Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

MY TAKE: Here’s how the U.S. economy would lose $15 billion from a 3-day cloud outage

By Byron V. Acohido

Cyber attack scenarios have become fairly common. It doesn’t take too much imagination to conjure plausible assumptions and project Armageddon-scale damages attributable to crippling cyber attacks.

One prime example is the Herjavec Group’s 2017 cybercrime report which suggests damage caused by cyber criminals is climbing towards a whopping $6 trillion in annual global encomic damage by 2021.

Related article: Why Amazon, Microsoft, Google need to lock down cloud services

By comparison, the more narrowly defined estimates put out last week by insurance underwriting giant Lloyd’s of London and risk modeling consultancy Air Worldwide are on the conservative side. The two put out a new report, Cloud Down – The impacts on the US economy, which analyzes the financial impact of the failure of a leading cloud provider in the US.

One can actually visualize how the level of damage projected by the Lloyd’s/Air Worldwide report could play out – and how it could actually happen in the very near term. The study concludes that any failure of a top cloud services provider that extends for at least three days would cost the U.S. economy $15 billion.

Small- and mid-sized businesses that have come to rely so heavily on cloud services would be hit more heavily than Fortune 1000 companies; SMBs would sustain some two-thirds of the economic losses, the report says.

Rattling the economy

I can easily wrap my mind around how a three-day outage of Amazon Web Services, Microsoft Azure or Google Cloud could rattle the U.S. economy at that scale. These projections are sobering because they are based on tangible historical data.


“If anyone is in a solid position to estimate these losses it’s AIR Worldwide and Lloyds,” observes Inga Goddijn, executive vice president at Risk Based Security Inc., a Richmond, Virginia-based supplier of risk management services.

Goddjin points out that Lloyd’s has been responding to business interruption claims, related to all manner of physical events, for decades. That puts the Lloyd’s in possession of actual downtime cost that is typically kept confidential. (more…)

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

PODCAST: The case for rethinking security — starting with smarter management of privileged access logons

By Byron V. Acohido

Two cybersecurity trend lines have moved unremittingly up the same curve over the past two decades — and that’s not a good thing.

Year-in and year-out, organizations have steadily increased spending to defend their networks — and they continue to do so, with no end in sight. Research firm MarketsandMarkets estimates that the global cybersecurity market size will grow from $137.85 billion in 2017 to $231.94 billion by 2022, a compound annual growth rate of 11.0%.

Related podcast: Much stronger security can come from simple ‘Identity Access Management’ improvements

At the same time, the damage and disruption caused by malicious hackers has also continued to rise, with no end in sight. One recent measure of this comes from a survey of senior officials at 120 large enterprises, conducted by research firm Forrester and sponsored by Centrify, a leading supplier of identity and access management (IAM) technologies.


C-level executives disclosed to Forrester that two thirds of their companies had been breached multiple times –  a startling five times on average over the past two years. What’s more, respondents indicated these break-ins occurred evenly all across the network, at endpoints, servers, data bases and in software-as-a-service systems. …more

NEWS WRAP-UP: Meltdown, Spectre discovered in the wild – live hardware attacks one step closer

By Byron V. Acohido

Week ending Feb. 9, 2018. We’re now one step closer to witnessing cyber criminals exploiting a new class of vulnerability that exists in the hardware level of virtually every computing device in active use.

Nearly 140 samples of malware that exploit the Meltdown and Spectre vulnerabilities have been discovered by AV-TEST. Most of these are on existing proof-of-concept code, which is probably originating with white hat researchers.

Related article: Why ‘Meltdown’ and ‘Spectre’ signal a banner year for hackers

Chip makers, led by Intel, have said they’ve seen no evidence the Meltdown and Spectre vulnerabilities have been exploited to steal customer data. AV-TEST’s latest findings show the number of unique samples has risen sharply in recent weeks.  Andreas Marx, CEO of AV-TEST, told SearchSecurity he believes malware authors are still in the “research phase” of developing attacks based on Meltdown and Spectre.

Let’s not sugar-coat what this means going forward. Malware writers aren’t doing this research for nothing. Chip-based attacks are coming.

Most breaches ever

Hard metrics that 2017 was a very, very bad year, indeed, for cyber attacks came this week from consultancy Risk Based Security, which released its 2017 Data Breach QuickView Report.

The 5,207 breaches recorded last year, surpassed 2015’s previous high mark by nearly 20%. The number of records compromised also surpassed all other years with over 7.8 billion records exposed, a 24.2% increase over 2016’s previous high of 6.3 billion. …more

MY TAKE: Epiphany strikes Amazon, Google, Microsoft about who bears burden for cloud security

By Byron V. Acohido

Amazon and Google last week very quietly made some moves that signal they’ve been hit by the identical epiphany: they each need to do a helluva lot more to secure cloud computing.

Microsoft was hit by this lightning bolt about a year ago. The Redmond giant all through 2017 took pronounced steps to relieve users of their cloud services of at least some of the responsibility to repel malicious attacks.

Related podcast: Is ‘homomorphic encryption’ the Holy Grail of cloud security?

Current versions of  Office 365 and Windows Defender Advanced Threat Protection have been equipped with new threat intelligence and malware hunting tools, and the security features of Azure Security Center has been similarly beefed up.

Me-too bandwagon

Last week both Amazon and Google climbed on the we-need-to-bake-in-cloud-security-band-wagon.  Amazon did so, fittingly, by going shopping. Its Amazon Web Services division  acquired Sqrrl, a Cambridge, Mass.-based threat detection technology start-up, with an NSA pedigree. That acquisition pairs nicely with AWS’s earlier buyout of Harvest.ai, a security startup that uses machine learning to ferret out anomalous behavior in cloud storage databases .

