Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Smart, Is It Not?

November 14, 2019 by Marc Handelman in Cyberthis Cyberthat, Cyber PR

via Joe Uchill - writing at Axios, comes this well crafted short read detailing the use of questionable adjectives when announcing cyberattacks, that are - in fact - rarely applicable to the incoident under discussion. Today's Sophisticated Must Read.

'Sophisticated often gets used as a synonym for "our organization shouldn't be blamed for missing this."' - via Joe Uchill - writing at Axios, comes this superb read on the use of adjectives when explaining cybersecurity failures

November 14, 2019 /Marc Handelman
Cyberthis Cyberthat, Cyber PR

CIS Releases 2018 Year In Review

June 12, 2019 by Marc Handelman in Information Security, Cybersecurity, Cyberthis Cyberthat

The Center for Internet Security has released (some say unleashed) it's Annual Year In Review targeting the year 2018. Enjoy Summer 2019 while you still can, because, after all, winter is looming!

"The 2018 Year in Review covers CIS' advances in cybersecurity via the EI-ISAC®, MS-ISAC®, CIS Benchmarks™, CIS SecureSuite®, CIS Hardened Images™, CIS Controls™, and CIS CyberMarket®." - via Center for Internet Security

June 12, 2019 /Marc Handelman
Information Security, Cybersecurity, Cyberthis Cyberthat

Meanwhile, In Iran: A Doxing Story

May 03, 2019 by Marc Handelman in Cyberthis Cyberthat, Information Security, Nation State Mumbo Jumbo

The Doxing of the Iranian cybercriminals is evidently ongoing. The story so far, via Andy Greenberg, writing for Wired Magazine. Enjoy! h/t

"We are exposing here the cyber tools (APT34 / OILRIG) that the ruthless Iranian Ministry of Intelligence has been using against Iran’s neighboring countries, including names of the cruel managers, and information about the activities and the goals of these cyber-attacks," read the original message posted to Telegram by the hackers in late March. "We hope that other Iranian citizens will act for exposing this regime’s real ugly face!" - via Andy Greenberg, writing for Wired Magazine

May 03, 2019 /Marc Handelman
Cyberthis Cyberthat, Information Security, Nation State Mumbo Jumbo

DefenseOne's 'Why Haven't Terrorists Hit the US with a Devastating Cyber Attack?'

November 05, 2018 by Marc Handelman in National Security, Cyberthis Cyberthat, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyber Cyber

Sounds like a triple-reverse-Stockholm-syndrome-interrogatory, plus a rare reference by Michael Hayden: Note his '“These folks are not cyberdumb.” comment. All via Kathy Gilsinan, an Associate Editor at The Atlantic asking 'Why Haven't Terrorists Hit the US with a Devastating Cyber Attack?' Must have been a slow-cyber-news-day...

'“I’m as puzzled as you are,” said Michael Hayden, who served as CIA director from 2004 to 2008. “These folks are not cyberdumb.” “They use the web and show a great deal of sophistication in how they use it, for many purposes,” he added. “But they have not yet used it to create either digital or physical destruction. Others have.” - via Kathy Gilsinan, an Associate Editor at The Atlantic and writing at DefenseOne.

November 05, 2018 /Marc Handelman
National Security, Cyberthis Cyberthat, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyber Cyber

The Best Strategy for Cyber-Conflict May Not Be a Cyber-Strategy →

May 01, 2018 by Marc Handelman in Electronic Warfare, Information Security, Information Warfare, Information Operations, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyberwar, Cyberthis Cyberthat

Terrific post at War On The Rocks, with an intriguing theory: The Best Strategy for Cyber-Conflict May Not Be A Cyber-Strategy, via Benjamin Runkle, . There's that pesky 'Cyber' thing again... At any rate, the discussion in this case, revolves around the leveraging of electronic, computational information warfare (perhaps also known as cyberwar) by the previous administration (President Obama). Elected (of course) - as today's Must Read, and watch out for 'them cybers'!

'We will respond in a time and place and manner of our choosing, and when we do so, we will consider a full range of tools, economic, diplomatic, criminal law enforcement, military, and some of those responses may be public, some of them may not be. One analyst derided the vice president’s pronouncements on the topic as “Biden threatening to threaten Russia.”' - via Benjamin Runkle at War On The Rocks

May 01, 2018 /Marc Handelman
Electronic Warfare, Information Security, Information Warfare, Information Operations, Cyber Cyber Cyber Cyber, Cyber Cyber Cyber, Cyberwar, Cyberthis Cyberthat

CyberGeorgia, State of →

April 03, 2018 by Marc Handelman in Must Read, Cyberthis Cyberthat, Information Security, Politicians Gone WIld

Excellent reporting via Robert N. Charette, writing at the IEEE's **Spectrum Magazine, detailing another instance of politicians gone wild. Certainly, todays' Must Read**!

