Russia Escalates Cyber-attacks Despite Promises – Cybersecurity Experts Reacted

BACKGROUND:

The New York Times is reporting this morning: Russia Challenges Biden Again With Broad Cybersurveillance Operation. Of note in that reporting was that after Administration officials confirmed the attacks were ongoing, they laid the blame for any attack success at the feet of the private sector, saying “We can do a lot of things, but the responsibility to implement simple cybersecurity practices to lock their — and by extension, our — digital doors rests with the private sector.”

Experts Comments

October 26, 2021
Josh Brewton
vCISO
Cyvatar

Russia’s broken promises should come as no surprise. Adversarial countries continue to make empty promises, all while funding offensive operations around the globe. With this, there has been an exponential increase of attacks attempted by nations and their state-sponsored counterparts over the last year. It has become abundantly clear there are alternative methods to traditional warfare to destabilize economies and administrations alike.

The U.S. attempts to remedy deficiencies within the

.....Read More

Russia’s broken promises should come as no surprise. Adversarial countries continue to make empty promises, all while funding offensive operations around the globe. With this, there has been an exponential increase of attacks attempted by nations and their state-sponsored counterparts over the last year. It has become abundantly clear there are alternative methods to traditional warfare to destabilize economies and administrations alike.

The U.S. attempts to remedy deficiencies within the Defense Industrial Base(DIB) by enforcing new or increased forms of compliance, namely, the Cybersecurity Maturity Model Certification(CMMC). The CMMC no longer allows organizations to operate as part of the DIB with glaring vulnerabilities masked with the promise of getting fixed. You will need to become certified and maintain the required level of security or cease your operations with the government.

While this covers a large swath of organizations, it leaves the question of those with no direct relationship with the government. The private sector vulnerability will start to be corrected by the increased use of vendor risk management and basic security requirements required baked into contractual agreements between organizations. Few can afford to have a security breach occur within their organization or any organization they do business with. The increased pressure in the private sector between partners will drive a simple choice; comply with the required security baseline or experience client churn and the loss of future clients.

  Read Less
October 26, 2021
Saryu Nayyar
CEO
Gurucul

Not content with resting on its laurels in the wake of the largely successful SolarWinds attack, Russian state actors have been pursuing further attacks on US tech companies, as well as government agencies and think tanks. While relatively few of these attacks have succeeded, even one success is too many.

Every organization, no matter what their purpose, has to do a better job of protecting their assets. You can’t rely on “security by obfuscation” or security by cloud providers if

.....Read More

Not content with resting on its laurels in the wake of the largely successful SolarWinds attack, Russian state actors have been pursuing further attacks on US tech companies, as well as government agencies and think tanks. While relatively few of these attacks have succeeded, even one success is too many.

Every organization, no matter what their purpose, has to do a better job of protecting their assets. You can’t rely on “security by obfuscation” or security by cloud providers if you’re serious about keeping attackers out. A program of data collection and analytics, coupled with real time risk assessment is the only way to protect yourself against threats.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.