. . And you mentioned you mentioned people and you mentioned people a couple of times and and just took two questions about that. . One is given the competition that you face with all of these cyber security firms and. . Your folks must be very attractive to them, , and their skills are quite valuable in their private sector. . How how difficult is it for you to recruit and retain talent? ? Really thoughtful question because you asked two questions in their recruit entertained. . So. . From the recruit side, , we get really great people. . On the routine side. . We have a really compelling mission. . and. . What brings keeps people. Here . is the sense that they're contributing to something bigger than themselves. . That is challenging fulfilling. . It's on us as organizational leaders to ensure that each person has that opportunity to contribute what they can uniquely bring chew to that mission. . And one of the one of the cool aspects of the Cybersecurity standup has been people who have left to call in and say, , Hey, , I'd like to come back I learned a lot. . In the private sector, , the missions, , calling me and like to contribute again, , and we've hired a number of them back and continuing to increase that and part of the message we have when people if people do decide to leave is to say that is great. . You will continue to contribute to the nation's security. . You'll learn a lot in the five at sector, , and if you ever want to come back the doors open. . What do you? ? What do you want the American people to know about the women and men who work for you. . That, , they're committed to the values. . That this country was established for. . That there are significant threats to the United States, , our allies and to those values, , and that not always can we talk about those threats because? ? By impact sometimes intelligence community, , even the security mission has to operate in those shad in the show does so. . Trust our values, , trust that we are proud Americans. . We swear an oath to the Constitution of the United States, , and if you do question it or if you want to learn more roll up your sleeves and come into the for a few years and get to know what yourself because each person has unique abilities and a unique ability to contribute to their to their country in whatever way they choose whether that's government are in the private sector. . But if you ever doubt it come on in and work here and and raise your voice and be a part of it. . It sort of takes you back to what your parents taught you to. . It really does it <hes> my dad grew up in in communist Hungary and In the beginning when I came into government, , he would call me on the phone sometimes and switched to a foreign language and. . I realized that for him growing up in another country. . Is that complete trust of government that I American born? ? You know have that doesn't mean it's trust and verify it's from verify but there are things that I take for granted growing up in this society that I don't know if he ever will. . So being able to look at things through his eyes and through mind make me realize how fortunate we are to be here and how much we have obligation to. . To ensure it stays that way. . And thank you so much for joining us and thank you for your service. . Thank you so much for your time. .

"cybersecurity directorate" Discussed on Intelligence Matters

Intelligence Matters

04:08 min | 7 months ago

"cybersecurity directorate" Discussed on Intelligence Matters

"So I was the deputy chief management officer, the Navy essentially, the Navy had a number of broad enterprise wide technology efforts which they were working again, bring that you people mission. Technology Triangle. And they asked me to help work on a couple of working directly for the secretary of the Navy figure out why a of them were struggling and then help them get on track. So I worked on that and I often get asked by people. How did YOU END UP AT NSA? A pretty funny story in that I had a seventy six year old and I was commuting from Baltimore and the. The work life balance was a bit tough and I met somebody and he asked me about. How he was doing and I commented that I really love the work but it was a little hard for me to do the juggle. And he said, you know I happen to know that NSA standing up you director NSA standing up cyber command and I know they need people with your kind of of background. So how about if I make a phone call there? And I went for an interview commute was thirty minutes and it sounds so foolish but. That was pretty much what it took. Interesting interesting. So the private sector and then the Department of Defence which is as you know this huge enterprise and then NSA and this is a this is not an easy question I know about kind of the similarities and differences of those three different experiences. It all begins with people. In every organization missions have to adapt and change They adopted change in the private sector because perhaps you have a competitor, perhaps the customer spaces adapted. Certainly financial services saw that we're the scale of data was just increasing the scale of trains was increasing and the traditional manual processes couldn't keep up. So we automation with needed to reduce errors and help us keep on track with we're trading was going. Technology could deliver on that, but the the business of the organization had to change to fully take advantage of the technology and the way people did that mission and use technology had to change along the way. So I think in each of those organizations that taught me that for that, that triangle has to be kind of guided together to get to an outcome mission technology and people if you really want to be able to fully. Whether it's take advantage of a market or stay ahead of an adversary in our own mission here in the ICU dod that triangle has to work together and you have to communicate every those three planes together when talking about why the changes needed. So an in your tenure at NSA, you've served as its first chief risk officer. The assistant deputy director of operations, the head of the Russia's small group, and now the head of the Cybersecurity Directorate. Can you take us through your trajectory there how did your responsibilities differ from roll to roll? Absolutely, and so I came into an Santa's small team part of a small team that was standing up cyber command, the chief risk officer role was. was created after the media leaks period of two, thousand, thirteen where we learned that. Really appreciating risk mount looking at in a holistic way across partnership risk operational. Risks Technology risks. We learned that we needed to adapt the way we looked at risk and then change according to that. So I think in each of those roles. Either, the adversary was changing around us a threat was changing around us. We. Wanted to take advantage fully of an opportunity and I was responsible for taking the big picture strategic goals, translating those two measurable outcomes and objectives and helping you know contribute, communicate the why and then bringing the team of people along to get their each other's efforts was a bit different. But you know. We talked about the risk of doing the risk of not.

NSA chief risk officer Navy deputy chief secretary deputy director officer Baltimore Department of Defence director Cybersecurity Directorate Santa Russia
"cybersecurity directorate" Discussed on Intelligence Matters

Intelligence Matters

05:06 min | 7 months ago

"cybersecurity directorate" Discussed on Intelligence Matters

"Presented by governments to the United States, one of those threats include our cyber threats how nations may be using cyber to achieve their national objectives that might be intellectual property theft for example, to counter department offensively valid by accelerating foreign governments ability to actually productized particular RDA for weapon that may be targetting critical infrastructure of a country. As part of threatening that country or as part of putting pressure on a given country. How are we doing against the cyber threats are we? Barely keeping up, are we catching up? Are we getting ahead of the game or? Is it always going to be hard for the defender. Overall technology is getting more secure. Technologies Belt more securely today. So. The fundamental resilience is is improving known. You have open source products. We have lots of is looking at a given technology and helping find vulnerabilities and address them. That being said for an ever-more connected economy in ever more connected society, and as we build more connections, sometimes systems that were not necessarily built for those kinds of connections we bring and introduce new risks on the third poll the positive side there's far more awareness about those risks and how to approach addressing them identifying what are the most important assets to protect. Seems to be an effort on the part of NSA to kind of open up a blackbox and Kinda shut the reputation no such agency we want to be trusted to achieve or we believe we can uniquely contribute to team USA on either the first step. Is conveying who we are conveying the culture. That's here the commitment to American values. Certainly. When a part of our mission is an intelligence mission in a democracy, you have an obligation to ensure that the Americans. We serve feel they understand the values by which we live. And neuberger is the current director of the national security. Agency's Cybersecurity Directorate. She has held a variety of jobs in both the public and private sectors. We just sat down with an to talk about her career, her and her director. It's multiple responsibilities and how she sees a cyber threats facing our country. I'm Michael Morale and this is intelligence matters. So an welcomed to intelligence matters, it is great to have you on the show. It's great to be here. So I think the place to start and is with your career before you joined the national security. Agency. You had a career in the private sector. Can you tell us about that and tell us what you did in the private sector and then what drew you into government, service. Sure. So I was in running technology at a at a financial services company during that time period when financial services companies really moved off mainframe environments to the Web..

neuberger director United States theft Cybersecurity Directorate Michael Morale USA
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

