Recent cyber attacks against critical infrastructure such as the attack on Colonial Pipeline Co. has put cybersecurity in the spotlight.
But combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them, Gene Yoo, CEO of Resecurity Inc., told SIGNAL Magazine Editor-in-Chief Robert K. Ackerman during a SIGNAL Media Executive Video interview.
Adversaries come in different types, he added, noting that these range from part-time hacktivists to skilled professionals working for criminal organizations or state intelligence agencies.
Another reality is that there is a growing body of cyber “mercenaries” working for pay. “We’re talking about cyber espionage or sophisticated attacks … the reality is we have all these open holes like swiss cheese in our networks and products,” Yoo explained.
To combat such threats, there is a need for accurate intelligence to companies and government agencies. This intelligence is just as important as the need for information sharing between organizations, Yoo said.
The situation in cyberspace, especially where the U.S. stands against criminals and rival governments, is very much like the “wild west,” Yoo explains.
“We are at a vulnerable state,” he added.
Part of this vulnerability comes from constant product changes in software and internet-connected devices that affects the online environment. This churn makes it an “open season” for cyber attacks, Yoo said. An aspect of this challenge is what he refers to as the “technical debt” many companies and government agencies have, which includes antiquated operating systems and unpatched software to misconfigured cloud instances.
Migrating to the cloud greatly expands an organization’s attack surface and solving this challenge is complex and requires multiple related steps to address, Yoo said.
The COVID-19 pandemic and many organizations’ requirement for remote work also created opportunities for fraud and other criminal activity. However, one thing that hasn’t emerged is a major organizational data breach related to the pandemic. Instead, Yoo noted that advanced nation-state adversaries targeted third parties and supply chains.
Moving to a telework footing created a set of security challenges for many companies and government agencies because “anything that was connected to a VPN was hard to patch,” Yoo said. This difficulty means that software updates are more difficult and longer to carry out, meaning that any updates are enabled only when users are connected to their organization’s network.
This security gap is leading to a rise in ransomware attacks and other types of cyber attacks. Because of this ongoing threat, organizations must pay attention to computer hygiene. “Is your computer hardened and is your software patched?” Yoo said.
Source: https://www.afcea.org/content/cyber-hygiene-key-protecting-networks-changing-online-environment
