Recovering from SolarWinds: Three Cybersecurity Priorities for the Biden Administration
Since January 20th, the Biden administration has been focused above all else on tackling Covid-19 and passing a landmark economic relief bill. This is unsurprising. In the context of a global pandemic, with an urgent vaccine rollout taking place, the US government must prioritise tackling Covid-19 and its economic consequences. However, President Biden has a raft of additional problems waiting at his doorstep. In particular, the US faces a two-pronged cybersecurity crisis: the impact of a vast cybersecurity breach known as the SolarWinds attack that was likely perpetrated by Russian intelligence, coupled with the fallout from Trump’s ‘legacy of cyber confusion’. This leaves Biden with three tasks. First, he must deal with the immediate consequences of SolarWinds: identifying what data has been compromised and doing everything possible to patch exploited systems. Next, he must hold Russia accountable …
How Much Does a Cyber Weapon Cost? Nobody Knows
Can a non-state actor take down critical infrastructure with a cyberattack? If it is not possible today, will it be possible in the future? Experts disagree about the capabilities of non-state actors in cyberspace, let alone agree on their future capability. There is debate within cybersecurity community and academia whether cyber weapons are getting cheaper and thus within the reach of the self-proclaimed Islamic State or other non-state groups. Although there is some general consensus that offensive cyber operations will be less expensive in the future, there is very little understanding of what influences the costs of a cyber weapon. Making sense of the inputs and defensive environment that drive the cost of a cyber weapon is essential to understanding what actors—whether state, non-state, or criminal—will …
When Naming Cyber Threat Actors Does More Harm Than Good
Cybersecurity firms, despite their increasing prominence in light of greater media attention at Russian and Chinese cyber operations, are often criticized for their biases when identifying advanced persistent threat actors (APT). Two critiques are most-often heard. Security researcher Jeffrey Carr accurately put his finger on one of the sore spots: How is it that our largest infosec companies fail to discover APT threat groups from Western nations (w/ @kaspersky as the exception)? — Jeffrey Carr (@jeffreycarr) 4 August 2016 A second issue frequently mentioned is that threat intelligence firms have an incentive to exaggerate the cyber threat. If a firm is able to discover a highly advanced threat, it must mean that it has advanced detection capabilities and you should …