Paranoid Technology All things cybersecurity

1Jan/23Off

2023 Cybersecurity Predictions

Covid relaxed its grip in 2022, but Cybersecurity threats are alive and well. Predictions this year are not so different, but the intensity of the threats are compounded by the Ukrainian conflict and the dire economic outlook for 2023; needless to say, as years go by, attackers are getting more sophisticated.

 

 

 

A short summary of the predictions:

  1. Supply Chain Attacks Alive & Well
  2. Cyber Skill Gap is Now a Crisis
  3. Ransomware and Malware
  4. Gullible be Phished
  5. Patch or Die
  6. Cyberwarfare
  7. Increase in Cryptocurrency Related Cybercrime
  8. Cyber Security Teams will Stretch Thinner
  9. Work from Home aka Increased Attack Surface
  10. Lack of Cloud Security will Bite Back
7Jan/22Off

2022 Cybersecurity Predictions

Predictions from 2020 and 2021 like “Information warfare continues to evolve” and “From globalism to nationalism” remain valid, but in 2022 we want to highlight the evolving threat environment the pandemic has created – from nation states to your employees’ psychology and the potential impact on your information assets.  Here are our 2022 predictions:

 

1. COVID drives continued cloud migration (related to the 2021 flight to cloud)– as the pandemic keeps work remote, incumbent SaaS providers and armchair entrepreneurs are seeing more and different opportunities for cloud services. This means more users for cloud services, which drives revenue for cloud infrastructure and SaaS providers; and more consumer and enterprise data onto these cloud applications.

Cloud security starts with decent data classification / labeling and confirming that cloud applications meet regulatory requirements. If you are a consumer, familiarize yourself with the security and privacy settings... Always remember "the cloud is somebody else's server" and not all breaches make the news...

2. Remote work requires better cyber-hygiene  at home –  with the pandemic ramping up, the workforce will continuing to work from home and utilize corporate cloud assets… This trend means new attack vectors and corporations need to validate employees' cyber hygiene. Failure could mean that a combo of Open Source Intelligence (OSINT) and lax security measures will put your company in the headlines.

12Jan/21Off

(Cyber)Security Implications of the Capitol Attack

On January 6 – a mob of people attempted a civilian coup d’état on Capitol Hill… This post focuses on the cybersecurity aspects of this incident.

There has been a continuing targeted disinformation campaign within the U.S. for some time and the biggest enabler of this is social media. It feeds on the information-bias by providing targeted content for individuals based on their preferences and activities; effectively reinforcing self-radicalization – the only objective is to increase advertising revenue. As a result everyone has a different reality, and society cannot seem to agree on simple facts which is deepening social-fragmentation…

This is a significant threat to democracy - as Winston Churchill put it - “The best argument against democracy is a five-minute conversation with the average voter.”

And ironically once again the Capitol Hill incident was coordinated via the social media…

Identified threat vectors based on what happened that day:

11Jan/21Off

Reflections on 2020 and 2021 Cybersecurity Predictions

We are breaking our usual silence with our annual cyber security predictions….

Reflecting back on our 2020 predictions –

1. Year of the IoT CISO – 2020 did not quote on quote became the “Year of the IoT CISO”, but we certainly observed more demand for security professionals that understand full-stack IoT development. As things evolve this trend should continue.

2. Adoption of 5G will introduce a number of problems – 2020 was supposed to be the big transition for 5G, Covid-19 put a damper on that... 5G service is still spotty... The only observed problem so far were the attacks on 5G towers – there was an attack surface, but it was physical not software 🙂

3. More attacks on infrastructure – there were no major direct infrastructure attacks in 2020, but with COVID-19 pandemic showed the weaknesses and dependencies in the supply chain more clearly. Even though there were no major events in 2020, we suspect a major infrastructure attack is still not off the table in the future; it is just a matter of time. Also the fallout from SolarWinds incident may have some downstream effects on the infrastructure in 20201.

4. Cloud transition continues – COVID-19 definitely emphasized this prediction – transition to the cloud was stronger than ever.

5. Ransomware alive and well – unfortunately this year from county governments to technology companies to hospitals many entities were targeted by cyber criminals; for a reason, they were getting paid… We heard about some of these due to required disclosures, but a good chunk was handled under the table. Healthcare was especially targeted given the pressure they under due to the pandemic, which made them easier paying targets. Given the success in this style of attack we expect this to continue in 2021 as well.

6. Information warfare continues to evolve – In 2020 we saw that information warfare is used by domestic and foreign adversaries very effectively- but there were numerous examples of disinformation incidents fueled by social media adding to the already tense social climate… On the deep fake front - there were not  so many high-profile deep fake incidents as we predicted, there was definitely developments on detection and public awareness.

7. ML is a double edged sword – Based on the events observed in 2020 ML definitely failed on the defensive side; but malware is definitely getting smarter and harder to detect. We ended the year with SolarBurst - It provided a deep insight into how evolved cyber adversaries are; fallout from the incident still continues and we may never know the true impact on the U.S.

