Monday, May 02, 2022

Inevitable, but not as impactive as I suspect a full on ‘state sponsored’ attack would be.

https://www.databreaches.net/hacking-russia-was-off-limits-the-ukraine-war-made-it-a-free-for-all/

Hacking Russia was off-limits. The Ukraine war made it a free-for-all.

Joseph Menn reports:

.. the third month of war finds Russia, not the United States, struggling under an unprecedented hacking wave that entwines government activity, political voluntarism and criminal action.

Digital assailants have plundered the country’s personal financial data, defaced websites and handed decades of government emails to anti-secrecy activists abroad. One recent survey showed more passwords and other sensitive data from Russia were dumped onto the open Web in March than information from any other country.

Read more at WaPo.



(Related) Perhaps both sides are showing restraint. These are not abnormally aggressive attacks either.

https://thehackernews.com/2022/05/russian-hackers-targeting-diplomatic.html

Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022.

Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29 (aka Cozy Bear), with some set of the activities associated with the crew assigned the moniker Nobelium (aka UNC2452/2652).

"This latest wave of spear phishing showcases APT29's enduring interests in obtaining diplomatic and foreign policy information from governments around the world," the Mandiant said in a report published last week.





Always a difficult problem. Some good suggestions…

https://www.csoonline.com/article/3658118/cybersecurity-metrics-corporate-boards-want-to-see.html#tk.rss_all

Cybersecurity metrics corporate boards want to see

It may be helpful to set a baseline of what board members really want to know about cybersecurity in any company. Here are their top five questions:

1. Are we secure? This question is the bane of many a cybersecurity pro’s existence because the answer now and always will be “no” from a literal 100% protection standpoint. If we rework the question to “what is our exposure level?” we can start to make headway.
2. Are we compliant? This question is often easily answered with audit results but may provide no real comfort due to its “point-in-time” perspective that can change at a moment’s notice. Better to assess our cybersecurity program using a control framework.
3. Have we had any (significant) incidents? Board members will be well-aware of any significant incidents, so this question is usually answered with details as well as estimates regarding costs and potential liability.

I said there are five questions, but the three above are the ones that are typically articulated. These final two are implied as a standard element of good board management:

4. How effective is our security program? Quality first.
5. How efficient is our security program? And then quantity.





Looks like my face has some value. I wonder if I should get a © tattoo?

https://finance.yahoo.com/news/global-facial-recognition-market-forecast-095300708.html

Global Facial Recognition Market Forecast Report 2021-2028: 3D Face Recognition Systems Gaining Traction & Adoption of Cloud-Based Facial Recognition Technology

The Facial Recognition market is projected to reach US$ 12,670.22 million by 2028 from US$ 5,012.71 million in 2021; it is expected to grow at a CAGR of 14.2% from 2021 to 2028.

The use of facial recognition in law enforcement and non-law enforcement applications is predicted to increase rapidly during the forecast period. Furthermore, facial recognition is often preferred over other biometric technologies, such as voice recognition, skin texture recognition, iris identification, and fingerprint scanning, due to its contactless procedure and easy deployment.





To be or not to be, AI asks the question.

https://www.csoonline.com/article/3658831/firms-struggling-with-non-person-identities-in-the-cloud.html#tk.rss_all

Firms struggling with non-person identities in the cloud

The explosion of non-human identities in public cloud deployments has decision makers turning to new identity and access management tools to keep their environments secure, according to a new study performed by Forrester Consulting for Sonrai Security and Amazon Web Services (AWS).

The study released Thursday found that more than half the 154 North American IT and security decision makers surveyed for the report acknowledged that they were struggling with machine and non-people identities running rampant in the cloud.

"When you secure stuff in the traditional data center model, you form networks, which form the perimeter for the model," Sonrai CISO Eric Kedrosky tells CSO. "In the cloud, those networks disappear, and identities become central to securing the cloud."

"What a lot of organizations that have moved to the cloud are finding is they're thinking a lot about those person identities but they're not thinking about those non-person identities, which are magnitudes greater than person identities," Kedrosky continues. "It's a real blind spot for organizations. They are blind to the risks that identities pose to their cloud."



No comments: