Tag: Malware

It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.

Continue reading

Best Cybersecurity Books 2018

There are tons of books on our favorite topic, but it’s always impossible to squeeze them all into one cybersecurity book list. On top of that not all of them are good enough to feature them on CyberDB. We have created a list with the must-reads cybersecurity books 2018. Some of them are in print for years, but it’s never too late to read them now. If you think that we have missed something, feel free to contact us and share your recommendations! Without further delay and in no particular order here is our list:

Continue reading

cyber battle fatigue

There is much concern about the realities of “Cyber Battle Fatigue” – a condition resulting from a never-ending process of defending networks and sensitive information from an onslaught of cyber attacks conducted by cyber criminals, cyber espionage actors, and hacktivists. These attackers continue to use a wide variety of tactics, tools, and procedures that span from being unsophisticated to very sophisticated and continue to have more successes than failures. Two things are certain in a constantly-changing domain – that no business that operates online is immune to being targeted, and two, the cyber security talent pool is sparse, and is contributing to the cyber battle fatigue reality.

The numbers are staggering and continue to outperform previous activity. In 2017, ransomware attacks demonstrated how prolific just one type of attack was. The WannaCry outbreak impacted computers in more than 150 countries that cost approximately USD $ 4 billion. According to one U.S. IT Company, in 2017, some notable cybercrime statistics illustrate the challenges facing those network defenders:

Continue reading

The collision of the USS John McCain (naval destroyer) and an oil tanker near Singapore is the recent incident in a series of four naval mishaps in 2017 alone that have plagued the U.S. Navy.  Ten U.S. sailors were initially lost at sea, some whose bodies have since been recovered.

USS_John_S._McCain_(DDG-56) after the collision

 

Are all incidents connected?

There has been much speculation as the cause of the latest accident, with some believing more than “human error” to be the root of the issue.  The other three incidents included the USS Antietam (guided missile cruiser) running aground of the coast of Japan in January, the collision of the USS Champlain (cruiser) and a South Korean fishing vessel, and the crash between the USS Fitzgerald (destroyer) and a container ship in June.  All of the vessels are part of the U.S. Pacific Fleet, and three of them are part of the U.S. 7th Fleet, the largest of the U.S. Navy’s forward-deployed fleets.  Cruisers and destroyers carry theater ballistic missile interceptors, long-range Tomahawk land attack missiles, and anti-aircraft missiles.

Could Cyber be the cause?

While the cause remains unknown at this time, there is strong speculation that cyber malfeasance may have been the catalyst.  One top U.S. Navy admiral tweeted that the Navy will conduct a thorough investigation, including a review into the possibility of “cyber intrusion or sabotage.”  Indeed in the USS Fitzgerald incident, there is strong suspicion that hostile cyber attack may have prevented the radars and systems in place from identifying the other ship.  As one news source pointed out, under standard protocol, the Fitzgerald’s captain should have been awakened and summoned to the bridge to assure a safe passage long before the ships could come near each other.

Maritime cyber security concerns have garnered attention as of late. In June 2016

 

Cyber threats to Global Shipping

Danish shipping giant Maersk was victimized by the global Petya cyberattack outages, which impacted container shipping, port and tug boat operations, oil and gas production, drilling services, and oil tankers.  Damage estimates have ranged from USD $200-$300 million to the company. The Maritime Safety Committee of the International Maritime Organization adopted a resolution that established guidelines for cyber risk management for commercial shipping sector.   In another incident, pirates broke into a shipping firms computer systems, allowing them to see which vessels were transporting the cargo they wanted to seize.

Are military vessels at risk too?

While this issue has mostly focused on civilian vessels, the events plaguing the U.S. Navy demonstrate how military naval assets can potentially be targeted by malfeasant actors, particularly those supporting a nation state’s interests.  Stealthy espionage operations have been traditionally leveraged by these actors seeking to steal information, maintain access, and generally monitor target systems.  However, the 2010 Stuxnet and a series of wiper malware incidents have revealed how suspected state actors can become more destructive in cyberspace if their intent changes from spying to punishing.

 

There is some evidence that some nation-states have been experimenting with the targeting of naval vessels via the digital domain.  According to a June 2017 report from a security company, 20 ships near the Russian Black Sea coast indicated that their Global Positioning System (GPS) location to be inland at Gelendzhyk Airport.  Such GPS anomalies can certainly be interpreted as Russia testing security measures and its capabilities by spoofing GPS that could be leveraged against opposing targets in the event of a military conflict (It should be noted that the U.S. military uses encrypted signals for geolocation of vessels, rather than commercial GPS).

Conclusion

Regardless if these series of incidents were coincidences or the result of purposeful targeting, it potentially demonstrates how valuable military assets can be targeted in the cyber domain.  Effective cyber attacks do not necessarily have to be ones that seek to destroy or even disrupt the function of information systems.  Disinformation and deception are useful tools that when operationalized properly can create specific effects. If surreptitious access can be obtained, manipulating data rather than erasing it can prove more advantageous.  The clandestine nature of such attacks and the timing of their execution not only accomplish intended objectives, but provide a level of obfuscation and plausible deniability for the attackers.

 

A more thorough investigation of the USS John McCain will hopefully yield findings that will determine the cause of the tragedy.  But the fact that maritime vessels – including those of the U.S. Navy – are on hostile actors’ target lists cannot be understated.  With 320,000 active duty personnel and 274 ships (of which more than 20 percent are deployed across the world at one time), ensuring the integrity of systems and logistics is crucial to the success of its mission.  Acknowledging its security situation and where there needs to be improvements is a step in the right direction but there needs to be a comprehensive strategy from the top down to start to address these existing shortcomings before they become a real problem.  If they haven’t already.

 

This is a guest post written by Emilio Iasiello.