11:53 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"And now a word from our sponsor extra hop securing modern enterprises with network detection and Response Security teams today what to say? Yes to cloud adoption just like they want support enterprise iot an edge computing but the more complex your architecture the less you can trust your perimeter to keep threats out when attackers make it into your environment. You need to be the hunter. Not The hunted. Extra hop helps organizations like Home Depot and Credit Suisse detect threats up to ninety five percent faster with the context they need to act immediately visit them at RSA for a full product demo of threat and response for cloud multi cloud and hybrid enterprises or learn more at extra hop dot com slash cyber. That's half dot com slash cyber and we thank extra hop for sponsoring our show funding. This cyber wire podcast is made possible in part by McAfee security built natively in the cloud for the cloud to protect the latest like containers to empower your change makers like developers and to enable business accelerators like your team's cloud security that accelerates business. It's about time go to McAfee dot com slash time coming to you from the two thousand twenty. Rsa Conference in San Francisco. I'm Dave Bittner with your cyber wires summary for Wednesday February twenty six twenty twenty. Google has patched a chrome zero day that undergoing active exploitation in the wild mountain view isn't saying much about how where or by whom the vulnerability is being exploited by twenty twenty sixty four eighteen in fact Google's not really saying anything at all confining itself to this terse observation. Google is aware of the reports that an exploit for CV twenty twenty sixty four. Eighteen exists in the wild zero day. Type confusion issue one in which an APP initiates data execution of a certain type of input but is subsequently fooled into treating the input as a different type. Exploitation could give an attacker the ability to run malicious code within an application to other non zero days are also fixed in the update users are advised by multiple experts to patch energy. Wires says the Coast Guard has confirmed that the ransomware attack against a natural gas facility sissel warned of on February eighteenth was in fact the same incident the US coastguard reported in a December Maritime Safety Information Bulletin. Dragos offered the same evaluation last week. Fire I notes. The ways in which industrial systems have become increasingly attractive targets for ransomware operators. The extortionists are now frying bigger fish than heartland school districts concerns about ransomware our high on the list for those charged with defensive infrastructure as F C W reports. Cia Director Crabs observed this week at RSA as if to give point to those concerns a small electrical utility in Massachusetts the Reading Municipal Light Department has disclosed that it sustained a ransomware attack last Friday. Another big trend in ransomware is stealing files in addition to simply encrypting them bleeping computer notes that the operators of d'appel payment ransomware have now adopted the increasingly common tactic of adding dachshund to the traditional threat of data loss. D'appel payment has established a site where it will post private files stolen from victims who declined to pay the ransom and our sac panel hosted by cyber scoop featured the directors of two major US agencies and essays Cybersecurity Directorate led by an Newburger and the Department of Homeland Security's Cybersecurity and infrastructure security directorate led by Christopher Krebs. The organization see their roles and missions as complementary and offering a good scope for collaboration work against the influence operations and other information operations that targeted. The two thousand sixteen elections and that have since continued spurred more effective information sharing and Microsoft's January patches provided an important opportunity for the two agencies to reach out to the public on an urgent matter of online security Dallas County Iowa has ended its bungling and discreditable treatment of two coal fire. Penetration testers dropping all felony burglary and criminal trespass charges against them Info Security magazine reports in another legal case the extradition hearing in the matter of Mr Julian assange continues at Woolwich Crown Court. Reuters reports that barristers working on behalf of the wikileaks. Proprietor branded allegations. That Mr Assange helped the then. Us Army specialist Bradley. Manning hack into classified systems as lies lies and more lies a position that the American prosecutors of course are unwilling to accept. Mr Assange Council also took on another central US contention that wikileaks. Publication of material then specialists manning stole put lives at risk on the contrary argued lawyer mark. Summers when Mr Assange learned that unredacted copies of the material he'd received in prepared to share with various media. Were about to become public. He tried to warn you. Authorities calling the State Department and asking to speak with then Secretary Hillary Clinton to warn her. That lives were on the line and that something needed to be done. She didn't take his call. Mr Assange defense team said and no one got back to him in the promised. Couple of hours Keith. Millar ski held leadership positions with the CYBERSECURITY team in the Pittsburgh Office of the FBI and under his teams watch several high profile criminals and organizations where brought to justice. These days. Keith. Millar ski is with the team at E. Y. He stopped by our booth at RSA to share his insights. I spent twenty years at the FBI. And at that time you're eligible to retire just a great opportunity. Kinda still continue fighting the fight but just from the other side Ernst and Young gave me just a great opportunity to come and be a leader in their cyber practice in continue doing threat intelligence and incident response and being able to help clients just from the other side. So it's been a great transition. What sort of insights have you gained from being on the other side is a fresh perspective? From what you had before I think one of the things was the state of Cybersecurity is a lot worse than I thought. You know being a being on this side. I thought it was a little bit better. The the other thing is just. It's all about defense whereas when I was in the FBI was doing offensive defensive and investigations so so it is a little bit of a different beast bit bit fund nonetheless so in terms of the things you have your eye on these days particularly when it comes to ransomware what are you and your colleagues. Ernst and young focused on so when I look at ransomware I really look at that as a probably the biggest cyber criminal threat affecting companies. Today you know in the past you had a different banking trojans and they were doing account takeovers over the last five six years. The banks have got really good at stopping wire. Big Wire transfers going out so these organized crime groups. It's not profitable to do those big wire transfers. Because they're just not as successful but they're leveraging that that access that they had now to do what we're calling enterprise hunting ransomware or big game hunting ransomware. I'm curious to I mean from your point of view. I know the the line from the F. B. I. Forever has been. Don't pay the ransom right now. There's you're on. The other side has Are you still believe that's the way to go? Well Yeah I mean. I believe that you shouldn't pay the ransom because that's just giving money to criminal organizations and I believe that if you have really good cyber hygiene insecurity practices put in place that you could prevent the majority of these attacks and so you shouldn't even be in a position to have to pay these ransoms. So what you really want to kind of do with these with these groups is kind of put together a playbook because they all do follow a pattern in once you once you know their playbook you can build defenses around that everybody has a limited budget right and they have to allocate the various things that you know dial in the percentages to to various things. What's your tips for folks? Who HAVE RANSOMWARE FRONT OF MIND? How should they be approaching that from a practical point of view? Well I think you have to use intelligence to really drive your business practice You really need to understand where your crown jewels are. You need to be able to know where your risks are and make a business decision based on a risk are can you be one hundred percent secure absolutely not you need to manage your risk to a level where you're comfortable that? Hey my spend is at this right level. Lower my wrist to this level when that's acceptable for that and that's that's what you have to do. The only way to do that is really good. Intelligence on where your crown jewels are and also You know the techniques tactics used by the threat actors out there. What are you tracking in terms of evolution in these ransomware groups? How they're coming at people? What what are the trends there? So one of the biggest trends that we're seeing lately is because People don't WanNa pay the ransom or the restoring from backups. You know what we're seeing then is now a couple of the groups. I just saw d'appel Palmer mazes another group right now. Where since they're in your network for thirty to forty five days they're stilling documents and now they're saying if you don't pay the ransom now. We're going to post your your confidential documents. So so we're seeing a trend to for them to try to really make sure that they get that money from you. Turn up the heat turned up the heat. That's Keith Millar Ski from E. Y. to return to our SAC twenty twenty. What's our sense of the conference this year? We'll say that the event is well attended. Despite the last minute high profile cancellations announced last week it is perhaps a bit more subdued than we've seen in previous years. Some of the sense of reserve is no doubt due to concerns about Kovic. Nineteen the corona virus strain that prompted those eleventh-hour withdrawals hand sanitizer stations. Are Much in evidence and people seem less apt to shake hands more generally and with respect to the business of cybersecurity. We'RE GETTING A VIBE. That people see small businesses the mom and POPs as underserved by the sector finally inspired by Cisco's launch of its secure x platform at our SAC. And especially by the news that secure XS internal name had been Fenosa marketwatch wonders what superheroes exemplify. The spirit of various cybersecurity companies technically is a super villain. But we'll leave that aside they can find themselves to the Marvel Universe so DC superheroes need not apply iron man was the superhero. Most companies chose as their muse role model followed by captain's America and marvel with sue storm. Vision Suri doctor. Strange and ant man the ANC pin version. Thank you very much. Also crossing the finish line to our industries. Shame not a one of them. Chose Dr Charles Xavier. The silver surfer and obvious choice. When would think for any browser security vendor or the ancient one sad marketwatch had some suggestions for the various companies? They talked to and their suggestion. Struck us is better than the companies. Preferred superheroes again sad for our part. We Call J. Jonah Jameson. He's what you call high energy.

