Get the latest cybersecurity news from leading companies, news outlets and blogs.
Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.
Did the Riot at the Capitol Pose a Cybersecurity Threat?
The pro-Trump mob that stormed the U.S. Capitol’s Senate floor and Capitol rotunda on Wednesday may have breached more than just the building’s physical security, according to a recent article on www.latimes.com. Could any computers left on be vulnerable? University of Maryland Global Campus’s Jesse Varsalone, associate professor of computer networks and cybersecurity, quoted in the article, said that if rioters got their hands on congressional computers that were still logged in, they may have been able to access information. But if those computers were encrypted, they wouldn’t be able to get anything, he said. Read more.
Biden Team Taps Neuberger for New White House Cybersecurity Role
According to a recent report on www.politico.com, Anne Neuberger, an National Security Agency veteran, who has been serving as the agency’s director of cybersecurity since 2019, will be named deputy national security adviser for cybersecurity in the incoming National Security Council. Neuberger’s hiring indicates that the Biden White House intends to reelevate cybersecurity as a key national security priority. Neuberger will be responsible for coordinating the federal government’s cybersecurity efforts, notably to look into the massive cyberespionage campaign carried out last year by suspected Russian hackers. Read more.
SolarWinds APT Hack Serves As Wake Up Call
Advanced Persistent Threats (APTs), in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected, have been around for a while. The recently detected, high-profile SolarWinds APT hack that targeted several US federal departments, private companies and critical infrastructure organizations has raised many questions that are yet to be answered, according to a recent article on www.www.csoonline.com. Learning more about this breach calls for a refocus on improving cybersecurity both in the governmental and private sectors, and for a holistic point of view whereby we analyze and understand flaws in identification, protection, detection, response and recovery. Read more.
Threat Detection and Remediation Are Key to Preventing Next SolarWinds Breach
Big cyberattacks keep coming, according to a recent article on www.cnbc.com. But we should not be tempted to view them as common annoyances. The recent SolarWinds breach should serve as a wake-up call. It was a global supply-chain attack without precedent. It hit dozens of organizations from the U.S. Treasury to Intel and Cisco. And the hackers’ weapons of choice were not new. The bottom line is that breaches are guaranteed, so the real remedy is rapid threat detection and remediation. Without it, adversaries that evade prevention products find themselves roaming target networks at will, sometimes for month. In this crisis, it was nine months. Read more.
Businesses Need to Take Notice that Criminals Are Using AI for Cyberattacks
While artificial intelligence (AI) is being used by companies to combat breaches, attackers also are using it to their advantage, according to a recent report on www.forbes.com. For example, AI is being used to impersonate trusted users, able to replicate the tone, language, and style of a user to the point where you won't be sure it's from them or not. AI is also being used to disguise itself inside your systems by learning the communication methods, ports, and protocols most commonly used within the company. The bottom line is that criminals are using AI today and companies need to invest in AI-enabled cybersecurity. Read more.