The dramatic surge in open source software supply chain attacks has sent defenders scrambling to find mitigations and solutions.
Software supply chain attacks increased by 742% at a time when we depend on open source software to build 97% of all enterprise code.
Security debt is a real problem for most organizations in the world today and the attackers will utilize this to their advantage. The more vulnerabilities a company has, the more likely it is that a malicious actor will take advantage of them. Security debt increases the risk of hackers gaining access to a company’s network, meaning the risk of a potential data breach soars.
To prevent security debt from building up, defenders must keep system hygiene front of mind and focus on proper network zone segmentation, essentially building a zero-trust networks.
Distributed denial of service attacks, or DDoS attacks, see malicious actors attempt to disrupt a site by overwhelming its infrastructure with a large amount of internet traffic. As DDoS attacks overwhelm a site’s bandwidth, this prevents users from accessing it.
Cloudflare Blocks Record DDoS Attack as Threats Surge
The attacks, which originated from more than 30,000 different IP addresses, targeted websites including a gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms
In today’s interconnected world, critical infrastructure is under constant threat from cyberattacks that can compromise the availability, integrity, and confidentiality of essential systems and services. As a result, governments around the world are implementing regulations to protect these vital assets from harm.
With a predicted 25.4 billion active Internet of Things (IoT) devices worldwide in 2030, companies should be looking to protect it as a rapidly growing asset and target for cyber attacks.
Research by Nozomi Networks Labs for its OT/IoT security report has found that in the latter half of 2022, IoT devices were frequently targeted by malicious actors aiming to gain control of them. Likewise, Operational Technology (OT) systems were a similar target due to their ability to destabilize a company’s network.
The ever-present threats of ransomware and data breaches make it imperative to lock down systems and prevent attackers from gaining a foothold. Hardening a system means reducing its attack surface and implementing defence in depth, preventing an entire system compromise.
The Domain Name System (DNS) is one of the oldest internet infrastructures, and often overlooked in security. However, through it passes an incredible amount of attack traffic. Attackers often use DNS to conduct command and control (C2) communication, download malware onto a machine, and facilitate multistage attacks.
State of the Internet (SOTI) report to gain insights into malicious DNS traffic and its potential impact: By Akamai.
26% of infected devices have reached out to identified initial access broker (IAB) C2 domains, including Emotet- and QakBot-related domains.
IABs present a large risk to organizations, as their primary role is to do the initial breach and sell access to ransomware groups and other cybercriminal groups.
30% of affected organizations are in the manufacturing sector — twice as many as the second-largest vertical.
Network-attached storage (NAS) devices are ripe for exploitation, as they are less likely to be patched and hold troves of valuable data. Our data shows attackers are abusing these devices through QSnatch.
Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn.
CLOUD SECURITY.
“Cybersecurity remains at the top of every organisation’s agenda. Google Cloud’s unique capabilities and expertise can help organisations, large and small, in the public or private sector, address today’s most prominent security challenges and imperatives:
- Zero Trust
- Securing the Software Supply Chain
- Ransomware and other emerging threats
- Cloud governance and Digital Sovereignty
Whether you use our trusted cloud for digital transformation, or continue to operate on-premise or in other clouds, you’ll learn how we can help you be safer with Google.”
https://cloudonair.withgoogle.com/events/summit-emea-security-2022#:~:text=Cybersecurity%20remains%20at,safer%20with%20Google.
Complete End to End Cyber Threat Intelligence Solution – Virustotal + Chronicle + Siemplify
The U.S. government has improved its alert process for emerging cyberthreats to the United States and its allies and partners around the world—with the U.S. Computer Emergency Response Team (US-CERT) alert system and the MITRE ATT&CK framework at the center. In response to a new threat, US-CERT uses MITRE ATT&CK to describe observed adversarial tactics, techniques, and procedures (TTPs).
Describing adversary behavior using the CTI knowledge base is a cornerstone of the threat-informed defense paradigm. Techniques rarely occur in isolation, and instead, the attacker typically uses each technique to pave the way for others as they pursue their ultimate objectives.
Emotet continues to be used in wide broad-based attacks against victims in all sectors across the world.
The infamous botnet has been disrupted thanks to an international effort across the US, Canada, and several European nations.
Quick recap of Global Cyber Threat Intelligence brainstorms (2019-2022) by https://1Power.substack.com and https://easytech4all.net
US Federal Agencies. Security Organisations
US Cyber Command.NSA.US Dept of Homeland Security.Department of Defense . Secret Service CID. CISA.FBI
UN Security Council Cyber Threats Debate –
UNIDIR Cyber Stability Conference 2021 & AI Disruption Peace Security (innovations dialogue) 2022
https://1powercyber.substack.com/p/unidir-cyber-stability-conference
Importance of Information and Communication technologies .