April 03, 2018 /Marc Handelman
Must Read, Cyberthis Cyberthat, Information Security, Politicians Gone WIld

The Manga of the Cyber Army of the United States of America →

March 27, 2018 by Marc Handelman in Manga, Cyberthis Cyberthat, Education, Must Read

via the Institute of Electrical and Electronics Engineers Spectrum Magazine, and reporter Stephen Cass, comes a tale of the future, but firmly rooted in the present: The United States Army's new manga, published to educate both enlisted and officers alike in the dangers elicited by cyberwarfare. Entitled Dark Hammer - and written by Brian David Johnson Director of the Threatcasting Laboratory at Arizona State University - in partsnership with the Army Cyber Institute at West Point. The tome is ten pages of go-get-em-cyber-cyber-cyber.... Today's MustRead!

March 27, 2018 /Marc Handelman
Manga, Cyberthis Cyberthat, Education, Must Read

Securosis' Firestarter, 'Old School and False Analogies' →

February 18, 2018 by Marc Handelman in Education, Information Security, Common Sense, Cyberthis Cyberthat, Cybersecurity Economics, Risk Management, Risk Transfer
February 18, 2018 /Marc Handelman
Education, Information Security, Common Sense, Cyberthis Cyberthat, Cybersecurity Economics, Risk Management, Risk Transfer

Twelve Percentile →

November 27, 2017 by Marc Handelman in Cyberthis Cyberthat, Information Security, Cybersecurity, Cybersecurity Competence, Or Lack Thereof

Deaf, Dumb and Blind, but they sure play a mean pinball..., or, why only 12% of companies can detect a so-called 'sophisticated' cybersecurity attack.

November 27, 2017 /Marc Handelman
Cyberthis Cyberthat, Information Security, Cybersecurity, Cybersecurity Competence, Or Lack Thereof

Cisco 2017 Annual Cybersecurity Report: Executive Perspectives →

May 01, 2017 by Marc Handelman in Cyberthis Cyberthat, Information Security
May 01, 2017 /Marc Handelman
Cyberthis Cyberthat, Information Security

'He Is (As A Matter Of Course) Correct'

February 28, 2017 by Marc Handelman in All is Information, USNSA, US Armed Forces, Information Security, Information Warfare, Cyberthis Cyberthat, Cyber Cyber

Michael Rogers ADM USN, Director of the National Security Agency and Commander of the United States Cyber Command sums up 'cyber' quite nicely, indeed:

"Cyber is an operational domain in which we do a variety of missions and functions, many of which are very traditional,” Adm. Rogers said. “We do reconnaissance, we do fires, we do maneuvers. The same things I was used to as a surface [warfare] officer … I’m constantly going back to that.”

"Don’t make this thing so specialized, so unique, so different that it just gets pushed to the side. That will sub-optimize our ability to execute cyber operations, and quite frankly it will minimize or at least negatively impact, in my view, the operational outcomes, which is the whole reason we’re doing this in the first place.”

February 28, 2017 /Marc Handelman
All is Information, USNSA, US Armed Forces, Information Security, Information Warfare, Cyberthis Cyberthat, Cyber Cyber

Shmoocon 2017, 35yrs Of Cyberwar, The Squirrels are Winning →

February 03, 2017 by Marc Handelman in All is Information, Cyberthis Cyberthat
February 03, 2017 /Marc Handelman
All is Information, Cyberthis Cyberthat

Time to Implement Offensive Cybersecurity? →

December 14, 2016 by Marc Handelman in Information Security, Offensive Security, Cybersecurity, Cyberthis Cyberthat

The Christian Science Monitor's contributor David Brumley, PhD. pens a unique thought piece on why offensive cybersecurity is now requisite, and certainly needs a playbook...

David Brumley is the director of CyLab Security and Privacy Institute and the Bosch Distinguished Professor in Security and Privacy Technologies at Carnegie Mellon University. He's also chief executive officer of ForAllSecure. - via CSMonitor.com

December 14, 2016 /Marc Handelman
Information Security, Offensive Security, Cybersecurity, Cyberthis Cyberthat

A Hoarder's Tale, A Big Banking Bitcoin Story →

October 25, 2016 by Marc Handelman in All is Information, Bank Security, Information Security, Cybersecurity Competence, Cybersecurity Economics, Cyberthis Cyberthat, Cryptocurrency

Sacrebleu. Those crafty Brits (in reality, London City based Banks) are now planning on hoarding Bitcoins to pay cyberransoms to so-called cybercriminals. Translation: They are currently doing so, so come on guys, make your scurrilous demands, they're ready for you.  HatTip

"The virtual currency, which is highly prized by criminal networks because it cannot be traced, is being acquired by blue chip companies in order to pay ransoms..." via The Guardian's Jamie Doward
October 25, 2016 /Marc Handelman
All is Information, Bank Security, Information Security, Cybersecurity Competence, Cybersecurity Economics, Cyberthis Cyberthat, Cryptocurrency

Rodrigo Biju, We Need Hackers →

December 29, 2015 by Marc Handelman in All is Information, Cybersecurity, Cyberwar, Cyberthis Cyberthat
December 29, 2015 /Marc Handelman
All is Information, Cybersecurity, Cyberwar, Cyberthis Cyberthat

XKCD, Cyberintelligence

September 18, 2015 by Marc Handelman in Cyberthis Cyberthat, Snark, Sarcasm, XKCD, Humor

via the Stuff-of-Genius represented in a corporeal manner by Randall Munroe at XKCD.

September 18, 2015 /Marc Handelman /Source
Cyberthis Cyberthat, Snark, Sarcasm, XKCD, Humor