Meanwhile, it was easy to miss Google’s me-too move last week. That’s because it was made by the search giant’s freshly-minted parent company, Alphabet, which very quietly launched an independent business, dubbed Chronicle. According to Chronicle CEO Stephen Gillett, the service will feature a new cybersecurity intelligence and analytics platform intended to “help enterprises better manage and understand their own security-related data.” Chronicle also leverages VirusTotal, the malware intelligence service Google acquired in 2012.


“The announcements today by Amazon Web Services and Alphabet/Google are encouraging and demonstrate that more and more, cyber security is at the forefront of corporate agendas,” observes Terry Ray, CTO at Imperva. “Both of these technologies will likely serve as analytic platforms for threat detection, which isn’t necessarily a new idea, though I’m sure they’ll have their differentiators.” …more

NEWS WRAP-UP: Dutch spies corroborate Russia’s meddling in U.S. election — and 19 EU nations

By Byron V. Acohido

Week ending Feb. 2, 2018. Even more substantive corroborating evidence of Russia’s proactive interference in the 2016 U.S. presidential election comes from the Netherlands. European news reports detail how a Dutch intelligence agency secretly hacked into the Kremlin’s most notorious hacking group, Cozy Bear, and tracked Cozy Bear’s election tampering activities.

Dutch spies passed all of this information along to the CIA and NSA, including details of Russia hacking into the Democratic National Committee and other evidence the presumably is contributing to the ongoing FBI investigation, led by Special Counsel Robert Mueller.

What’s more the Dutch agency passed along evidence of Russian attacks targeting elections in at least 19 European nations. Perhaps, Mueller will draw a line the sand that puts a stop to Russian hackers operating with impunity in the U.S., and elsewhere.

Disastrous cloud hack scenarios

Lloyds of London has put out some research that demonstrates just how vulnerable cloud computing really is.  The insurance underwriting behemoth has constructed what it’s calling a “plausible scenario” of how a cyber attack could cause a catastrophic three-day cloud outage. …more

GUEST ESSAY: How children using illegal streaming devices get targeted by malicious actors

By Tom Galvin

It is good to see pressure from advertisers  prompting a tech titan to clean up its digital neighborhood.

I refer to steps being taken recently by Alphabet,  the parent conglomerate of Google and YouTube. Alphabet announced a new plan to keep ads from premium brands off YouTube pages with videos pushing dangerous, illegal, and/or illicit behavior.

Related article: Lawsuits allege ‘kid spying’

It remains to be seen how effective these measures will prove to be.  Threat actors are not easily discouraged. In fact, they will certainly look for other money-making ventures in the digital space. These criminals will likely target poorly policed, yet highly popular, devices offering content that is easy to compromise.

Entertainment bait

There is no bait quite like content – movies, music, and games – to lure consumers into digital traps. Increasingly, people are buying devices just for the purpose of getting programming they need to watch and play what they want.

At the Digital Citizens Alliance, our research team has worked with top researchers at cybersecurity companies and advertising watchdogs to find how cybercriminals make millions by pushing both advertising and malware through illegal and illicit movie sites.

Make no mistake, pirated movies are big business – an attractive opportunity for criminals looking for easy money, vulnerable targets (often teens and children), and little threat of police action. …more

MY TAKE: What ace-in-the-hole does Devon Nunes have that McCarthy would have loved?

By Byron V. Acohido

When Russian botnet controllers deployed their bots on yet another social media blitz last week, they participated in a campaign that took a page from Sen. Joseph McCarthy’s play book,

On Feb. 9, 1950, at the height of the Cold War, McCarthy infamously brandished a list of what he claimed were 57 subversive communists who had infiltrated the heart of the U.S. government. It was baseless propaganda, of course. McCarthy never made contents of his list public.

Fast forward to January 2018. Rep. Devon Nunes (R-Calif.) comes up with a  top secret memo purporting to show how the FBI was being manipulated to persecute Donald Trump. On cue, Russian botnets unleashed the #Releasethememo campaign, spoofing a supposed grass roots call to make the contents of Nunes’ memo public.

Machiavellian move

McCarthy, of course, didn’t want the contents of his list revealed. Seems clear to me that neither Nunes, nor the Russian botnet operators, really wanted the text of  his memo made public either.  The botnet-driven social media blitz, I believe, was a Machiavellian attempt to add validity to the secret memo — by intimating a cover-up. …more

NEWS WRAP-UP: Russian bots conduct social media blitz to discredit Trump-Russia probe

By Byron V. Acohido

Week ending Jan. 26, 2017. The use of Russian bots and trolls in social media  propaganda blitzes continues. Counter terrorism expert Malcolm Nance minced no words in lambasting the latest deployment of Russian botnets to influence American politics.

Related article: Trump is top bait used in spam campaigns

Nance appeared on the Stephanie Miller radio show to decry as ‘treasonous’ the bold move by House Republicans to spread word of — but no details from —  a top secret memo purportedly discrediting the FBI’s Trump-Russia investigation.


This move was accompanied by the unleashing of Russian bots and trolls to hype the #Releasethememo campaign on Twitter and other social media platform. This appeared to be an attempt to add validity to the memo in question — by suggesting a cover-up.

Lest we forget, Russian botnets fueled wildly conflicting polling results during the 2016 presidential race, and fabricated 6.1 million Twitter followers for then-candidate Trump. This week’s blitz represents another level of finesse.

Insurance halo effect

Here’s more evidence that the insurance industry is aggressively seeking to nurture the anticipated $20 billion-plus market for cyber liability insurance policies. Insurance carriers and underwriters need to figure out how to triangulate complex cyber risks —  not as easy as setting actuarial tables for fires or earthquakes. …more