Cyber News Roundup: Cyber war unleashes offensive attack on Russian trolls
Note: McKenzie Worldwide has a strong cybersecurity practice. Here is a curated news roundup we produce for Cyber Oregon, a statewide initiative we helped launch and support on an ongoing basis. Drop us a line if you want to learn how we can help move your initiatives forward.
U.S. hackers. Russian trolls. Cyber take down. It sounds like the makings of a blockbuster movie. Rather, it’s the latest in international cyber warfare. The U.S. military has retaliated against Russia, the first attempt at an “all-out information war,” according to an Engadget article. U.S. Cyber Command took Russia’s notorious Internet Research Agency offline on 2018 midterm election day last November. The U.S. Cyber Command is part of the Pentagon’s Integrated Cyber Center that will help the United States and its allies plan responses to cyberattacks.
This attack is the first offensive operation seeking to stamp out election interference attempts, according to news reported by The Washington Post. “The strike on the Internet Research Agency in St. Petersburg was part of the first offensive cyber-campaign against Russia designed to thwart attempts to interfere with a U.S. election,” officials said. In her article, U.S. Cyber Command operation disrupted Internet access of Russian troll factory on day of 2018 midterms, Ellen Nakashima writes that this operation marks the first muscle-flexing by U.S. Cyber Command, with intelligence from the National Security Agency, under new authorities granted by President Trump an Congress last year to bolster offensive capabilities.
There are two sides to this cyber fence: “This operation was nothing more than a signal to the Russians that what you did was not acceptable and we’ll take action and use some element on the spectrum of force to counter that,” says Sergio Caltagirone, a former technical lead at the NSA.”You start small to get the message across: If you do this, we will do something. If they do it again, you ratchet up the pain a little more,” according to a Wired article.
While others believe that a mere internet takedown in response to a highly aggressive campaign to swing a US presidential election could be seen within the Kremlin as the opposite of a demonstration of strength. Rob Knake, former White House cybersecurity advisor says, “Our response to a very hostile act is we’re going to cause connectivity problems? That’s not a terribly strong signal. If you shut off the internet for all of Russia, that’s a signal. Isolating one building I don’t think is much of one.”
Closer to home: A major data breach would likely shut down half of SMBs permanently
More than half of cybersecurity executives at small and medium-sized businesses (SMBs), or 58%, fear a major data breach more than a flood, fire, transit strikes, or even a physical break-in of their office, according to a new survey, Cyberthreat Index for Business Survey, reports TechRepublic. The survey finds that nearly half of respondents say a major data breach would likely shut down their business permanently. And what’s concerning is that SMBs are most worried that these attacks would most likely come from disgruntled ex-employees.
RSA Conference 2019 is Next Week!
Whether your cybersecurity posture is offensive or defensive—or both—there will be a barrage of news, innovations, solutions, and luminaries at RSA Conference 2019, the leading security conference taking place March 4-8, 2019 in San Francisco. Key themes this year will be AI and machine learning, cryptocurrency, Internet of Things, and incident response.
Many Cyber Oregon sponsors have a presence at RSA:
- AWS South Expo: 1227
- CrowdStrike South Expo: 1435
- Comcast North Expo: 5320
- Eclypsium North Expo: 6173 (Intel’s booth). Congratulations to Eclypsium! Eclypsium is a finalist for RSA Conference 2019 Innovation Sandbox Contest and part of the RSA Early Stage Expo, Booth 46
- Fortinet North Expo: 5869
- McAfee North Expo: 5745
- PacStar Charlie Kawasaki, CTO of PacStar, will be onsite reporting for Cyber Oregon.
- Palo Alto Networks North Expo: 6069
- PKI Solutions Mark Cooper, known as The PKI Guy, will be onsite reporting for Cyber Oregon.
- RFPIO North Expo: 4428
- Splunk North Expo: N6169
- Symantec North Expo: 5645
- Zscaler South Expo: 1055
