• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

InfoSec News

  • Home
  • Subscribe to InfoSec News
  • Contact Us
  • Advertising
  • Privacy
  • About

Cyberthreat

Unclassified and Secure

April 12, 2020 By William Knowles

InfoSec News

By William Knowles @c4i
Senior Editor
InfoSec News
April 12, 2020

A new report from the RAND Corporation, by Daniel Gonzales, Sarah Harting, Mary Kate Adgie, Julia Brackup, Lindsey Polley, and Karlyn D. Stanley

The defense industrial base (DIB) is under attack. Foreign actors are stealing large amounts of sensitive data, trade secrets, and intellectual property every day from DIB firms — contributing to the erosion of the DIB and potentially harming U.S. military capabilities and future U.S. military operations. The U.S. Department of Defense (DoD) has taken steps to better secure systems against cyber threats, but most protections in place focus on classified networks, while unclassified networks have become an attractive entrance for adversaries seeking access to cutting-edge technologies and research and development efforts. To address this problem, DoD has increased regulations and introduced new security controls, but the current approach may be insufficient.

This report offers DoD a way ahead to better secure unclassified networks housing defense information — through the establishment and implementation of a cybersecurity program designed to strengthen the protections of these networks. The program offers a means for DoD to better monitor the real-time health of the DIB and ensure that protections are in place to prevent the disclosure of sensitive corporate information from DIB firms or sensitive supply chain information across the DIB. The program also includes a means to offer qualified small DIB firms access to cybersecurity tools for use on unclassified networks, for free or at a discounted rate, to ensure that affordable protections are accessible to all DIB firms. Advanced persistent threats and sophisticated cyber attacks will not stop, but this program can help build stronger defenses, develop more-coordinated responses, and help maintain the technological superiority of U.S. military forces.

Key Findings
DoD’s current approach to defending DIB firms against cyber attacks is inadequate

  • The cybersecurity architectures of small DIB firms are likely to be deficient in several key areas: user authentication, network defenses, vulnerability scanning, software patching, and security information and event management, or cyber attack response.
  • Current DoD cybersecurity requirements are unaffordable for many small and some medium-sized DIB firms.
  • DoD’s voluntary cyber threat sharing service is not available to many DIB firms.
  • New cybersecurity tools can significantly strengthen the cyber defenses of DIB firms, but most small DIB firms cannot afford them

Recommendations

  • DoD should establish a DIB Cyber Protection Program (DCP2) to improve the monitoring and real-time health of the DIB, improve cybersecurity for firms that cannot afford the needed CSTs and professional staff, and offer data and legal protections to DIB firms.
  • The DCP2 would be a voluntary program under which DoD would provide CSTs to DIB firms either free of charge or at significantly reduced licensing costs. In turn, the DIB firms would agree to provide sanitized data produced by the CSTs to a security operations center (SOC) — either one run by DoD or a trusted third-party SOC — devoted exclusively to defending the DIB.
  • The DIB SOC or commercial SOC would provide dynamic intelligence, security alerts, and recommended actions to DIB firms to identify and remediate advanced persistent threat incursions and to prevent the exfiltration of important information from the unclassified network of the DIB firm.
  • The DCP2 would enable real-time threat intelligence to be collected and synthesized across the DIB in ways currently not possible, while respecting the confidentiality and proprietary nature of DIB contractor supply chains.

Download the ebook for free here, or buy the paperback when its available from Amazon on May 15, 2020.

 

Filed Under: News, Research Tagged With: China, CISA, CMMC, Crowdstrike, Cyber, Cyber Security, CyberCyberCyber, Cybersecurity, Cybersecurity Budget, Cyberthreat, Cylance, DC3, DCP2, Defense Industrial Base, Department of Defense, DIB, DIB Cyber Protection Program, DLP, DoD, Falcon, FedRAMP, Fidelis, FireEye, Forcepoint, Hacker, Hackers, Hacking, Helix, InfoSec, InfoSecNews, Military Operations, NIPRNet, NIST800-171, NSA, RAND, Russia, Security Controls, Sensitive Data, SOC, Supply Chain Managment, Trade Secrets, Unclassified, USCYBERCOM, Vendors

Navy Information Warfare

October 29, 2019 By William Knowles

 

By William Knowles @c4i
Senior Editor
InfoSec News
October 29, 2019

As a ten-year regular volunteer at the USO O’Hare, there’s a sly grin on my face knowing all the U.S. Navy personnel featured in this video have visited the Terminal 2 center at least once in their careers and should make every InfoSec News reader happy these men and women are learning about information warfare, cybersecurity (both offensive and defensive) and wireless networking, among other security topics, nearly two years of college training over the span of six months.