Keith Millar RSA US Google Mr Julian assange FBI Mr Assange McAfee Ernst wikileaks Dave Bittner Manning Home Depot Cybersecurity Directorate Dragos San Francisco Reuters Credit Suisse Microsoft
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

10:57 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"API issued yesterday with credit to the National Security Agency for telling Microsoft about the vulnerability owner ability prompted an emergency directive from the Department of Homeland. Security's cybersecurity and infrastructure security director at CISA federal agencies agencies are expected to patch promptly in accordance with emergency directive. Twenty Dash oa-to so the. US government is clearly putting its money where its disclosures. Oceans are as CISA blog yesterday morning quote. The most important thing you can do for your cybersecurity is to update your software. And if you're a windows user today is your day and quote. CISA looks after roughly speaking the dot gov domain with responsibility for federal agencies other than the Department government of defense which has the dot mil domain and certain national security systems affected agencies. have ten days to apply. The patch and the statutory spoiler plates surrounding the emergency directive should be sufficiently intimidating to spur even the most laggard agency. CIO into action. See Lisa says that it hopes state and local governments private sector organizations and the general public will also patch quickly although of course it has no jurisdiction over them. The Washington Post sees. NSA's disclosure as representing a departure and policy and indeed the agency's Cyber Security Directorate head and Neuberger did say say that it was a change in approach a number of observers have commented to the effect that NSA was now on. Its best behavior playing nice by disclosing bugs rather than in weaponising them but the real change in approach was NSA's decision to allow its disclosure to be made public. It has disclosed vulnerabilities before but there's a new openness to its process Cisco is ready with its own warnings and directions on the vulnerabilities patched yesterday which suggests that the cross agency coordination coordination between NSA's Cyber Security Directorate and their counterparts in the Department of Homeland Security is functioning in this early test case. Both Organizations Zor Young CISA having been established on November sixteenth two thousand eighteen and essays cybersecurity directorate at the beginning of this past October. So the way cooperation abrasion between them evolves. We'll be worth watching. The Norwegian Consumer Council determined that several dating apps are collecting users personal data and sharing them with various advertising networks. The Telegraph says the dating APPs include Tinder Grinder and okay. Cupid among the advertising outfits Sar Google facebook and twitter. The Norwegian Consumer Council is filing formal complaints against grinder and five companies with whom the dating APP was over sharing. Twitter's MOW pub. At's APP Nexus Open X.. Add Colony and support. Oh the action is being taken under the European general data protection -tection regulation. GDP are which prohibits collection of personal data without the affected person's explicit consent report suggests that the data collected include food such sensitive categories as sexual preference and ethnicity and that grinder at least was also sharing geo location the better for its commercial partners to serve up advertising iping hot. The companies named in the consumer councils action appear to represent the more egregious data abusers. But the council is is not at all measured in the way it characterizes. The problem it's out of control they say and given the companies involved it seems a lead. Pipe cinch that data are flowing through some unanticipated and probably little tracked advertising channels. ransomware operators are increasingly showing a disposition to turn to dock seeing seeing as an incentive to get victims to pony up if data are simply encrypted. Then well prepared victims who've back their files up securely in places inaccessible to who the attackers can add some relatively small trouble and expense restore their systems and plugged the holes that let the attackers in and then of course they can cheerfully elite thumb their nose at the extortionist. Things are more complicated. When the attackers take the trouble to steal data before they encrypted? And that's recently become the norm in in this corner of the underworld. The gang behind nintee- ransomware intends according to bleeping computer to follow the example of maize and so Dana Key by I setting up a site on which it can dump files stolen from victims who are laggard in paying the ransom. It's also interesting to see the criminal. The criminal market behaving in ways that Mimic legitimately markets M. T.'s basically put out a launch announcement. We checked in with the Chertoff groups. Chris Duval for his insights on the state of ransomware. We're thinking twenty twenty is going to be You know another banner year for ransomware potential even worse than than previous for a couple of different reasons. The bad guys are discovering that it's a lot easier just to fire and forget you can put in a string of Ip address. Ranges to look for vulnerabilities You can do due automated sort of fishing tests and so being able to do that kind of high output Automation is going to increase. The number of potential vulnerabilities. We discover govern then can be exploited is one factor the other factor is While there's been improvements in kind of not only the attention paid to ransomware due to you know media reporting reporting and and just general you know folks trying to lock down better security procedures Is Making the sort of the adversary more wary. And so almost more desperate sprit so those that may see this sort of lucrative stream potentially drying up. We're going to try even harder to sort of find. You know those those vulnerabilities in those big fish and exploit exploit them in the conversations. That you're having dea feel as though the word is getting out that the people are starting to implement things like multi factor authentication authentication and and doing their backups or you. You're getting that feedback from them that that message is reaching them it is it is I mean but it's a you know as you know. It's a constant challenge Enj- as the saying goes the bad guys only have to get it right once you get it right every time and so being able to lock down. Both any potential vulnerabilities across your entire fire kind of landscape making sure the employees or knowledgeable but what to look for and what not to look for and what links to click on it not to click on all those things are are it's A. It's a constant constant sort of exponential problem. Depending on how large organizations how about in the boardroom or are those folks those levels in organizations wh- what's their relationship to this or are they seeing this as the the hazard that perhaps it is. That's a great question. I think that is one of the biggest improvements that we've seen in two thousand nineteen eighteen is a nineteen And we're hoping we'll continued into twenty twenty. which is the attention that the board is playing to security and to cybersecurity and so is is no longer or at least it seems to be less so conversation about Okay do we have things locked down and if not what new tools you need but really more of an honest conversation conversation with the chief information security officer about what types of breaches or what types of attempts to breaches have. We seen would've been doing about them. What's our return on investment and so that conversation at the board level appears to be increasing which is very encouraging? But what about the human side of this. I'm I'm thinking of security awareness training in organizations getting beyond the necessary technical elements that an organization should have but also helping your employees to recognize things like phishing campaigns. It's it's crucial. I mean it's one of the things that any organization has to have. The you just think about a bath medically if you have a two thousand person organization How many of you twenty percent click rate? I mean that's that's two hundred Folks that have clicked on potentially malicious link that may have access to system so being being able to reduce or being able to educate your workforce to sort of recognize when something seems fishy and notifies is key and employs the first line of defense. If you don't have that then most of the other security procedures you're gonNA take are just kind of You know putting your fingers in the holes in the damn right right yeah. It's it's an interesting thing because simultaneous to that the availability of sophisticated tools for perhaps less sophisticated users servers. And then you put that up against The idea that we've heard a lot about that. The targeting is grown much more sophisticated that There are a lot of actors out there who are doing their homework. When it comes to ransomware that are particularly with things like phishing campaigns? They it's not so much of a shotgun. Shotgun sorta spray and pray approach. Perhaps as it was in the past is does that align with what you're seeing absolutely no. It probably isn't a day that doesn't go by where we don't don't In our cyber practice area get together and sort of have printed out you know an email that receive it looks genuinely from our CEO. Chad sweet or form the secretary. The sophistication indication's And the targeting is really Really increased last year in particular. That's Chris Divall from the Chertoff Group as the UK. They need a decision on wall way. And its potential role in the nation's five G. The Guardian reports that Her Majesty's government has already taken into account the most recent US revelations nations and that it seems likely to conclude that any risk associated with alway is manageable. The US has warned that too much wall way in the infrastructure could enforce the American services to constrain the way they share intelligence with their British counterparts. But the head of five Andrew. Parker has told the Financial Times that he he thinks. The special relationship is too long standing too close and two special for matters to go that far. That said there's no denying that the US has been in both assertive and consistent on the risks posed by wall way back on this side of the Atlantic the US Federal Communications Commission seems ready to to expand its ban on both Wallpa- N. Z.. T. E. Gear. Jd Supra says that's a demand side measure and according to CNBC The US commerce. Immerse Department is considering stronger supply side measures against the Chinese firms with tighter export controls against them under consideration. Those controls would have of an impact on third countries as well. We've just returned from a trip to a conference in Seattle and like many of you were now looking ahead to a trip to San Francisco disco since the. Rsa Conference is just around the corner. But let's say you friend are interested in mixing it up. You've heard about those crypto currencies sister sister and those blockchain's brother and you're ready to learn from the best in swap some ideas with other movers and shakers in the fast moving world of coins and the wallets they a flow through. Well.

US NSA Norwegian Consumer Council National Security Agency Cyber Security Directorate Chertoff Group CISA Twitter Department government Microsoft Department of Homeland Securit Department of Homeland Washington Post director chief information security off twenty twenty Chris Duval nintee- ransomware Cisco
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

09:55 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"And and now a word about our sponsor the Johns Hopkins University Information Security Institute. They're seeking qualified applicants for their full-time Master of Science Insecurity Informatics Informatics. The program covers the most current topics and information security with core courses covering security and privacy. cryptography computer forensics software where Boehner abilities ethical hacking and much more. It's a quality program to not just because it's from one of the world's great research universities but because the institute it is an NSA NDA designated center of Academic Excellence in Information Assurance in Cyber Defense and research for learn more register for the virtual virtual information session at apply Grad Dot J H U Dot. Edu that's apply Grad dot J H U Dot. Edu The virtual information session takes place January twenty third and we thank Johns Hopkins University Information Security Institute for sponsoring our show funding for this cyber wire. PODCAST is made possible in part by McAfee security. Fueled by insight intelligence. Lets you respond to your environment insights in power you to change it. Identify with machine. Learning defendant correct with deep learning anticipate with artificial show. Intelligence McAfee the device the cloud cybersecurity company go to McAfee dot com slash insights from the cyber wire studios said data tribe. I'm Dave Bittner with your cyber wire summary for Thursday January second twenty twenty happy New Year. Everyone it's good to be back. Microsoft has confirmed affirmed that the North Korean Threat Group Redmond tracks as thallium has indeed been aggressively pursuing windows users and that Microsoft has seized fifty domains valium used in its espionage campaign Microsoft prefers elemental names for AP teas and says that thallium worked for the most part through spearfishing. That spoofed moved emails from Microsoft. One lesson to be learned from the campaign is the importance of attention to detail. Security aware users are accustomed to looking closely. Only at the sender's e-mail address two spot communications that aren't from whom they appear to be in this case thallium which pretended to be sending unusual signing activity notices from Microsoft used a domain that substituted and R and n for the first letter M. in Microsoft that could be easily the overlooked if one was rushed or inattentive so Bravo Microsoft for securing the take down the Wall Street Journal on Monday published. Its investigation into the cloud. hoppers cyber espionage campaign that Reuters reported in December twenty eighteen the US Justice Department and that time indicted two Chinese nationals regionals both of whom remain at large and alleged that the duo had been working for the Chinese Ministry of State Securities. Ab Ten. It now appears according to the Journal title that the espionage was far more widespread than originally reported the known victims back when Reuters broke the story included IBM Fujitsu Tata Consultancy Services. NTT Data Dimension Data Computer Scientists Corporation HP and EMC technology and. It should be mentioned in that. None of them were notorious security slackers the US Justice Department in its indictment alluded to fourteen other companies that allegedly fell to the ministrations astray shins of the hackers. Two gentlemen who are believed to have been employed by the while Yang Hottest Science and Technology Development Company which itself served as a cyber the operations contractor to the Chinese Ministry of State Securities Tienjin State Security Bureau abt ten seems to have been particularly interested in uncompromising managed service providers. This is entirely sensible. As target selection strategy given the extent to which enterprises have continued to increase their reliance on managed service providers and Neuberger who leads the National Security Agency's Cybersecurity Directorate is quoted by the Journal as offering a Willie Sutton esque motive for the targeting. Why Rob Banks? Well that's where the money is. At least a dozen cloud providers for example were hit and their customers. Data were are open to inspection by the ministry. Since each cloud provider will have many customers. The total number of organizations affected can be expected to be large indeed the Journal reports that the cloud providers in particular were less than fully forthcoming with both federal investigators and the providers customers and this experience is said to move the US Department of Homeland Security to push regulations. That would require more cooperation in the future. Some of the affected providers notably. HP strongly denied that they had given anything less than their full cooperation to investigators the journal quotes in. AP spokesman is saying to suggest. Otherwise is patently patently false. The Chinese operators take appears to have been a mix of industrial and traditional espionage collection. Apart from whatever trade secrets may have been culled culled from the affected companies the US government now says according to the Journal that some one hundred thousand US Navy personnel records were also exposed the World Economic Forum rated both data theft and large scale cyber attacks among their top five global threats twenty nineteen and. It's likely they'll stay on the list for twenty twenty Dave. Berg is a principal at E. Y. serving as they're America's cybersecurity advisory leader. He shares his insights on on the global aspects of Cybersecurity risk. I think we find ourselves today in a situation where the cyber threat that company is in the United United States and around the world face continues to be very serious in he used to be an area where executives are increasingly aware and interested interested in asking questions but I think we are increasingly. Not Doing enough. I also see many companies working very hard to make sure that as they develop new products and services. They're thinking about dealing with Cyber Security and various privacy related risks. But we're just all in all we're just we're just not where we need to be as a society in where do you suppose That who who does that rest with I mean is it. Private industry not stepping up is it Nation States not stepping stepping up research. Plenty of blame to go around. I think there's blame to go around but I mean I'm a believer that market forces are ultimately going to solve this problem and I think that very smart companies are GonNa wind up putting cyber I and getting to a place where either business partners or consumers are essentially actually guaranteed safety and security because of the the capability of the way the products and services and technology work together. I think there are interesting. Avenues that a nation state level where those countries who can afford to do more to protect businesses that operate within their providence. I could or should or will do more and that will wind up becoming a strong competitive advantage. Both I think in the near term mid term and long term I. I've heard a lot. Lot of people say that they would like to see action there at the federal level. So that we ended up with this patchwork of of state laws and I'm I'm curious. What your or insight is on how that extends to the global marketplace? I mean is there. Is there someone position to take the lead to establish what are the agreed read upon global norms. Going to be well you know. Look I think that in reality the European Union got out in front I by driving. GDP are and then you had the Z.. CPA Follow and we've certainly seen more interest in the United States government to push various consumer privacy protection Russian regulation Even at the federal level. I do think that a federal movement. US Federal Movement in the space would be meaningful would be significant because in my capacity in my career. I've had an opportunity to travel around the world extensively To meet with companies he's been also regulators around the world so I think that any additional movement by the US federal government would really be a very strong and positive step that the rest of the world would likely soon all. What sort of advice are you giving your clients on ways for them to best prepare themselves sells for what's to come in the near future here? You know. I think that the one of the most important strategic conversations that I'm having that we are having is I think it's to be pushing very hard to get the business owners or business units to really truly fully embrace cyber from the moment moment that they have a strategic thought. I think the other is that as businesses change as you see more and more push the cloud or more and more use of new new technologies that are sitting out in what will be considered Iot or ot space the most sophisticated companies are incorporating those new products and services says and the security implications again from the very beginning moment. I think the third piece of advice that I would share is that resilience and recovery is is very much not just invoked but critical to business vitality and so we learned a couple of years ago from the seriousness of the not. Pensions she attacks. How important to be able to get a business back up and running? We see in heavily regulated industries like financial services. There's a very strong push to be able to demonstrate resilience and recovery. I think it's incredibly important. So.

US Microsoft Johns Hopkins University Infor the Journal McAfee US Justice Department US Department of Homeland Secu Reuters Chinese Ministry of State Secu AP HP Boehner center of Academic Excellence NTT Data National Security Agency Wall Street Journal Dave Bittner Chinese Ministry of State Secu
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

03:08 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"Bad news is the education and the aggressive back door that opens subjects devices to further attack. The good news is that so far. The payloads have been nuisance. Malware and that the number of downloads is relatively small numbering in the thousands and not in the millions web analytics platforms have many legitimate uses like seeing where users come from and how long they spend on various pages we use them and and you may use them to. It's not that somewhat more than half the world's websites use analytics. The biggest of these services is Google analytics. OPTIMA has taken look at the ways in which these tools can be used for evil fishing in particular seems able to benefit from web analytics implausible spray and pray campaigns while all still common enough are giving way to more closely targeted and therefore more likely to succeed fishing much of that newfound plausibility on. My concludes can be chalked up to criminal use of analytics. They use the analytics much. The way legitimate users do quote to improve kits and gather stats on campaign ineffectiveness and quote in short to make their bait more attractive to the fish they hope to real in attackers are exploiting. Atlassian is widely used this confluence collaboration platform hitting vulnerability. CV Twenty nineteen thirty three ninety six that confluence disclosed and patch this past spring an essays cybersecurity directorate publicly warned that nation state services were likely to attack unpacked confluence instances and various cyber security companies. Denise have since confirmed an uptick of activity against confluence users. The warning is significant in itself. But it's also noteworthy as an example of the sort sort of relatively quick public disclosure and Essays Young Cybersecurity Directorate has promised and now a word from our sponsor threat connect designed by analysts but built for the entire team threat connects intelligence driven security operations. Platform is the only only solution available today with intelligence automation analytics and workflows in a single platform organizations worldwide used threat connect as the center their security operations to detect respond remediate and automate with all of your knowledge in one place enhanced by intelligence enriched with analytics driven even by workflows. You'll dramatically improve. The effectiveness of every member of the team won. Learn more check out their newest book sore platforms everything you need to know about about security orchestration automation and response. The book talks about intelligence driven orchestration decreasing time to response and remediation with sore and ends as with a checklist for a complete source solution. You can download it at threat. Connect dot com slash cyber wire. That's threat connect dot com slash cyber wire fire and we think threat connect sponsoring our show.

"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

04:05 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"Just limited in terms of their capacity and authority quite frankly to protect these systems now there's well-documented opportunity the need for collaboration in public private partnerships but I think it's fair to say that the asset owners and operators themselves I have to take responsibility for for this function in quite frankly from my vantage point it seems that they are especially over the past couple of years there has been skyrocketing awareness of the problem of the risk. I've found that that organizations are really taking ownership of this as opposed to waiting around for for the federal government to provide a solution to them. That's Dave Weinstein from clarity the UK's National Cyber Security Center A. G. H. Q. Unit has released its two thousand nineteen annual report the NCS's says it handled six hundred fifty eight cyber incidents over the past twelve months the most attacked sectors were in order government university's technology companies and managed service providers with her of care and transportation sharing fifth place in a dead heat the reports tone is modestly proud and customer-friendly featuring easily grasped case studies in the explain Tori framework in offers NC SC has since its inception significantly been a public facing organization in the US one sees NASA's news cybersecurity directorate assuming a similar role it's not a precise counterpart cybersecurity directorate remains as we've been told at Fort Meade a combat so port organization but it's recent public advisories suggests that it's on its way to assuming in partnership with Homeland Security Cisa a role similar to the one end CSC has had in the United Kingdom in what's presumably not an admission of interest while ways global cybersecurity and the officer tells Zd net that you know it's probably easier to Bri- Batelco executive than it is to back door equipment so don't sweat the back doors and finally newsflash and stop the presses Edward Snowden memoir permanent record is out and while flagging his book on the Joe Rogan Show Mr Snowden told Mr Rogan that during Mr Snowden time working at the CIA Mr Snowden poked around to see whether the US government was in contact with space aliens was lacing the sky with chem trails and so on there's nothing to it he says so you can take that to the bank or so he'd have you believe no alien contact no chem trails and he says trust him if there were he'd know and he'd give it to you straight well art bell bowel should be living at this hour who knew Ed snowden would practically out himself as an air force stooge at in the sand sheep will at least there's debunking of bigfoot remember the truth is out there and a word from our sponsor dragos cyber attacks on oil and gas environments are continuing to progress in frequency and sophistication attackers are creating tailored tax to cause significant operational and financial impacts and most importantly they're becoming aware they can overcome automated safeguards the cause physical effects and arm the lives of those who work in the facilities read the latest case study from Dragos learn how they helped in oil and gas organization ensure it had detections and bonds plans against crisis like activity on its networks and comprehensively defend its environment you can find it at dragos dot com slash case dash study please that's dragos dot com slash case dash studies and we thank Drago's for sponsoring our show.

Mr Snowden Mr Rogan Dragos Ed snowden Edward Snowden US National Cyber Security Center United Kingdom Joe Rogan Fort Meade NCS Homeland Security Cisa Dave Weinstein CSC CIA NASA Bri- Batelco NC Zd
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

09:09 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"And now a word from our sponsor extra hop delivering cloud native network detection and response for the hybrid enterprise the cloud helps your organization move fast but hybrid isn't easy most cloud threats fall on customers to resolve and prevention basis security wasn't designed for the modern attack service that's why Gartner predicts that sixty percent of enterprise security budgets will go towards detection and Response In two thousand twenty extra hop reveal X. Cloud is the only sast based network detection response solution for aws with complete visibility real-time threat detection and autumn aided response powered by cloud scale machine learning request your thirty day retrial of reveal X. cloud at extra dot com slash trial that extra hop dot com slash trial and we thank extra hop for sponsoring our show funding for this cyber wire podcast is made possible in part by McAfee security built by the power of harnessing one billion threat sensors from device to cloud intelligence is that enables you to respond to your environment and insights that empower you to change it McAfee the device declawed cybersecurity company go to McAfee Dot Com mhm slash insights from the cyber wire studios at data tribe. I'm Dave Bittner with your cyber wires summary for Monday October twenty first when he nineteen cyber wire has some of our folks down at Atlanta this week for the Twenty Nineteen ICS security conference which opened this morning before we talk about some of today's sessions however it's worth discussing some news that broke over the weekend that's directly relevant to ICS security we're all familiar with the difficulty surrounded attribution it's the familiar fog of war and the related but less often discovered glare of war the way in which having too much information can mind you to what's really going on so here's some fog of war that blew in over the weekend often there's uncertainty with respect to whether an incident involves a cyber attack at all and that was the case with an incident in Iran a social media report out of Iran yesterday said that a refinery fire in that country was caused by knbr attack but these reports remain unconfirmed and note that the twitter threads assertion that the incident is confirmed doesn't really count Reuters horsing Iranian state media said there was a fire in a canal carrying waste from the ad ban refinery but that the fire was under control in this respect ICS security firm Dragos blog caution in accepting reports of a cyber attack at face value after all while cyber-attacks Ken and have ause physical damage accidents do happen and it's important not to jump to conclusions that holds true attribution as well another example of that the difficulty of attribution may be found in joint report issued this morning by the UK's NC SC and the US NSA the agencies find that the Russian government a group Turlough also known as venomous bear White Bear Snake Water Bug and Aruba's hijacked Iranian tools to mount ineffective false flag off ration- in which turlough effectively posed as abt thirty four or Helix kitten the espionage operation not only used abt thirty four back doors but also prospected known abt thirty four victims according to Reuter's the NC SC says it's not aware of any official attributions influenced by the direction but officials point out that the discoveries should serve as a caution against hasty attribution compare a similar false flag during the last winter Olympic six held in South Korea when Russian services impersonated North Korean operators wired is running along series on that incident that's worth a look we note that the joint warning seems consistent with the recently announced determination of NSA cybersecurity directorate to engage the public more directly return to the Atlanta ICS security conference. We heard some interesting presentations during the first morning if there's one overarching lesson the speakers agree on it's the importance of paying attention to the fundamentals Bruce Bilodeau of Rockwell automation subsidiary maverick technologies presented an overview of the dark net and what those concerned with ics security should know about it the basic problem from an ICS perspective is the way in which sensitive information in hacking fools can be propagated across the black markets that established themselves in the dark net the offered a range of Lurid true stories designed to make plant managers rush creep the ease with which people trade company information anonymously the hacking services freely available and the price lists that makes such services awesome too many who wish COS il one of his more interesting observations noted last week's recent arrests of some three hundred individuals who are engaged in child abuse in the course of running elicit content services online that Bilodeau pointed out is what law enforcement is interested in stopping and quite release so your concerns he said addressing in ICS audience don't have that kind of high priority and he also noted the fracturing of contraband black markets with the Silk Road take down that's part of the normal black market business cycle consolidation followed by an official crackdown following oh by the proliferation of small operators followed by another phase of consolidation that continues until the next official crackdown we're currently in a fragmented days Bilodeau observed earlier in the morning Mark Kerrigan CEO of PAAs global talked about the good the bad and the ugly of ICS secure eighty the good lay in signs of increased cooperation between Ot and it with ot beginning to catch up to it particularly with respect to access is management he also saw industry focused on the right things visibility audits and security awareness programs and above all companies now understood Dan that OT security deserves investment the bad is that attacks on ot or no longer just collateral damage threat actors especially those run nation-states are now researching OT systems and developing attacks designed specifically for those systems and then there's the ugly chiefly the confusing not security market and the tendency companies have to fixate on shiny objects the latest buzzwords and trends we also find Carrigan observed that solution results seemed to fall short of expectations and too much information overwhelms understanding too much focus on detection is also ugly basic protection and recovery mechanisms can have massive risk reduction turning to the threat of social engineering a presentation by Chad Lloyd Kirti architect at Schneider Electric pointed out that compromising a system very often starts with compromising a human being social engineering enables the attacker to leapfrog not only cyber defense in depth but even expensive physical security measures he agreed with Carrigan attention to the basics matters and in defense against social engineering in particular those basics includes security awareness training for employees will have notes and updates throughout the duration of the inference and finally we're all familiar with the Internet of things and the Industrial Internet of things there's also inevitably an internet of sex criminals that is the things religious believers us in the course of their devotions last Wednesday the Vatican introduced an e rosary APP that it's designed to enhance the prayer life of those who use it you signed up with an email and a four digit pin was transmitted unfortunately that pin was easily intercept did and once intercepted could give an attacker access to all the information the ANDROID APP requested the researcher who found the vulnerability informed the holy see and the bug was fixed by Thursday and now a word from our sponsor goes the cyber wire is partnering with Drago's for a free ICS Webinar entitled Threat Intelligence explained examined an exposed on October twenty second which is tomorrow we'll share real world insights from hunting some of the most sophisticated threats and cover vulnerable assets that need protection be sure adjuster for tomorrow's ICS threatened tellers webinar featuring dragos and the cyber wire I'll be there register at Dragos dot com slash Webinar that it's drako's dot com slash Webinar and we thank Drago's for sponsoring our show.

McAfee Iran Atlanta NC Gartner Dragos Dave Bittner twitter aws Reuters US South Korea UK Turlough official Reuter Aruba Ken
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

13:35 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"Exit to do blocking a mapping a news APP from users in China and to look inside the blackbox as we visit and essays Cybersecurity Directorate and joining me once again is a Weiss Rasheed he's a professor cybersecurity at University of Bristol Welcome back away some we want to talk today about the importance of real world experimentation getting out of the lab spend with your research and practice what do you have to share with us about that today I think the challenge we are going to face the within the next two years the number of devices can detail on the Internet will outnumber humans by depending on whose estimates you believe something like five to one and you know the these this assistant of connected devices bill everything from healthcare to transport to energy finance the way we communicate and shit Taylor but a change so we are really talking about really large scale hyper connected systems so as you know we we need to we need to ensure that were developed in the lab actually works in the alone and as a result you know the way to test any kind of discussion than architectures has to be the Loyd the Lyles and understand what are the implications of that however that that his bedroom is challenging because of course Yukon deploy a typical solutions on production environments because of course they may not necessarily be fit for purpose or scam very well so we do need a law scale experimental infrastructure that hop close enough to the real world to be able to do that that's a big challenge whether there's an old saying the warfare that no battle plan survives contact with the enemy. I'd seems like that could apply here as well absolutely that's exactly the reason that nobody what happens China be developed developing said that developed with rigor and with good intentions by such as practitioners but usually testimony small scales things in the lab or in an experimental setting and then they are deployed in real world into such as the digital scale not saying that they never scale the don't always well that's why we need to think about it as to how we might be able to do this did a number of academic and industry organizations that run testbeds is a good argument link some of these testbed infrastructures together so that we do have a Ghana means of scale but also that really large scale environment that present the ballistic setting in which security takes place in the real world I'm thinking of the rigorous testing that that takes race when it comes to pharmaceuticals Is that not a good example is is it simply too expensive to do something at that scale I think it's it's it's not a case of expense it's hell you may may deploy as something in the pharmaceutical industry is an interesting example because the the the trials are legally bone to lodge skin clinical trials once they've gone through scale testing and then increasing level of confidence has been top and I think we do great to be able to do something very very similar but the question is how do we test in the wild for example would you be willing to deploy experimental securities then on say a power greater or outbound or transportation system and I think you would have to have a lot of UNFINI- and a lot of fail tips into it and I think we need to develop those protocols other disciplines have developed those verticals and I think we are a little bit further from at this point in time Weisman sheet thanks for joining us now it's time for a few words from our sponsor blackberry silence you probably know all about legacy antivirus protection it's very good as far as it goes but you know what the bad guys know all about it too it will stop the skids but to keep the savvier hoods hands off your endpoints blackberry silence thinks you need something better check out the latest version of silence optics it turns every endpoint into its own security operations center silence optics deploys algorithms formed by machine learning to offer not only immediate protection but security that's quick enough to keep up with the threat by watching learning and acting on systems behavior and resources whether you're worried about advanced malware commodity hacking or malicious insiders silence it's optics can help visit silence dot Com to learn more and we thank blackberry silence for sponsoring our show my guest today is Kumar Syrup Co founder and CEO of logic hub a security automation.

Weiss Rasheed China essays Cybersecurity Directora University of Bristol Lyles Yukon Taylor Ghana Kumar Syrup Co founder and CEO Weisman two years
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