8. Privacy issues continue – a lot more states in the U.S. jumped on the California CCPA’s bandwagon; GDPR is in full-gear, privacy is definitely scrutinized more than ever before...

20Jan/20Off

Security Predictions (& Resolutions) for 2020

Our predictions from 2018, were still valid for 2019, so we skipped a year 😉 Since the decade has come to a close, sharing predictions for 2020 and beyond seems in order… starting with a strategic view of the trends and emerging business problems affecting CISOs today…

Predictions for 2020
1. Year of the IoT CISO – we did not reach Gartner’s 20 billion connected devices by 2020, but we are almost there… The attack surface is increasing rapidly – from personal wearables to medical devices to connected cars to toasters and more – as the proverb goes “where there’s entropy there is chaos” 😉 At least initially…

8Jan/18Off

7 Scary Security Predictions (& Resolutions) for 2018

Information security has become a source of fear and uncertainty for many organizations, so this year’s scary security predictions are backed up by recommended New Year’s resolutions. If you’re unsure of how to action this advice, just talk to us.

  1. Artificial intelligence (AI) is dead, long live artificial intelligence – AI is an overused term and hard to achieve; the early stages of AI are mostly machine learning and a long way from nirvana. Information security leverages machine learning to detect and understand complex patterns of machine-2-machine (m2m) and machine-2-human (m2h) interaction. Machine learning outputs will be fed to decision support solutions, driving automated outcomes via complex workflow engines. Before this vision can be realized, full integration of security operations automation is needed. Right now the market remains fragmented and solves for specific problems; the vision is to create solutions that address security’s complexity while integrated with the many facets of business operations. Before making the move to “AI”, it’s important to get your own house in order:
18May/17Off

Wanna Cry?!!! We do…

The cyber-attack that happened earlier this week reminded us of the questions posed in our March post – Initial Thoughts on Wikileaks Vault 7 Leak Series:

This wikileak points to increasing erosion of public safety - despite having these tools at hand, world governments (US, UK, Germany) continue to push for encryption back doors. Equation Group’s leak (NSA) late 2016 and this latest CIA leak once again prove all organizations have their OpSec issues - the three letter agencies are themselves at risk; backdoors, once discovered, work just as well for foreign spies, cyber-criminals and script kiddies.  Who is protecting the innocent? “

Apparently no one… Is the NSA going to step up and accept responsibility? Maybe if hell freezes over – “Cannot either deny or confirm the existence of these weapons…” Well, everybody else did – who cares if you do or don’t?!!

Interestingly, even Chinese state media called for the NSA to take some responsibility, how ironic… Like they should be talking…

21Mar/17Off

Thoughts on the Electronics Ban and How to Protect Your Privacy

Initially was a longer analysis of the whole situation, but we wanted to just focus on the security aspects - here it goes:

Those of us that has been in the field of security for a while knows the concept of security-in-depth… What this means in this context; imagine the airport layers as concentric rings until you get to the plane, there are many – why is this focus on the airplane itself? If the bad guys want to do damage, outer layers of the airport security; ticketing, luggage claim is more vulnerable than anywhere else in the airport because that is where a lot of people congregate in masses, more collateral damage…

Also, is an explosive device in the cargo bay safer than on flight deck? We are not experts on explosives, but logic dictates pressure change in a pressurized cabin in high altitude will not be safe wherever on deck you make it go off… According to the reports the Russian Airliner that went to down over Egypt's Sinai Peninsula in October 2016 was due to an explosive in the cargo hold.

8Mar/17Off

Initial Thoughts on WikiLeaks Vault 7 Leak Series

WikiLeaks issued a Press Release yesterday  announcing a new series of leaks from the CIA that they code named "Vault 7", claiming that it is the largest classified information leak from the agency.  The way the documents are distributed makes it difficult to confirm authenticity, but historically where there is smoke there is fire, and later releases may provide more proof. A quick glance reveals it is the continuum of the joint operation between the US and the UK – showing that the CIA has created an internal hacking capability for delivering signals intelligence and tailored access capabilities that rivals that of the NSA.  Exploit sets range from Android, iOS smartphones to Samsung TVs, Linux, Mac, Windows 0 day attacks and more.

What is also interesting is, it shows the distrust between the agencies...

From a review of the documents, the scale and scope of the CIA's hacking ability is significant – as WikiLeaks describes:

“By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.”

What is targeted? Pretty much everything that is connected…

15Feb/17Off

Who has my Data and Why?

Decided to dedicate this entry on how personal information is collected by everyday services we use and how it could impact our lives…

Security professionals quite often find themselves explaining how to protect one’s privacy, but the response is usually one of the following:

  • I have nothing to hide
  • This sounds like a conspiracy theory
  • Glazed eyes

People are focused on the menial conveniences they receive using these free applications in exchange for data… In technology if something is free – never forget – you are the product!!  Even applications and devices we pay for are disrespectfully collecting information in the name of customizing our experience. There is a massive information gathering wars between: