"The 2018 Year in Review covers CIS' advances in cybersecurity via the EI-ISAC®, MS-ISAC®, CIS Benchmarks™, CIS SecureSuite®, CIS Hardened Images™, CIS Controls™, and CIS CyberMarket®." - via Center for Internet Security
"We are exposing here the cyber tools (APT34 / OILRIG) that the ruthless Iranian Ministry of Intelligence has been using against Iran’s neighboring countries, including names of the cruel managers, and information about the activities and the goals of these cyber-attacks," read the original message posted to Telegram by the hackers in late March. "We hope that other Iranian citizens will act for exposing this regime’s real ugly face!" - via Andy Greenberg, writing for Wired Magazine
Sounds like a triple-reverse-Stockholm-syndrome-interrogatory, plus a rare reference by Michael Hayden: Note his '“These folks are not cyberdumb.” comment. All via Kathy Gilsinan, an Associate Editor at The Atlantic asking 'Why Haven't Terrorists Hit the US with a Devastating Cyber Attack?' Must have been a slow-cyber-news-day...
'“I’m as puzzled as you are,” said Michael Hayden, who served as CIA director from 2004 to 2008. “These folks are not cyberdumb.” “They use the web and show a great deal of sophistication in how they use it, for many purposes,” he added. “But they have not yet used it to create either digital or physical destruction. Others have.” - via Kathy Gilsinan, an Associate Editor at The Atlantic and writing at DefenseOne.
Terrific post at War On The Rocks, with an intriguing theory: The Best Strategy for Cyber-Conflict May Not Be A Cyber-Strategy, via Benjamin Runkle, . There's that pesky 'Cyber' thing again... At any rate, the discussion in this case, revolves around the leveraging of electronic, computational information warfare (perhaps also known as cyberwar) by the previous administration (President Obama). Elected (of course) - as today's Must Read, and watch out for 'them cybers'!
'We will respond in a time and place and manner of our choosing, and when we do so, we will consider a full range of tools, economic, diplomatic, criminal law enforcement, military, and some of those responses may be public, some of them may not be. One analyst derided the vice president’s pronouncements on the topic as “Biden threatening to threaten Russia.”' - via Benjamin Runkle at War On The Rocks
via the Institute of Electrical and Electronics Engineers Spectrum Magazine, and reporter Stephen Cass, comes a tale of the future, but firmly rooted in the present: The United States Army's new manga, published to educate both enlisted and officers alike in the dangers elicited by cyberwarfare. Entitled Dark Hammer - and written by Brian David Johnson Director of the Threatcasting Laboratory at Arizona State University - in partsnership with the Army Cyber Institute at West Point. The tome is ten pages of go-get-em-cyber-cyber-cyber.... Today's MustRead!
"Cyber is an operational domain in which we do a variety of missions and functions, many of which are very traditional,” Adm. Rogers said. “We do reconnaissance, we do fires, we do maneuvers. The same things I was used to as a surface [warfare] officer … I’m constantly going back to that.”
"Don’t make this thing so specialized, so unique, so different that it just gets pushed to the side. That will sub-optimize our ability to execute cyber operations, and quite frankly it will minimize or at least negatively impact, in my view, the operational outcomes, which is the whole reason we’re doing this in the first place.”
David Brumley is the director of CyLab Security and Privacy Institute and the Bosch Distinguished Professor in Security and Privacy Technologies at Carnegie Mellon University. He's also chief executive officer of ForAllSecure. - via CSMonitor.com
Sacrebleu. Those crafty Brits (in reality, London City based Banks) are now planning on hoarding Bitcoins to pay cyberransoms to so-called cybercriminals. Translation: They are currently doing so, so come on guys, make your scurrilous demands, they're ready for you. HatTip
"The virtual currency, which is highly prized by criminal networks because it cannot be traced, is being acquired by blue chip companies in order to pay ransoms..." via The Guardian's Jamie Doward