08:29 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"It's time to take a moment to tell you about our sponsor recorded future recorded the Real Time Threat Intelligence Company whose patented technology continuously analyzes the entire web developing cyber intelligence that gives analysts unmatched insight into emerging threats at the cyber wire we subscribe to and profit from recorded future cyber daily as anyone in the industry will tell you when analytical talent is as scarce as is it is today every enterprise owes it to itself to look into any technology that makes your security teams more productive and your intelligence more comprehensive and timely Because that's what you want actionable intelligence sign up for the cyber daily email in everyday you'll receive the top trending indicators recorded future captures crossing the web cyber news targeted industries threat actors exploited vulnerabilities malware and suspicious Ip addresses subscribed today in stay a step or two ahead of the threat go who recorded future dot com slash cyber wire to subscribe for free threat intelligence updates that's recorded future dot com slash cyber wire and we thank recorded Richard for sponsoring our show funding for this cyber wire podcast is made possible in part by McAfee security built by the power of harnessing one billion threat sensors from device to cloud intelligence that enables you to respond to your environment and insights that empower you to change it took McAfee the device cloud cybersecurity company go to McAfee dot com slash insights from the cyber wire studios at tribe. I'm Dave Bittner with your cyber summary for Friday October Eleventh Twenty nineteen researchers at security firm Morphou Sek have found bit payment ransomware exploiting an apple zero day and unquoted path vulnerability in an apple software update component that comes bundled with itunes for windows thus the ransomware evade security tools by effectively presenting itself as a legitimate software update earlier reports said the vulnerability was associated with Apple was Bonjour update but more set has concluded that's not the case it's an unrelated update her note that only windows users are affected Mac users it's they update to Mac Os Catalina this week will be untroubled apple is sunsetting I tunes for Mac with this update e set reports the discovery the of at tour a modular espionage platform that has been deployed mostly against select individuals in Russia many of whom have shown an interest in using privacy focused Sir misses the malware has also been used against a smaller number of diplomatic and government targets in Eastern Europe notably in Ukraine Slovakia Lithuania and Turkey at tour has been in use since twenty thirteen at least and e set describes it as professionally written it's plug in architecture enables its controllers to custom is at towards functionality to specific targets in general the malware uses an unusual device fingerprinting technique automated data collection and tour. pulled exfiltration e set does not know what at tours infection vectors have been and the researchers think it's probable that the malware has still undiscovered plug in and at toward self is named after a malign ferry in the book a court of Thorns and roses the book has lots of fans and lots of fan fiction into fire eye researchers have caught fin seven known for the carbonate financial crimes using new tools vin seven that is would be the one using the new tools not fireeye then sevens new kit has two items which fire I calls boost right and RDF's sniffer boost right is the in memory only dropper that's carrying both carbonate and a second payload which is RDF SNIFFER RDF sniffer has a range of militias functionality among other things it's able to intercept S. L. connections delete data and run commands on remote systems the PAYLOAD EFFECTS NCR Aloha command center client obsessions the Aloha command center is widely used in the hospitality industry to manage hardware and software at remote locations at the west of Chinese authorities apple has removed both a US news APP and mapping APP from its Chinese service the Telegraph notes that the optics aren't good for Cooper Keno which some see as having joined the National Basketball Association in a kind of shadow extension of China's social credit program into the West Virgin she says the APP is courses blocked for content not legal in China the courts news service is both widely read and not typically seen as extreme and so it's illegal would appear to be publication of stories not to the liking of Beijing the mapping APP H K map dot live was allegedly used it police and commit crimes where police weren't present apple had this latter information from the Hong Kong cybersecurity and Technology Crime Bureau the oppose Zing point of view holds that the protesters in Hong Kong were using H K map live to avoid the police and that the crime they were interested in committing was generally speaking assembling protest that and graffiti sure but graffiti wouldn't alone seems serious enough to warrant that kind of pressure on Apple Anyway Apple has taken the authorities line all the way to the bank courts is understandably on the other side of this dispute the company's CEO Zach seward told diverged we aboard this kind of government censorship of the Internet and have great coverage of how to get around such bands around the world he suggested that people read courts covered VPN's as means of evading government crackdowns on content it's perhaps worth noting that officials in three Western nations recently addressed VPN the two but they had a decidedly different take on them US Canadian and British intelligence and security services have over the past week published warnings that unspecified the threat actors were actively exploiting vulnerabilities in widely used virtual private networks one of the US agencies that issued its own warning on the matter was NSA's new cybersecurity directorate their public warning was noteworthy in that it offered some brief advice on how to use VPN's with more assurance they'd work as advertised the director it's five pieces of advice whereas follows seem easy enough for the ordinary user to do one immediately upgrade your VPN to the latest version two recent credentials before reconnecting the upgraded devices to an external network three review your network accounts to ensure adversaries did not create new accounts you're update VPN user administrator and service account credentials and five revoke and create new VPN server keys and certificates we Red Fort Meade yesterday for the NSA cybersecurity directorates I media round table the directorates leaders director and Neuberger and technical director Neil ring said that Monday's announcement concerning VPN vulnerabilities and remediation was the first in what they expect to be a continuing line of such warnings and advice as nation states increasingly targets that aren't themselves opposing nation states they said it's important to open the black box and provide individuals businesses the prophets and local governments actionable intelligence and the context necessary to use it and now a word from our sponsor observe it the greatest threat to businesses today isn't the outsider trying to get in it's the people you trust the ones who already have keys your employees contractors and privileged users sixty percent of online attacks are carried out by insiders the stop these insider threats I need to see what users are doing before an incident occurs observant enable security teams to detect risky user activity investigate incidents in minutes and effective really respond with observant you know the whole story get your free trial add observant dot com slash cyber wire that's observe the letter is the letter T. Dot com forward slash cyber wire and we thank observe it for sponsoring our show.

McAfee Threat Intelligence Company apple Richard Dave Bittner Morphou Sek sixty percent zero day
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

01:55 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"A US defense intelligence agency analysts has been charged with leaking National Defense Information Europol uses its two thousand Nineteen Internet Organized Crime Threat Assessment an essay director Nakasone says the agency's Cybersecurity Directorate will I focus on protecting the defense industry it's time to take a moment to tell you about our sponsor recorded future haters and warnings but it's nearly impossible to collect them by eyeballing the Internet yourself no matter how many analysts you might have on staff and we're betting that however many you have you haven't got enough recorded future does the hard work for you by automatically collecting in organizing the entire web by densify new caters sign up for the cyber daily email to get the top trending technical.

National Defense Information E director Nakasone Cybersecurity Directorate US
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

05:29 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"Play light on the because it's based on blockchain. Blockchain is an immutable stroke jet economy change dicamba with it can't be altered and they will will is very little at that facebook themselves can actually do that when facebook will win and could win is when we talk about. Kelly the Wallet Solution that will be delivered by facebook and actual fact. It's going to be headed up by David Marcus who will look to deliver a wallet solution fully breath which people will end use untypically. They had all their argument. There is the two point three billion facebook uses. They have will use a belieber wallet which will allow them to exchange Lebron coin over the Lieber Network right and that is where there may be some security issues. That's where you're seeing that the area you're thinking let's pay attention to that question what needs to be well. Simon Rodway. You've you've educated hated me today. Thank you very much for coming on the show and making the time to speak with us. This is Carol -Tario for the cyber wire. NSA has launched its new new cybersecurity directorate today. It's first director and Neuberger is quoted in The Washington Post is saying the mission of the organization is to prevent radical threats in our focus is going to be on operationalizing intelligence so welcome to the World Cybersecurity Directorate and May you get off to a good start. We return for a moment to the case of the sanctioned oligarch as we mentioned earlier he's been sanctioned before what's left to sanction one might wonder the same in question came up with recent new sanctions imposed on North Korea's Lazarus Group at some point. Aren't you just chasing your tail not necessarily and if you look at the details the sanctions you can see the point you've gainey progress has indeed been sanctioned before but this time has yachts and private jets are specifically named. He may find it difficult to ride them into non-russian ports of call v Domain notes no place to buy diesel no landing rights and so on thinking of dropping topping anchor and calling the harbormaster at Barcelona or Port Adriaan. Oh perhaps it's no longer such a good idea or maybe you're in the Black Sea say dropping hook at Novorossiysk like it's not Saint Tropez but there's a wine tour open to the public and maybe you could visit the monument to the sailor's wives enjoy some oysters things things like that or maybe you're up in the White Sea where you could take a peek at the Bill Morse Museum of Local Lore. That's tough to beat the point of this is not to make big fun of Russian local attractions and we Americans have no call to throw stones through our own glass house of roadside attractions like the world's largest ball of string or Ripley's believe of it or not the point is that owners of mega yachts and private jets want to strut their stuff on a fashionable stage consider this if you were bombing around the US eastern seaboard in your nicely loaded Gulfstream you wanna be able to touch down at JFK and despite yourself on Park Avenue or maybe even land at Palm Beach International National and then chill at mar-a-lago you don't WanNa be confined to landing at Peterborough and hoping they've got some soft shell crabs at Tracy's nine Mile House on the Hackensack River River but Mr producer is now confined to the Eurasian equivalent of just that were fans of Peterborough and South Hackensack but trust us nice as they can be. They are not places you go to be seen on the red carpet. Maybe you think that's punishment enough but think further yachts and jets are standing temptations specifically to pride envy and avarice. They can ought you suppose rich gets so great that you decide. You've just got to sail. Oh your yacht into a nice place. The misleadingly named Mosquito Creek Marina on the esplanade and North Vancouver step ashore in cautiously and Blam Komo extradition here we come and that is why the feds aren't just chasing their tails and now a word from our sponsor Edwards performance solutions. It's commonly accepted that cyber. Security is a business risk not an IT problem problem what may not be as commonly accepted is that cybersecurity needs to be an integral part of every business strategy and that cybersecurity can actually be an asset to your business. Achieving this outcome is journey. The journey starts with an understanding of what information is important to the business what business processes generate US store or transmit that information and what are the rules and regulations impacting the information. The next part of the journey is understanding the risks to the business and those information assets. It's followed closely by establishing governance structure to manage those business risks. This includes managing the risk to your supply chain. The journey is not an easy one and is fraught with roadblocks and obstacles. You may need a guide Edwards. Performance solutions is ready to be your guide in this journey. Please visit their website. Ed W. P. S. Dot Com to learn more. That's E. D. W. P. S. dot com and we thank Edwards performance solutions for sponsoring our show show.