Hat tip: Soldier Systems

Filed Under: News, Videos Tagged With: China, Cryptography, Cyberattack, CyberCyberCyber, Cybersecurity, Cyberthreat, Cyberwar, DoD, FISMA, GoNavy, Hacker, Hackers, Hacking, Information Warfare, InfoSec, InfoSecNews, Intelligence, Microsoft, Navy, NSA, OPSEC, U.S. Navy, USCYBERCOM, Youtube

CISA Statement on Iranian Cybersecurity Threats

June 24, 2019 By William Knowles

By William Knowles @c4i
Senior Editor
InfoSec News
June 24, 2019

Release Date:
June 22, 2019

WASHINGTON – In response to reports of an increase in cybersecurity threats, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs issued the following statement:

“CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe.

“Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.

“In times like these it’s important to make sure you’ve shored up your basic defenses, like using multi-factor authentication, and if you suspect an incident – take it seriously and act quickly. You can find other tips and best practices for staying safe online here.

“Anyone who has relevant information or suspects a compromise should immediately contact us at [email protected]”

Filed Under: News Tagged With: CIP, CISA, Critical Infrastructure, Cyber, Cyberattack, Cybercrime, CyberCyberCyber, Cybersecurity, Cyberthreat, Data Breach, DHS, IC, InfoSec News, InfoSecNews, Intelligence Community, Iran, Iranian, Security, Wiper

Primary Sidebar

InfoSec News Stock Ticker

Ticker Tape by TradingView

Latest Tweets from InfoSec News

Tweets by @InfoSecNews_

Popular Tags

Business Continuity CEH China Citizenfour COVID-19 COVID19 Crypto Cryptography Cyberattack Cybercrime Cyber Crime CyberCyberCyber Cybersecurity Data Breach Disaster Recovery DoD EC-Council Edward Snowden Encryption Espionage FBI FISMA Google Hacker Hackers Hacking InfoSec InfoSecNews InfoSec News Intelligence Jay Bavisi Malware Microsoft NSA OPSEC Passwords PII Ransomware Russia Security SnowdenWatch SSN USCYBERCOM Wolfking Awesomefox XSS

Upcoming Events

  1. Black Hat USA 2020

    August 1 - August 6
  2. DEF CON Safe Mode

    August 6 - August 9
  3. THOTCON 0xB

    September 11 - September 12

View All Events

RSS PacketStorm Security Advisories

  • Ubuntu Security Notice USN-4442-1
  • Gentoo Linux Security Advisory 202007-58
  • Gentoo Linux Security Advisory 202007-57
  • Gentoo Linux Security Advisory 202007-56
  • Gentoo Linux Security Advisory 202007-55
  • Gentoo Linux Security Advisory 202007-54
  • Gentoo Linux Security Advisory 202007-53
  • Gentoo Linux Security Advisory 202007-52
  • Red Hat Security Advisory 2020-3194-01
  • Red Hat Security Advisory 2020-3192-01

RSS National Vulnerability Database

  • CVE-2020-8553
  • CVE-2020-16095
  • CVE-2020-4644
  • CVE-2020-4573
  • CVE-2020-4569
  • CVE-2020-4567
  • CVE-2020-4572
  • CVE-2020-4645
  • CVE-2020-4574
  • CVE-2020-4463

Archives

  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • October 2019
  • September 2019
  • August 2019
  • June 2019
  • April 2019
  • March 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • July 2018

Copyright © 2020 · News Pro on Genesis Framework · WordPress · Log in