Retour aux nouvelles

3 septembre 2019 | International, Sécurité

What’s changing in the cyber domain? We ask industry experts

By: Andrew Eversden

“What are you talking about now in cybersecurity that you weren't talking about six months ago?”

Fifth Domain posed this question to cybersecurity experts at Black Hat, a cybersecurity conference in Las Vegas, Nevada, that ran from Aug. 3-8. With the cyber domain rapidly evolving, we wanted to know how conversations within the cyber community are changing.

Some pointed to a new focus on utility systems and web-connected devices that sit on critical infrastructure.

“It's only a matter of time until there's another major disruption in an electric utility somewhere in the world, probably not in the U.S., but elsewhere,” Sergio Caltagirone, threat intelligence director at Dragos, said at the conference Aug. 5. “But oil and gas has the higher likelihood of a major destructive and loss-of-life event. And I think most people did not realize how close to that we actually were.”

Caltagirone was referring to the TRISIS event, malware that struck industrial control systems at a Saudi Arabian petrochemical plant and could've caused physical harm. He said that in the aftermath of that attack, threat researchers diving into the details realized just how bad it could've been.

“We started finding a lot of stuff which hadn't been found before,” Caltagirone said. “Which made us realize very quickly how close that space is to a major event.”

Dave Weinstein, chief security officer at Claroty, pointed to an “explosion” of devices connected to the internet of things..

“It's really a product of this general consensus among industrial organizations that the benefits exceed the costs in terms of embracing this type of digital transformation," Weinstein said Aug. 8, adding that organizations must be “mindful” of these devices and have a plan to mitigate their potential vulnerabilities.

Brian Costello, a senior vice president at Flashpoint, told Fifth Domain on Aug. 8 that he is more often than before focusing on targeted cyberattacks from bad actors. That's a shift away from “campaign-based” attacks that tracked.

There's “more planning out, more scoping out of targets and taking long-term planning to go after [a] particular target with a specific asset in mind,” Costello said.

Along that same vein, Julian Zottl, a senior cyber architect at Raytheon, said he's noticing more inclusion of all-source intelligence in threat analysis.

“We're looking at ... all the sources and trying to figure out indicators,” Zottl said Aug. 7. “[We're] even trying to do predictive analytics now, where it's like, ‘Oh, we see this threat might be coming.' I think that's something that we're starting to talk about more and more.”

Several cybersecurity professionals interviewed by Fifth Domain said the U.S. government is moving away from the classic cyber kill chain and over to the MITRE ATT&CK framework, which dives deeper into potential threats to information security.

“They used to think the hackers would just come in to steal secrets, conduct espionage and then leave,” said Tom Kellermann, chief cybersecurity officer at Carbon Black and a former commissioner on the Commission on Cyber Security for then-President Barack Obama.

“In fact, they're maintaining persistence in these systems. They're manipulating the integrity of data and then they're using federal government agencies themselves and personnel's devices themselves to target anyone who implicitly trusts that person, that agency, that department.” he told Fifth Domain on Aug. 6.

Chris Kennedy, chief information security officer at AttackIQ and a former official with the Treasury Department and the Marine Corps, said these new frameworks in use along with federal continuous monitoring programs allow for more attacker emulation, essentially simulating the attack agencies could face.

“Agencies are starting to realize the value of attacker emulation as a way to measure and benchmark the effectiveness of their security controls,” Kennedy said on Aug. 7.

And with government agencies in different stages of cloud migration, agencies will need to learn how that fits into their cybersecurity posture. Marten Mickos, CEO of white hat hacking company HackerOne, said this a new discussion. He also said the conversation surrounding the use of ethical hackers in government environments has evolved: The word “hacker” is becoming more accepted.

“I do think it signals a shift in mindset," Michos said. There's a realization that "those people who portray themselves as hackers are actually those who will rescue us, not those who will destroy us.”

Despite all the changing technology and evolving threats, one aspect of cybersecurity remains set in stone, said M. K. Palmore, a field chief security officer for the Americas at Palo Alto Networks and a recently retired FBI cyber agent.

“It's about adhering to cybersecurity fundamentals,” Palmore said. “That message hasn't changed regardless of my position or where I'm located.”

https://www.fifthdomain.com/show-reporters/black-hat/2019/08/30/whats-changing-in-the-cyber-domain-we-ask-industry-experts

Sur le même sujet

  • No tanks, but the Corps is still looking for an LAV replacement

    12 mai 2020 | International, Terrestre

    No tanks, but the Corps is still looking for an LAV replacement

    Shawn Snow While the Corps plans to scrap its tank battalions the Marines are still in pursuit of a new armored reconnaissance vehicle to replace the legacy light armored vehicle. It's called the Advanced Reconnaissance Vehicle, and Marine Corps Systems Command noted in a news release that prototypes from two vendors should be ready for evaluations by the fourth quarter of fiscal year 2020. The Corps says it expects a final request for prototype proposal by spring 2021. In 2019, the Corps announced it had selected two vendors, General Dynamics and SAIC, to design and build full-scale prototypes of the new ARV vehicle. Marine Corps Systems Command detailed in the news release that an assessment had “identified shortfalls and gaps in capability” when the legacy LAV was pitted against a peer threat. Commandant of the Marine Corps Gen. David Berger has said that current light armored reconnaissance battalions across the Corps are outmoded for the high-end fight against adversaries like Russia and China. “Light Armored Reconnaissance today is built great for another Desert Shield, Desert Storm,” Berger said previously said. “I don't see that likelihood as being very great.” But the top Marine noted that reconnaissance and counter reconnaissance was vital to a fight against near-peer rivals. “No question in my mind” when going up against a capable adversary “that it pays to be spread out and dispersed,” Berger told reporters in April. “What we have to do now is transition to a lighter footprint, more expeditionary, more in support of a littoral environment,” Berger said. The top Marine said a future LAR unit should be able to collect information even potentially offshore. Marine Corps Systems Command said in the news release that it wants a “battle management system, enhanced vision technologies for increased situational awareness, and target tracking and engagement capabilities,” for its new ARV. An industry day for the ARV was slated to run in May 2020 but has been pushed back to fourth quarter of fiscal year 2020, the release said. https://www.marinecorpstimes.com/news/your-marine-corps/2020/05/11/no-tanks-but-the-corps-is-still-looking-for-an-lav-replacement/

  • Contract Awards by US Department of Defense - July 5, 2019

    8 juillet 2019 | International, Aérospatial, Terrestre, Sécurité, Autre défense

    Contract Awards by US Department of Defense - July 5, 2019

    ARMY Mike Hooks LLC, Westlake, Louisiana, was awarded a $24,000,000 firm-fixed-price contract for the rental of a 27-30 inch cutterhead pipeline dredge. Bids were solicited via the internet with three received. Work locations and funding will be determined with each order, with an estimated completion date of Sept. 4, 2020. U.S. Army Corps of Engineers, Mobile, Alabama, is the contracting activity (W91278-19-D-0034). Lions Services Inc., Charlotte, North Carolina, was awarded a $7,834,750 firm-fixed-price contract for the purchase of Improved Retention System for use on the Enhanced Combat Helmet. One bid was solicited with one bid received. Work locations and funding will be determined with each order, with an estimated completion date of July 4, 2022. U.S. Army Contracting Command, Aberdeen Proving Ground, Maryland, is the contracting activity (W91CRB-19-D-0006). DEFENSE LOGISTICS AGENCY City Light & Power Inc.,* Greenwood Village, Colorado, has been awarded a maximum $9,385,656 modification (P00029) to a 50-year contract (SP0600-14-C-8291) for the ownership, operation and maintenance of the electric distribution system at Hill Air Force Base. This is a fixed-price with economic-price-adjustment contract. Location of performance is Utah, with an April 30, 2064, performance completion date. Using military service is the Air Force. Type of appropriation is fiscal 2019 through 2064 Air Force operations and maintenance funds. The contracting activity is Defense Logistics Agency Energy, Fort Belvoir, Virginia. *Small business https://dod.defense.gov/News/Contracts/Contract-View/Article/1896941/source/GovDelivery/

  • Contracts for May 19, 2021

    20 mai 2021 | International, Aérospatial, Naval, Terrestre, C4ISR, Sécurité

    Contracts for May 19, 2021

    Today

Toutes les nouvelles