• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Google fined $314M for misusing idle Android users' data

 | 

A flaw in Catwatchful spyware exposed logins of +62,000 users

 | 

China-linked group Houken hit French organizations using zero-days

 | 

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

 | 

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

 | 

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

 | 

Cisco removed the backdoor account from its Unified Communications Manager

 | 

U.S. Sanctions Russia's Aeza Group for aiding crooks with bulletproof hosting

 | 

Qantas confirms customer data breach amid Scattered Spider attacks

 | 

CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025

 | 

U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Security
  • Time for a Cybersecurity Overhaul

Time for a Cybersecurity Overhaul

Pierluigi Paganini January 29, 2014

A post on cybersecurity written by Larry Karisny, director of ProjectSafety.org,a cybersecurity expert,advisor,consultant, writer and industry speaker.

Most of the recent attention on cybersecurity has been directed toward the disclosure of NSA activities and recent corporate breaches now reaching record-breaking levels. Both the public and private sectors are beginning to witness how devastating cyber breaches can be in critical infrastructure, intellectual property, wealth and even state secrets. These attacks are so big that monetary estimates range from $100 billion to $3 trillion, and the extent of  some attacks are still unknown. What is known is that the whole world has had enough, and cybersecurity needs to start living up to its name: security.
How Bad is It?
The infograph World’s Biggest Data Breaches gives a sense of the extent of these breaches using information from DataBreaches.net and IdTheftCentre. It summarizes breaches that exceed 50,000 files by year, number and type.  In a recent interview on the CBS program 60 Minutes, National Security Agency (NSA) director Gen. Keith Alexander admitted that “a foreign national could impact and destroy a major portion of our financial system” by placing a virus in our computer systems “and literally take down the U.S. economy.”  The message is clear that things aren’t working properly, and those of us in the industry knew they weren’t working. With a new focus, it might be time to pursue solid security solutions.

While the press has been focused on the NSA collection of cell phone metadata from private U.S. citizens, the real problem is their collaboration with some of the largest cloud tech companies in the world. Forester Research reported that cloud businesses led by HP, Cisco Systems and Microsoft and managed service providers (MSPs) could lose an estimated $180 billion through 2016 in cloud products and services. These losses are directly attributed to disclosures of the NSA spying programs. The concerns were so great, top tech executives met President Barack Obama to discuss their concerns. Snoop agencies are only part of the problem, though, with reports on millions of files hacked from both the public and private sectors annually. Mistakes made by people and systems are the main causes of data breaches. Whether intentional or not, the results are the same, and the cybersecurity industry and the companies it affects seem to need a fresh look — or maybe even a cybersecurity overhaul.

Cyber Security

One of the greatest concerns is that the very industries that are already witnessing security issues are producing and releasing products and services without considering security solutions. The cloud-computing industry is vulnerable to cyber attacks, and worldwide is expected to see double-digit growth rates during the next three years, with revenues reaching $148 billion in 2014 and $207 billion by 2016, according to theInformation Technology and Innovation Foundation.

The Internet of Things (IoT) industry has forecast revenues of $8.9 trillion for 2020, and to date has no cybersecurity plan for the trillions of devices it plans to connect to the Internet. Clearly the cybersecurity and related organizations and industries needed a wake-up call, and maybe the recent NSA disclosures will actually help by putting responsible cyber solution in place.

What is Cybersecurity and is it Secure?
The definition of cybersecurity differs depending who in the industry you speak with. In general, some people think it’s protecting networks and data, and others think it is having the ability to detect breaches. There are basically two ways cybersecurity is viewed today: You authenticate and encrypt end-to-end data network transport between users and information technologies (Intrusion Prevention Systems or IPS), or you detect what has come though the data stream and try to block or discard suspicious data (Intrusion Detection System or IDS).

Both of these methodologies have faults. Take IPS, for instance. Edward Snowden had top secret clearance and authenticated encrypted access, but left with thousands of files. Typical IPS security alone can’t stop inside authenticated breaches. IDS security technologies finding things like malware, viruses and trojans at the historical stored data output level often are too late in stopping a malicious attack.

