Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Book Excerpts


SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

By Byron V. Acohido

It’s difficult to convey the scope and scale of cyber attacks that take place on a daily basis, much less connect the dots between them.

Related: The Golden Age of cyber spying

A new book by Dr. Chase Cunningham —  Cyber Warfare – Truth, Tactics, and Strategies —   accomplishes this in a compelling, accessible way. Cunningham has the boots-on-the-ground experience and storytelling chops to pull this off. As a  cybersecurity principal analyst at Forrester,  he advises enterprise clients on how to stay in front of the latest iterations of cyber attacks coming at them from all quarters.

Cunningham’s 19 years as a US Navy chief spent in cyber forensic and cyber analytic operations included manning security controls at the NSA, CIA and FBI. He holds a PhD and MS in computer science from Colorado Technical University and a BS from American Military University focused on counter-terrorism operations in cyberspace.

Cunningham sets the table in Cyber Warfare by relating detailed anecdotes that together paint the bigger picture. Learning about how hackers were able to intercept drone feed video from CIA observation drones during the war in Iraq, for instance, tells us a lot about how tenuous sophisticated surveillance technology really can be, out in the Internet wild.

And Cunningham delves into some fascinating, informative nuance about industrial systems attacks in the wake of Stuxnet. He also adds historical and forward-looking context to the theft and criminal deployment of the Eternal Blue hacking tools, which were stolen from the NSA, and which have been used to cause so much havoc, vis-à-vis WannaCry and NotPetya. What’s more, he comprehensively lays out why ransomware and deep fake campaigns are likely to endure, posing a big threat to organizations in all sectors for the foreseeable future.

BOOK REVIEW: ‘Security Yearbook’ preserves cybersecurity history — highlights tectonic shift

By Byron V. Acohido

Along with Richard Stiennon, I belong to a small circle of journalists and tech industry analysts who’ve been paying close attention to cybersecurity since Bill Gates curtailed commercial work on Windows to rivet Microsoft’s attention on defending its software code.

Related: The role of PKI is securing digital transformation

That was in 2002. Back then, email spam was a nuisance evolving into a potent attack vector, and the top malware innovators were script kiddies seeking bragging rights.  Much has changed; much has remained the same.

Cybersecurity, which started with antivirus suites, spam filters and firewalls, has mushroomed into a $103 billion industry. Companies today spent vast amounts on incredibly sophisticated defenses, such as next-gen firewalls, EDR, DLP and IDS technologies that generate oceans of threat feeds pouring into artificially intelligent  SIEMs, UEBAs and other analytics platforms.

Yet, catastrophic breaches persist. And that’s why Stiennon and I are among the 45,000 or so attendees of RSA Conference 2020 here at San Franscisco’s Moscone Center. This is my 16th RSA.

I recently had a chance to have a rich discussion about the state of cybersecurity with Stiennon, the occasion being him sending me a copy of his new book: Security Yearbook 2020: A History and Directory of the IT Security Industry. Here are takeaways from our discussion:

Preserving history

Steinnon told me he got inspired to write Security Yearbook one year ago at RSA 2019, as he sat in a booth signing copies of previous book, Secure Cloud Transformation. A lot of folks came up to him and told him they were new to the industry and had been sent to RSA to learn it.

Then as he wandered the exhibits floors, Stiennon ran into startup after startup pitching their great new cybersecurity  innovation. “There were all these great ideas that were going to change the world, but it looked just like stuff that came … more

GUEST ESSAY: Strategic tactics are key to a robust Cloud Security Posture Management regime

By Yuri Diogenes and Dr. Erdal Ozkaya

A cyber strategy is a documented approach to handling various aspects of cyberspace. It is mostly developed to address the cybersecurity needs of an entity by focusing on how data, networks, technical systems, and people are protected. An effective cyber strategy is normally on par with the cybersecurity risk exposure of an entity. It covers all possible attack landscapes that can be targeted by malicious parties.

Editor’s note: This is an excerpt from  Cybersecurity – Attack and Defense Strategies, Second Edition, a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape.

Cybersecurity is the focal point of most cyber strategies because cyber threats are continuously becoming more advanced as more sophisticated exploit tools and techniques become available to threat actors. Due to these threats, organizations are advised to develop cyber strategies that ensure the protection of their cyber infrastructure from these various threats.

In this article, we introduce how you can build effective cyber defense strategies. Please note, the steps given are meant to help you formulate your own cyber defense strategy and can be customized according to your need.

Understand the Business

The more you know about your business, the better you can secure it. It’s really important to know the Goals of your organization, Objectives, the People you work with, the Industry, the current Trends, your Business risks, how to Risk appetite and tolerance the risks, as well your Most valuable assets. Everything we do must be a reflection of the business requirements which is approved by the senior leadership, as it has been manded also in ISO 27001.

GUEST ESSAY: The true cost of complacency, when it comes to protecting data, content

By John Safa

Facebook was lucky when the Information Commissioner’s Office (ICO)—the UK’s independent authority set up to uphold information rights in the public interest—hit the U.S. social media company with a £500,000 fine.

Related: Zuckerberg’s mea culpa rings hollow

This penalty was in connection with Facebook harvesting user data, over the course of seven years — between 2007 and 2014. This user data became part of the now infamous Cambridge Analytica scandal.

Facebook was very lucky, indeed, that its misdeeds happened before May 25, 2018. On that date, the EU General Data Protection Regulation (GDPR) came into force.

If its violation had happened after that, the fine could have been up to £17 million or 4 percent of global turnover. Yet, even with the prospect of stupendously steep fines hanging over the heads, insecure enterprises still don’t grasp the true cost of data privacy complacency.

According to research by one law firm, pre-GDPR regulatory fines had almost doubled, on average, between 2017 and 2018, up from £73,191 to £146,412. Those figures pale when stacked against the potential bottom line impact that now exists.

MY TAKE: Once upon a time, circa 2003-2004, botnets emerged as the engine of cybercrime

By Byron V. Acohido

Betty Carty figured she ought to be in the digital fast lane.

Last Christmas, Carty purchased a Dell desktop computer, then signed up for a Comcast high-speed Internet connection. But her new Windows XP machine crashed frequently and would only plod across the Internet.

(Editor’s note: This 2,200 word article was originally published, Sept. 8, 2004,  in print form as a USA TODAY Money section cover story, part of one of a three part series on the emergence of botnets for systemic criminal use. Botnets are today much larger, stealthier and more sophisticated. They actually pivot off cloud-based services — and they continue to be the engine that drives most forms of Internet-centric hacking.)

Dell was no help. The PC maker insisted — correctly — that Carty’s hardware worked fine.

But in June, Comcast curtailed Carty’s outbound e-mail privileges after pinpointing her PC as a major source of e-mail spam. An intruder had turned Carty’s PC into a “zombie,” spreading as many as 70,000 pieces of e-mail spam a day.

Related article: The care and feeding of botnets in 2017

The soft-spoken Carty, 54, a grandmother of three from southern New Jersey, was flabbergasted. “Someone had broken into my computer,” she says.

Since early 2003, wave after wave of infectious programs have begun to saturate the Internet, causing the number of PCs hijacked by hackers and turned into so-called zombies to soar into the millions — mostly in homes like Carty’s, at small businesses and on college campuses. And, much like zombies of voodoo legend, they mindlessly do the bidding of their masters and help commit crimes online.

Personal computers have never been more powerful — and dangerous. Just as millions of Americans are buying new PCs and signing up for ultrafast Internet connections, cybercrooks are stepping up schemes to take control of their machines — and most consumers don’t have a clue.

“We thought things were bad in … more

VIDEO: Can Shape Security revolutionize Web defense?

By Byron V. Acohido

Shape Security. Remember that name. The Silicon Valley start-up emerged from stealth mode this morning to publicly unveil details of its plan to revolutionize cybersecurity.

If Shape can deliver, its technology could radically disrupt the engine that drives cybercrime: botnets.

Related video: Shape Security creates first “botwall’

A botnet is a sprawling network of thousands of infected PCs or Web servers, referred to as bots. The top dozen or so cybercriminal rings command massive botnets honed to automate and scale up the delivery of spam scams, the carrying out of denial-of-service attacks, the booby-trapping of legit websites and the hijacking of online financial accounts.

Botnets can’t be stopped largely because the bad guys have mastered a technique, called polymorphism, by which they continually tweak the underlying malicious code to stay a step ahead of the latest security updates.

Shape’s co-founders came up with the notion of using polymorphism against the bad guys. Shape’s technology doesn’t bother trying to detect botnet activity. Instead, it continually scrambles the exchange of information taking place between a Web server and a Web site visitor, be it a legit user or a malicious bot.

Gartner banking security analyst Avivah Litan credits Shape for breaking new ground. “You’ve got to hand it to them, they did something revolutionary, and you don’t see revolutionary technology very often,” Litan says. “No one ever comes up with new ideas in security. It’s always variations of old ideas and incremental changes.”

Shape has attracted cream-of-the-crop brainpower. Co-founder and CTO Justin Call, principal inventor, helped create the network security tools at security vendor Oakley Networks, which defense giant Raytheon acquired in 2007.

Co-founder and products vice-president Sumit Agarwal was the product chief at Google who helped port Google maps to the Android mobile device platform, and build AdWords into a $6 billion business.

And strategy vice president Shuman Ghosemajumder led development at Google of the systems the search giant uses to … more

The Internet’s 40th anniversary timeline of milestones

The Associated Press and Symantec have each compiled timelines to mark the 40th anniversary of the creation of the Internet. The compilation below begins with LastWatchdog’s description of the current threat landscape. Combined and supplementing the timelines reveal how a military grade experiment, designed with an open architecture that preserves s anonymity, evolved into a global force, embraced with equal fervor by corporations, braggarts and criminals.

Summer of 2009: Bad URLs swamp the Internet. Through the first half of 2009, IBM’s X-Force team tracks a 508% leap in the number of new malicious Web links versus the first half of 2008. Most bad links function as relays to other Web pages set up to quickly embed a wormhole (referred to as a Trojan downloader) to the hard drive of the visitor’s PC. The attacker then uses this wormhole to install code that groups the PC with thousands of other infected machines in a botnet. The attacker is then able to lease out the botnet to other criminals who need computing power to deliver spam, steal data, spread promos for fake antivirus subscriptions and hijack online banking accounts. Bad links are moot, of course, if no one clicks on them. So the Internet has become swamped with ploys to steer people to bad links. They turn up in search query results and in e-mail spam. And bad links are surging through messages and postings on popular social networks. Source: LastWatchdog

2009: The Koobface worm steals logons and contact lists from users of Facebook, MySpace, Twitter, YouTube, Friendster, Bebo and Hi5.  It delivers bad links in messages and microblogs that appear to come from trusted acquaintances.  Source: LastWatchdog

2009: The Seattle Post-Intelligencer becomes the first major daily newspaper to move entirely online. Google announces development of a free computer operating system designed for a user experience that primarily takes place on the Web. Source: AP

2009: Twitter emerges as the fastest … more