Expert(s):
CTO feature_status*/ ?>
Attivo Networks

Comments Dotted : 3
July 22, 2020

ISC Russia Report – CISO Comments On Cyber Attacks Facing Government
Calling out Russia publicly has had little effect on them outside of sanctions and even the latter doesn’t seem to curtail this activity.
It’s been clear for a number of years that the Russians have every intention to continue their efforts to undermine the fabric of Western society. They do this by focusing on a non-stop flow of disinformation campaigns in their targeted countries to sow disinformation to undermine free society foundations and especially hamper free and fair elections. Countries should have a structure in place to strike back in a fair and meaningful manner through offensive cyber actions. This structure.....Read More
It’s been clear for a number of years that the Russians have every intention to continue their efforts to undermine the fabric of Western society. They do this by focusing on a non-stop flow of disinformation campaigns in their targeted countries to sow disinformation to undermine free society foundations and especially hamper free and fair elections. Countries should have a structure in place to strike back in a fair and meaningful manner through offensive cyber actions. This structure should be focused inside government and not allow individual companies to retaliate when impacted by Russian campaigns (or any other country). Calling out Russia publicly has had little effect on them outside of sanctions and even the latter doesn’t seem to curtail this activity. Hitting them in cyberspace where it’s impactful to their society and could help counter Putin’s government is where attention is needed. Organizations attempting to thwart activity from Russia and other nation-states need to step up their game where they detect malicious activity inside their enterprises in quick fashion. Public Service Announcements across media and social media could also help educate the public and help counter disinformation campaigns from foreign sources. It is quite clear that significant action must be taken before foreign efforts to undermine western society have a long-term effect.  Read Less
July 17, 2020

Experts Insight On Major US Twitter Accounts Hacked in Bitcoin Scam
it’s impossible to state specifically at this point in time how the systems were taken over since we don’t have the internal details from Twitter.
The Twitter attack is an interesting one and we were lucky the actors involved were interested in monetizing the compromise versus creating potential significant unrest through the high profile accounts that were impacted. On the technical side, it’s impossible to state specifically at this point in time how the systems were taken over since we don’t have the internal details from Twitter. However, due to the number of accounts compromised it’s quite possible that an internal.....Read More
The Twitter attack is an interesting one and we were lucky the actors involved were interested in monetizing the compromise versus creating potential significant unrest through the high profile accounts that were impacted. On the technical side, it’s impossible to state specifically at this point in time how the systems were taken over since we don’t have the internal details from Twitter. However, due to the number of accounts compromised it’s quite possible that an internal administrators’ account was compromised via some method of phishing which bypassed any controls the individual Twitter user(s) had in place allowing the attackers to tweet anything from accounts under the control of that administrative account. If accurate, that attack could have been countered by focusing on two different but important security efforts. One, user awareness training to counter phishing susceptibility, and two, instrumentation inside the perimeter and on endpoints to detect adversary lateral movement and credential use. Both of those could have stopped the attack independently if the suspected methods are correct.  Read Less
June 04, 2020

Experts Insight On Hackers Steal Data From US Nuclear Missile Contractor
Practical measures include ensuring all data is backed up with copies kept offline.
This is yet another high-profile example of a contractor being inadvertently used by threat actors to carry out a ransomware attack. Ransomware attacks are particularly prevalent at this time because threat actors know organisations may have left themselves vulnerable in the rush to avoid business disruption during the pandemic. To deal effectively with ransomware organisations need to move from reactive, incident response to an anticipatory, threat preparedness mindset. Practical measures.....Read More
This is yet another high-profile example of a contractor being inadvertently used by threat actors to carry out a ransomware attack. Ransomware attacks are particularly prevalent at this time because threat actors know organisations may have left themselves vulnerable in the rush to avoid business disruption during the pandemic. To deal effectively with ransomware organisations need to move from reactive, incident response to an anticipatory, threat preparedness mindset. Practical measures include ensuring all data is backed up with copies kept offline. Other steps include maintaining a secure infrastructure in line with NIST, ISO, or NCSC standards. Additionally, put in place a mechanism to cover lateral movement and ransomware detection and mitigation. Create, exercise, and update your incident response place at least yearly. Keep your systems are updated and have the latest patches.  Read Less