Even combined, these technologies leave intentional and unintentional exploit capabilities, which hackers have demonstrated. All these technologies are missing the ability of authenticate, view and audit multiple process actions during real-time data in motion with human and machine action applications. These vulnerabilities leave gaping holes in current cybersecurity solutions and must be addressed quickly as we continue to connect more and more applications to an already insecure Internet cloud.  Customers don’t want to spend billions of dollars for “almost security.”  Tricky back doors and “almost security” are out; real proven solutions are in.

So Who do You Trust?
These NSA revelations were really not surprising to cybersecurity professionals. The NSA purchases many of these capabilities from the private sector. But today, exploit capabilities that were normally disclosed in confidence between computer scientists and vendors are now being marketed in the open by global brokers with little concern about state sovereignty or corporate entity. While people express concerns about NSA activities, at least these activities have some form of centralization and responsibility.  Now we are faced with a form of global cyber ransom in an open market that is decentralized with varying amounts of responsibility.

This new global exploit threat means that security vendors will need to take security more seriously. In the past, the greatest threats to hardware and software vendors were hackers and security researchers who sought the positive exposure of being the ones to discover a new vulnerability. The actual exploit of published vulnerabilities was rare, and in most cases of responsible disclosure, the vendor was given time to release a patch before the vulnerability was published. Now the game has changed.  The penetrate-and-patch cybersecurity market is a short-term solution and actually demonstrates how weak current security methodologies are. Security patching will not be sustainable or trusted by customers in this now open-market free-for-all. Cybersecurity users are now demanding a new methodology.  Trust needs to be built, and the only way to validate these solutions whether offered by government or corporate entity is “show me.”

Moving Forward with Solutions
Old ways of cybersecurity are slowly eroding, and customers will no longer accept the “appearance” of security. Even standards groups such as NIST were not left unscathed from the NSA involvement while they are working with industry on new approaches through the National Cybersecurity Center of Excellence  Even U.S. government contractors with top secret clearance who were poised to have a big part in offering cybersecurity services in areas such as critical infrastructure are now coming under scrutiny, as are big name companies like Apple, Facebook, Google, Yahoo, Cisco, IBM and Oracle.

A recent merger of Mandiant and FireEye is an example of what customers want in cybersecurity.  Security experts expect strong growth in both FireEye’s cloud-based systems for detecting malicious software and Mandiant’s software that analyzes cyber attacks. This merger is a reflection that customers are now demanding higher levels of cybersecurity services and new technologies for stopping cyber attacks.

A white paper released by Decision Zone discusses one of these new security technologies and clearly demonstrates the need for a paradigm shift to truly prove to customers that cybersecurity can be achieved.  Decision Zone’s anomaly detection technology was actually built on the premise of an easy and inexpensive way to view, authenticate, audit and block process action in real-time at the application level. There is also an added nuance of now assuring the hardware and software they are using is doing what it is supposed to do. Hardware and software cloud companies and service providers will need to embrace technologies such as this if they are to regain trust in the marketplace.

Conclusion
With revenues losses already being seen by major cloud hardware providers, the global message in cybersecurity is clear: The customer still rules. “Good enough” cybersecurity technologies will not be sufficient, only “show me” will suffice. Our world is becoming ever more connected with smart technologies offering cloud-connected apps and devices in the trillions, there has never been a better time to expose the weaknesses of cybersecurity and offer solutions to these vulnerabilities. The digital future of every town, city and country depends on it.

Larry Karisny is the director of ProjectSafety.org, a cybersecurity expert, advisor, consultant, writer and industry speaker focusing on security solutions for mobility, the smart grid and critical infrastructure. He will speak at the Smart Grid Cyber Security Virtual Summit, on February 20, 2014.


facebook linkedin twitter

Apple Cybercrime Cybersecurity data breach Database Breaches Facebook FireEye Google Hacking Mandiant NSA surveillance Target

you might also like

Pierluigi Paganini July 08, 2025
IT Worker arrested for selling access in $100M PIX cyber heist
Read more
Pierluigi Paganini July 07, 2025
Taiwan flags security risks in popular Chinese apps after official probe
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    IT Worker arrested for selling access in $100M PIX cyber heist

    Cyber Crime / July 08, 2025

    New Batavia spyware targets Russian industrial enterprises

    Uncategorized / July 07, 2025

    Taiwan flags security risks in popular Chinese apps after official probe

    Security / July 07, 2025

    U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

    Hacking / July 07, 2025

    Hunters International ransomware gang shuts down and offers free decryption keys to all victims

    Cyber Crime / July 06, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT