Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

My Take

 

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

By Byron V. Acohido

I have a Yahoo email account, I’ve shopped at Home Depot and Target, my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management, I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco.

Related: Uber hack shows DevOps risk

The common demonitor: All of those organizations have now disclosed massive data breaches over a span of the past five years.

On Friday, Starwood Properties, which merged with Marriott in 2016, disclosed as many as 500 million people who made reservations at their hotels may have had their personal information accessed in a breach that lasted as long as four years.

The Starwood hack appears to come in second in scale only to the 2013 Yahoo breach, which affected as many as 3 billion accounts, while a subsequent Yahoo breach also hit 500 million accounts.

The breach is rightly attracting attention of regulators in Europe and the United States. Marriott shares fell nearly 6 percent to $114.67 in Friday afternoon trading. Here’s a roundup of reaction from cybersecurity thought leaders: …more

MY TAKE: Why security innovations paving the way for driverless cars will make IoT much safer

By Byron V. Acohido

Intelligent computing systems have been insinuating themselves into our homes and public gathering places for a while now.

But smart homes, smart workplaces and smart shopping malls are just the warm-up act. Get ready for smart ground transportation.

Related: Michigan’s Cyber Range hubs help narrow talent gap

Driverless autos, trucks and military transport vehicles are on a fast track for wide deployment in the next five years. The good news is that there is some very deep, behind-the-scenes research and development work being done to make driverless vehicles safe and secure enough for public acceptance.

I’m encouraged that this work should produce a halo effect on other smart systems, ultimately making less-critical Internet of Things systems much more secure, as well.

These sentiments settled in upon returning from my recent visit to Detroit, Ann Arbor and Grand Rapids. I was part of a group of journalists escorted on a tour of cybersecurity programs and facilities hosted by the Michigan Economic Development Corp., aka the MEDC.

One of our stops was at a freshly-erected skunk works for auto software research set up in a low-slung warehouse – previously a country western bar – in rural Sparta, on the outskirts of Grand Rapids. The warehouse today is home to Grimm, an Arlington, VA – based cyber research firm that specializes in embedded systems security, and whose claim to fame is doing proprietary projects for U.S. military and intelligence agencies.

Deep testing

Grimm received a $216,000 MEDC grant to set up shop in Sparta and direct its expertise towards discovering security flaws in autonomous vehicle systems under development by Detroit’s big car makers. …more

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

By Byron V. Acohido

Michigan is known as the Wolverine State in deference to the ornery quadruped that roams its wild country.

However, after a recent visit to Detroit, Ann Arbor and Grand Rapids as a guest of the Michigan Economic Development Corp., or MEDC, I’m prepared to rechristen Michigan the Cybersecurity Best Practices State.

Related: Michigan moves to close the cybersecurity skills gap. 

This new nickname may not roll off the tongue. But it does fit like a glove. (Michigan’s other nickname, by the way, is the Mitten State, referring to the shape of the larger of its two main peninsulas.)

Cobo Center

I was recently privileged to be part of a group of journalists covering the 2018 North American International Cyber Summit at Detroit’s Cobo Convention Center. My reporting trip included meetings with Michigan-based cybersecurity vendors pursuing leading-edge innovations, as well as a tour of a number of thriving public-private cybersecurity incubator and training programs.

It was the latter that jumped out at me. In an age when cybersecurity intelligence sharing and collaboration is in dire need — but all too short supply —  Michigan has quietly and methodically, stood up some well-thought-out programs that could – if not should – be a model for other states to follow.

I had the chance to meet briefly with two-term Gov. Rick Snyder, who is about to leave office and can point to significant strides Michigan has made ‘reinventing’ its economy under his watch. What’s noteworthy, from my perspective, is that Snyder had the foresight to make cybersecurity readiness a key component of his reinvent Michigan strategy, from day one.

Getting proactive

Snyder says his experience as head of Gateway Computers and as an investor in tech security startups, prior to entering politics, gave him an awareness of why putting Michigan ahead of the curve, dealing with cyber threats, would be vital. …more

NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

By Byron V. Acohido

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings.

Related: Why a ‘zero-trust’ approach to security is necessary

One recent validation comes from two long established, and much larger cybersecurity vendors – Check Point and Palo Alto Networks – that have recently begun integrating Silverfort’s innovative MFA solution into their respective malware detection and intrusion prevention systems.

Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200, the elite cybersecurity arm of the Israeli military.

