Cybercrime: It’s Not About How, But Why?

When most people think about cybercrime, especially when they are victims of a data breach or business interruption by
hackers, they tend to focus on the how. While tempting, this rarely leads to the culprit or a better defense.

Considerations for Starting a NIST CSF Assessment 

In protecting an organization from cyber risk, clarity about the effectiveness of its cybersecurity program is imperativeThe organization must understand its security posture and identify gaps in safeguards to ensure that security investments align with the organization’s risk appetite. Performing assessments using a reference framework, such as the NIST Cybersecurity Framework (CSF), provides the means for evaluating current cybersecurity posture and potentially identifying risk for further analysis. Additionally, the use of NIST CSF to create current profile (where the organization stands at the time of the assessment relative to each control) and target profile (where the organization would like to be at some future date relative to each controlhelps in identifying gaps in a cybersecurity program and establishing areas for improvement in a consistent and methodical manner.  

National Guard Called In To Thwart Cyberattack in Louisiana Weeks Before Election

The Louisiana National Guard was called in to stop a series of cyberattacks aimed at small government offices across the state in recent weeks, Reuters reported Friday, citing two people with knowledge of the events, highlighting the cyber threat facing local governments in the run up to the 2020 U.S. presidential election. From the report:

The situation in Louisiana follows a similar case in Washington state, according to a cybersecurity consultant familiar with the matter, where hackers infected some government offices with a type of malware known for deploying ransomware, which locks up systems and demands payment to regain access. Senior U.S. security officials have warned here since at least 2019 that ransomware poses a risk to the U.S. election, namely that an attack against certain state government offices around the election could disrupt systems needed to administer aspects of the vote. It is unclear if the hackers sought to target systems tied to the election in Louisiana or were simply hoping for a payday. Yet the attacks raised alarms because of the potential harm it could have led to and due to evidence suggesting a sophisticated hacking group was involved. Experts investigating the Louisiana incidents found a tool used by the hackers that was previously linked to a group associated with the North Korean government, according to a person familiar with the investigation.

Defense in Diversity

Security has always claimed that “Defense in Depth” is the dominant strategy. As we enter the world of automated workloads at internet-scale, it has become clear that it is in fact “Defense in Diversity” that wins over depth. When dealing with large-scale automated attacks, iteration over the same defense a million times is cheap. However, attacking a million defenses that are slightly different is costly for the threat actor.

CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant

Image: Stuart Kinlough/Getty Images

U.S. Customs and Border Protection is refusing to tell Congress what legal authority the agency is following to use commercially bought location data to track Americans without a warrant, according to the office of Senator Ron Wyden. The agency is buying location data from Americans all over the country, not just in border areas.