A Review of the Best News of the Week on Cybersecurity Management & Strategy
Microsoft: 1000+ Hackers Worked on SolarWinds Campaign (Infosecurity Magazine, Feb 16 2021)
Russian-backed cyber-espionage operation is “largest” world has seen
U.S. Charges North Korean Hackers Over $1.3 Billion Bank Heists (SecurityWeek, Feb 17 2021)
Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe
SolarWinds Attackers Breached 100+ Private Firms (Infosecurity Magazine, Feb 19 2021)
White House briefing reveals extent of attack on tech industry
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Many SolarWinds Customers Failed to Secure Systems Following Hack (SecurityWeek, Feb 15 2021)
Many companies still expose SolarWinds Orion to the internet and have failed to take action following the disclosure of the massive SolarWinds breach, according to RiskRecon, a Mastercard company that specializes in risk assessment.
Medieval Security Techniques (Schneier on Security, Feb 12 2021)
“Sonja Drummer describes (with photographs) two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular pattern, so that the two halves can be brought together to prove authenticity. The second is for integrity: hashed lines written above and below a block of text ensure that no one can add additional text at a later date.”
Jones Day Denies Network Breach (Infosecurity Magazine, Feb 17 2021)
America’s tenth-largest law firm says its network was not compromised following Accellion data breach
Vulnerabilities hit record high in 2020, topping 18,000 (SC Media, Feb 12 2021)
Security teams were under siege last year, according to research analyzing 2020 NIST data on common vulnerabilities and exposures (CVEs) that found more security flaws – 18,103 – were disclosed in 2020 than in any other year to date.
Cybersecurity spending for critical infrastructure to reach $105.99 billion in 2021 (Help Net Security, Feb 15 2021)
Cybersecurity spending in critical infrastructure has been little impacted by the COVID-19 pandemic, save for some reshuffling on where that spend is most needed. The effect has been mostly in increased demand for secure remote connectivity.
North Korea ‘Tried to Hack’ Pfizer for Vaccine Info – South’s Spies: Reports (SecurityWeek, Feb 16 2021)
North Korean hackers tried to break into the computer systems of pharmaceutical giant Pfizer in a search for information on a coronavirus vaccine and treatment technology, South Korea’s spy agency said Tuesday, according to reports.
Sandworm Hackers Hit French Monitoring Software Vendor Centreon (SecurityWeek, Feb 15 2021)
Russia-Linked Threat Group Caught Deploying Backdoors on Linux Servers in an Attack That Triggers New Conversations on Software Supply Chain Security
Non-profit pledges $1 million to offer free ransomware protection for private hospitals (SC Media, Feb 17 2021)
Public hospitals and health organizations are already eligible, but a series of high-profile attacks on hospitals over the past year have convinced CIS leadership to expand the services to private hospitals as well.
Kia Faces $20M DoppelPaymer Ransomware Attack (Dark Reading, Feb 17 2021)
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
Emotional intelligence playing an increasingly important role for CISOs (Help Net Security, Feb 18 2021)
The increasing importance of emotional intelligence and other skills required to work with different stakeholders are placing new demands on CISOs. However, it’s also creating opportunities for CISOs to become leaders of their organizations, according to a report from F-Secure. Traditionally, CISOs’ roles were treated as technical roles first, with secondary importance placed on non-technical skills.
Why do enterprise SOC teams need CIEM now? (Help Net Security, Feb 17 2021)
What is CIEM? Among the many changes of 2020, Gartner added a new category: cloud infrastructure entitlement management (CIEM). While CIEM may sound similar to SIEM (security information and event management), the two security solutions are not the same, and CIEM is increasingly vital as organizations continue to prioritize company-wide digital transformation and deployment of zero trust architecture.
Breaches Cost US Healthcare Organizations $13bn in 2020 (Infosecurity Magazine, Feb 18 2021)
Bitglass says over 26 million people were impacted
Most businesses plan to move away from VPNs, adopt a zero-trust access model (SC Media, Feb 17 2021)
Growing security risks have prompted companies to move away from virtual private networks (VPNs) in favor of a zero-trust model. Most organizations, 72 percent, plan to ditch VPNs, according to Zscaler’s 2021 VPN Risk Report, which found that 67 percent of organizations are considering remote access alternatives.
Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem (TaoSecurity Blog, Feb 18 2021)
CrowdStrike Buys Log Management Startup Humio for $400M (Dark Reading, Feb 18 2021)
CrowdStrike plans to use Humio’s technology to continue building out its extended detection and response platform.
Most security pros think a WAF is high maintenance (Help Net Security, Feb 19 2021)
An organization’s web application firewall (WAF) is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are spending an outsized allotment of resources on modifying these mission-critical elements, a Neustar report reveals.
WEIS 2021 Call for Papers (Schneier on Security, Feb 18 2021)
The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.