The co-founders took heed of the limitations companies faced in deploying MFA to protect sensitive systems without unduly hindering productivity. They recognized that rising complexities as business networks underwent digital transformation made MFA cumbersome, and sometimes even impossible, to deploy. …more

MY TAKE: Cyber attacks on industrial controls, operational technology have only just begun

By Byron V. Acohido

“May you live in interesting times.” The old Chinese proverb–some consider it a blessing and others a curse–certainly describes the modern-day cyber landscape.

Related: 7 attacks that put us at the brink of cyber war

In today’s geopolitical terrain, nation-state backed cyber criminals are widening their targets and starting to zero in on their adversaries’ business and industrial sectors, using more and more sophisticated weaponry to do so.

With the bulls-eye on a country’s financial Achilles heel, state-sponsored attackers are sowing chaos, disruption and fear. And the risks are multiplying as more digital devices become connected in insufficiently secured environments.

Monitoring and management of many existing industrial control systems’ (ICS) embedded devices, like pumps, valves and turbines, are ancient in technological terms. And until recently, security surrounding operational technology (OT) – the networks that run production operations – have been siloed, or air-gapped, from information technology (IT) operations, which work in the corporate space. Isolating OT operations from public networks like the internet had once been considered best practice.

Dismantling the silos

But Gartner and others now recommend merging OT and IT security. Convergence of the two in the industrial internet of things (IIoT) makes for better communication and access to online data and processes, but it also flings the door wide open for nefarious activity by cyber criminals. Espionage scenarios that once were the basis of movies and novels now have become real-life exploits.

I talked to Phil Neray, vice president of industrial security at CyberX, a company founded in 2013 that operates a platform for real-time security of the industrial internet.

Read on to learn what Neray has to say about industrial security, then hear a more in-depth discussion on the subject on the accompanying podcast:

As organizations digitize their operations and add more sensors and other devices to the production environment, …more

MY TAKE: The many ways social media is leveraged to spread malware, manipulate elections

By Byron V. Acohido

Remember how we communicated and formed our world views before Facebook, Twitter, Instagram, Reddit, CNN and Fox News?

We met for lunch, spoke on the phone and wrote letters. We got informed, factually, by trusted, honorable sources. Remember Walter Cronkite?

Today we’re bombarded by cable news and social media. And Uncle Walt has been replaced by our ‘friend circles.’

This is well-understood by those with malicious intent and hacking capabilities. And this is why they’ve adopted social media as the go-to platform for spreading malware and propaganda.

Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks, has been studying this development closely. I spoke with Hahad at Black Hat USA 2018. Give a listen to our full conversation on the accompanying podcast. Here are a few takeaways:

Faked social media

It’s human nature to trust people a little more who are in your circle of friends. We’re wired to relax our judgment and click more quickly on items sent by someone we’re familiar with, be it an image, a document, a video clip or a webpage link.

It goes further than that, Hahad argues. He contends that a lot of us tend to more quickly believe the information shared by our circle of friends, and that we often fail to verify and think critically. And this is exactly what Hahad and his team of security analysts observed during the 2016 elections.

“The most publicly visible aspect is swaying voter opinion on certain questions,” he explains. “That has been happening through the fake accounts we know of, through a lot of the fake websites that have been specifically put up to promote certain views, and some of that was to mostly sway discourse.”

The second aspect was less publicized, but it is a technique regularly used in the past to compromise users and businesses. The bad actors went phishing to gain access to candidates’ inner circles, …more

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

By Byron V. Acohido

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies.

Related: How DevOps enabled the hacking of Uber

DevOps is a process designed to foster intensive collaboration between software developers and the IT operations team, two disciplines that traditionally have functioned as isolated silos with the technology department.

It’s rise in popularity has helped drive a new trend for start-ups to go “Cloud Native,” erecting their entire infrastructure, from the ground up, leveraging cloud services like Amazon Web Services, Microsoft Azure and Google Cloud.

Security burden

Though DevOps-centric organizations can gain altitude quickly, they also tend to generate fresh security vulnerabilities at a rapid clip, as well. Poor configuration of cloud services can translate into gaping vulnerabilities—and low hanging fruit for hackers, the recent Tesla hack being a prime example. In that caper,  a core API was left open allowing them to exploit it and begin using Tesla’s servers to mine cryptocurrency. Rising API exposures are another big security concern, by the way.

Because Amazon, Microsoft and Google provide cloud resources under a “shared responsibility” security model, a large burden rests with the user to be aware of, and mitigate latent security weaknesses.

In fact, it’s much more accurate for organizations tapping into cloud services and utilizing DevOps to think of cloud security as a functioning under …more