facebook Edwards US Blockchain World Cybersecurity Directorat David Marcus Kelly Simon Rodway North Korea Peterborough Carol -Tario Lebron Black Sea NSA gainey Saint Tropez Lieber Network Bill Morse Museum of Local Lor Hackensack River River White Sea
"cybersecurity directorate" Discussed on The CyberWire

The CyberWire

09:43 min | 1 year ago

"cybersecurity directorate" Discussed on The CyberWire

"And now a word from our sponsor observe it the greatest threat to businesses assist. Today isn't the outsider trying to get in. It's the people you trust the ones who already have the keys your employees contractors and privileged users sixty st percent of online attacks are carried out by insiders the stop these insider threats. We need to see what users are doing before. An incident occurs observant enabled security teams to detect risky user activity investigate incidents in minutes and effectively respond with observed. You know the whole story. Get your free trial trial at observant dot com slash cyber wire. That's observe. The letter is the letter T. dot com forward slash cyber wire and we thank thank observant for sponsoring our show funding this cyber wire podcast is made possible in part by bug crowd connecting organizations with the top security researchers pen testers white hat hackers in the world to identify ten times more vulnerabilities than scanners or traditional pen contests learn more about how their award winning platform provides actionable insights like remediation advice to help fix faster while methodology driven assessments ensure compliance. It's needs are met at bug crowd dot com from the cyber wire studios at data tribe. I'm Dave Bittner with your cyber wire summary for Tuesday October first twenty nineteen oligarch behind the Internet research agency that worked its influence mischief from Saint Petersburg has come under new sanctions imposed imposed by the US Treasury Department. You have Guinea pig. osen is variously described as a founder financer or owner of the troll farm and he's a wealthy guy indeed more on this later. We tend to think of disinformation as something states do and indeed the word comes from a Russian Word D. as in for Matsuoka it was defined in the old Soviet encyclopedia but the practice didn't fall out of use when Soviet power went the way of the Dodo at the end of the Cold War. The Russian security organs have long been world leaders in the practice but there are also purely criminal use cases for disinformation as a recorded future study concludes much of it takes the form of Garish and dishonest advertising and apple polishing and there's enough demand to sustain disinformation as a service service market bulk social media campaigns are prominent offerings. The gangs offer services that range from what most of US would call shady. Pr Tactics like placing placing stories and both legitimate and dodgy online outlets through creating social media campaigns crafted to avoid triggering the content controls networks have put in place to limit such activity it would appear from recorded futures experiment that disinformation as a service is fast affordable and arguably effective the researchers created a fictitious company which their report calls the Tyrell Corporation and then contacted two competing disinformation specialists in the russian-speaking underground to pull together competing campaigns one pro and the other anti tyrel the salesman of the two groups which recorded future calls Rascal Nicole and doctor Zhivago Zhivago where a highly professional patient and apparently easy to work with they also offered clear pricing and they delivered on their end of the deal of the two doctor. Doctor Zhivago was the more experienced and sophisticated but both delivered the content with novel Listrik Flare. Od at Ammo I hate and I love said the old time European poet and the more things change the more they stay the same as another old European saying has it and internal E. U. Policy Document from the European Commission's Directorate General for Communications Networks Content and technology has leaked and shows the E. U. As being of two minds with respect to foreign foreign technology it wants foreign technology and for foreign here read Chinese and American but it fears them as well the leaked document recommends an urgent initiative for Technological Sovereignty Bloomberg reports and e you spokesman e mailed Bloomberg to say simply. We don't comment on leaks but the word word on the street. Is that the twenty three page document itself a chapter in a larger briefing book says quote Europe's Position Influence in global markets will be eroded affecting European leadership and jeopardizing our technological sovereignty in key industrial strategic value chains and quote. It's thought to represent the thinking of Ursula von Der Lyon who assumes the presidency of the European Commission next month technological sovereignty was a major plank of president-elect Vonda lions campaign but she herself of course will not have the authority to mandate it by decree that decree would have to come from the European Parliament but the leaked proposal represents an influential influential line of thinking to companies particularly mentioned in dispatches are apple and wall way and the prescription for making Europe great again is for the most part greater investment in rnd among the many observations on trends out today is one from MCI soft more than six hundred government entities in the US s mostly state and local organizations have been hit with ransomware this year. An emphasis off thinks it's going to get worse. Politico grouses that legislators are either out of ideas or indisposed to act and to help net security op ED argues for collective defense as local governments best option facebook can't seem to keep themselves out of the news these days and most of the news about facebook lately has arguably not been good for facebook but one of their initiatives to become become a major player in online cryptocurrency has been flying a bit under the radar our own Carol -Tario has this report facebook despite being hammered hammered on privacy and ethical issues for the last year or more seems to be forging ahead with new digital adventures without hardly limp in its step and one of these recent forays is facebook's new crypto currency called liberal or libra the ideas that libra would launch an early twenty twenty and that leapfrog libro would dramatically improve the way in which people send and receive money online well that is what facebook say at least so. I invited Simon Rodway from intersect to help opus understand what facebook is trying to do here and get him to look into the crystal ball and see what he thinks the impact will be on our financial lives Simon. Tell me what do you think facebook libra is going to do. Is it going to rob the financial foundations as we know it well. It's a very interesting question to ask things things and not always what they seem and I think in this particular case with with facebook specifically and with the Lebron project it sensible to look a little bit deeper than what is best preceding all libra is is an aspirational vision the vision of Libra Israeli to develop develop a safe secure and low cost way for people to move money effectively. We've seen the such a long time that the remittance remittance market is a very expensive market for in effect the poorer in our society where people want to move money to send to their family and they get they have to pay a hell of amount to do it. The reality is what Lieber is trying to do in the way that it's been presented is to try and address that particular. Gak and I think with that in mind I can only applaud it at this point wether it successful is a different matter that there are a lot of reasons why that might not be the case. Libra is just warmed drive event in this particular space. There are others we can look at the likes of the the start of banks that we see you are also looking at cross currency cross border order payments and saying okay. We can do that better okay so let's say I'm a target market for something like facebook sleep breath. What are the things I want to ask before I dive in and start using it as a as a currency there was go to the place of fear. There's this change. This is something learning different. What should I be afraid of add on because it's got the facebook stamp on it. Obviously in in our mind we can think of various reaced events that have taken place in recent months and years where we think do we really want to trust facebook with all of this information. The reality is that we call call this facebook libra but it's not facebook not directly anyway. FACEBOOK is warmed member in an association. Shen where the association will manage this network. Yes facebook with the conceiving body. They were the the organization that put the developers the bills out the libra framework so the FIA that we have which is do I really want to trust my personal identifiable information to an organization that has a track record but not really looking after that web pretty justifiable fear I would say absolutely without a doubt and the the the question that I would ask is and one information all day capturing. One information is facebook themselves capturing. They won't get access to the the Lebron network directly in that it is it's a note based network so there are a number of different parties that will.

facebook Zhivago Zhivago Europe US European Commission apple Technological Sovereignty Bloo US Treasury Department Saint Petersburg European Parliament Lebron Dave Bittner Matsuoka Listrik Flare Guinea Shen FIA Simon Rodway