NATO Locked Shields 2022
https://1powercyber.substack.com/p/nato-locked-shields-2022?utm_source=pocket_mylist
Cyber Polygon with World Economic Forum and INTERPOL
https://1powercyber.substack.com/p/wef-and-interpol-cybersecurity-mega?utm_source=pocket_mylist
White House National Cybersecurity Strategy
Countering Ransomware with Department of Homeland Security , Cybersecurity and infrastructure Security Agency , Federal Bureau of Investigation , SecretService Criminal Investigation Department
Cyber Essentials by Cybersecurity and Infrastructure Security Agency and Department of Homeland Security.
Ransomware Attackers Defenders – FBI’s perspective
US Cyberspace Solarium Commission
UK Cybersecurity Association with Digital Police Center.
Fourth Annual Cybersecurity Summit by Cybersecurity and Infrastructure Security Agency .
Fourth CEO Summit – USA
State of American Business 2023
Challenges faced by Government and international LAW Enforcement
Intelligence and National Security Alliance (INSA) 2022 UPDATE
What is Advanced Cyber Threat Intelligence ?
Accreditations Webinars LMS – Cybersec CTI
Google Cloud Security Summit with Chris Inglis (National Cyber Director , Executive office of the US President)
https://1powercyber.substack.com/p/google-cloud-security-summit-with
Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances, or as managed services; these products are also used to log security data and generate reports for compliance purposes. The term and the initialism SIEM was coined by Mark Nicolett and Amrit Williams of Gartner in 2005.
Zero Trust Architectured Networks by Cybersecurity and Infrastructure Security Agency
1PowerCyber and Easytech4all Global CTI Research & Analysis.
Mapping Global CTI Landscape and Visual Trends
International Cyber Threat Intelligence Brainstorms
Safe and Secure Digital Ecosystem for Schools by US Department of Homeland Security and Department of Justice
Global Cyber Threat Landscape
CyberKinetic and 5G
https://1powercyber.substack.com/p/cyber-kinetic-warfare?utm_source=pocket_mylist
Cyber Independence and Freedom
Cyberattacks and Critical Infrastructure (Reading & Resources)
Space Threats and Satellite Navigation Systems
https://1powercyber.substack.com/p/space-threats-satellite-navigation?utm_source=pocket_mylist
Comsec Protocols and Paradigms
https://1powercyber.substack.com/p/comsec-protocols-and-paradigms?utm_source=pocket_mylist
Advanced Cyber Threat Intelligence Landscape and Updates via Digital Magazine by 1PowerCyber for Easytech4all.net
Advanced Cyber Threat Intelligence Research Analysis Assessment and Projections . Video Playlist .
Advanced Cyber Defense Threat Intelligence Blog in Progress
https://easytech4all.net/author/easytechonline/
https://1powercyber.substack.com
https://1powercyber.blogspot.com
https://easytech4all.tumblr.com/
References
Clarke R.A, K. R. (2010). Cyber war: the next threat to national. eCCO.
Clarke, R. (2011). Cyber War: The Next Threat to National Security and What to Do About It. Harper Collins.
Cybersecurity and Infrastructure Agency. (2021, October 15). CISA HOME. Retrieved October 14, 2021, from https://www.cisa.gov/about-cisa
Gazula, M. B. (2017). Cyber Warfare Conflict Analysis and Case Studies. Massachusetts Institute of Technology .
Jeremy Rabkin, A. R. (2016). Hacking Back Without Cracking Up. Aegis Paper Series No. 1606.
Kukuh Ugie Sembodho, A. T. (2021). The Limitation of United States Deterrence Strategy Towards North Korean Cyber . Global Strategis, p. 150.
Libicki, M. (2009). Cyberdeterrence and cyberwar. Santa Monica: The Rand Corporation.
M, T. (2012). An analysis for a just cyber warfare in Cyber Conflict (CY-CON). , 2012 4th International Conference on,, (pp. 1-10).
National Security Agency. (2021, October
14). NSA Home.
Parks R, D. D. (2011). Principles of cyberwarfare, security privacy. IEEE, 30-35.
Rid, T. (2012, March). Think Again: Cyberwar. Foreign Policy , pp. 80-84.
Sanger, D. (n.d.). The Perfect Weapon: War, Sabatoge, and Fear in the Cyber Age. New York: Crown Publishers.
Schmitt, M. (2014). The Law of Cyber Warfare: Quo Vadis? Stanford Law & Policy Review, 269-270.
Tallin Mannual. (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations.
The White House. (2011, April). National Strategy for Trusted Identities in
Cyberspace.
The White House. (2021). Improving the Nation’s Cybersecurity. Federal Register Vol. 86.
Trautman, L. J. (2016, April). Cybersecurity: What About US Policy? Journal of Law, Technology & Policy, p. 344.
US Cyber Command. (2021). US Cyber Command Mission. Retrieved from https://www.cybercom.mil/About/Mission-and-Vision/
Global Cyber Defence Intelligence | Strategic Communications - CyberSpace AI | OS Hardening | Adv Integrated Modular Battlefield Management System | Research & Analysis 