From the Spring 2018 Issue

NotPetya Holds Up a Stop Sign for FedEx

Author(s):

Barbara Bouldin, Director of Technologies Research, SJ Technologies

notpetya-feature-image

What Happened On June 27, 2017 the NotPetya malware hit the Ukraine, targeting Kyivenergo, an electric power supplier to Kiev. NotPetya went on to hit a shipping company, Maersk, a pharmaceutical company, Merck, and a delivery and distribution company, TNT Express, a subsidiary of FedEx. Employees in the TNT Express offices faced displays of a … Read more

From the Winter 2018 Issue

UNISQUATTING IDN HOMOGRAPH ATTACKS

Author(s):

Danny Gershman, Vice President, Security Operations, F9 Teams, Inc.

Unisquatting (a portmanteau for Unicode cybersquatting) or the Internationalized Domain Name (IDN) homograph attack is a fairly new type of mechanism that builds on several other types of Domain Name System (DNS) address attacks. The typosquat (Uniform Resource Locator (URL) hijacking) attack relies on being able to register a domain name very closely resembling another … Read more

From the Spring 2017 Issue

Tactical, Operational, and Strategic Cyber Attribution: What are they and what does future U.S. policy need to change.

Author(s):

Matthew C. Kurnava, MA Homeland Security/Cybersecurity,

The Growth of Cyber Attacks  Cyber-attacks are growing in frequency and sophistication. The numbers are staggering. The “AT&T Cybersecurity Insights Report” noted a 62% increase in DDoS attacks and a 458% increase in malicious actors attempting to find Internet of Things (IoT) vulnerabilities.1 Dell reported an increase in malware attacks to 8.19 billion with a … Read more

From the Spring 2017 Issue

WHAT’S THE WEATHER? Enhancing Cybersecurity with External Intelligence

Author(s):

Jeff Troy, Executive Director, Aviation ISAC

When I first learned to drive, the instructor explained the importance of using peripheral vision to look for danger while driving down the road. Similarly, my father taught me to check the gauges, make sure there was sufficient air in the tires and to have the brakes inspected. He made it clear that I needed … Read more

From the Spring 2017 Issue

The Differences Between Data, Information, and Intelligence

Author(s):

A.J. Nash, Vice President of Intelligence, ZeroFOX

Perhaps the most difficult part of the transition from public to private sector for cyber professionals coming out of the US intelligence community (IC) is one of language. Conversations regularly take place in industry settings where the first challenge is ensuring that everyone is speaking the same language. In the IC there are a few … Read more

From the Winter 2017 Issue

Combating Malicious DarkNet Actors with Cyber HUMNIT The DarkNet – Why It Matters to Everyone

Author(s):

Ed Alcantara, Chief Cyber Intelligence Officer, BLACKOPS Cyber

The DarkNet – Why It Matters to Everyone  Think of the Internet as an iceberg. The Internet we use every day represents only 4% of the total Internet. The visible part is indexed and searchable by major search engines like Google and Bing. Lurking below the surface is the remaining part of the Internet called … Read more

From the Winter 2017 Issue

Asymmetrical Hybrid Warfare The Most Significant World Event of This Century Cybersecurity: Why We Can’t Get It Right As Attacks, Breaches and Massive Theft Worsen

Author(s):

Anthony M. Chapa, Assistant Director and Chief Technology Officer, retired, United States Secret Service

Eric L. Qualkenbush, Director, Office of Central Cover; Director, Training and Education, retired, Central Intelligence Agency

T. Casey Fleming, Chairman and CEO, BLACKOPS Partners Corporation

The U.S. is Losing the Cybersecurity Battle  Cybersecurity is the most important and least understood agenda item for senior leadership and staff in every sector – business, government, the military, and academia. While we continually increase spending on failed cybersecurity strategies, the United States continues to lose the battle by a wider margin each year … Read more

From the Winter 2017 Issue

Attributing Cyber Attacks: The Way Ahead

Author(s):

Matthew C. Kurnava, MA Homeland Security/Cybersecurity,

An Election Hacked? Much attention has been paid to U.S. intelligence community (IC) reports attributing cyber-attacks against the Democratic National Committee (DNC) and the Republican National Committee (RNC) to a foreign government. The reports state that the Russian government stole information from DNC email accounts in order to influence the U.S. presidential election.1 Despite the … Read more