Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

10:00 AM
Connect Directly
E-Mail vvv

Navigating the Security Maze in a New Era of Cyberthreats

Multiple, dynamic threats have reshaped the cyber-risk landscape; ignore them at your peril.

As we look forward to the new year and the potential for a return to some measure of normalcy, we have the opportunity to consider how we might tackle the new challenges of the rapidly evolving cyber-threat environment going forward.

In particular, as cyber defenders in both the public and private sectors assess our posture and consider how our approach should shift going forward, it is strikingly clear that while we have made significant progress in strengthening our defenses and are getting better at raising the cost to our adversaries. However, we have yet to fundamentally shift our paradigm to account for the threats we face and to keep up with our adversaries' capabilities.

Related Content:

Cybercrime: Nation-States Go Prime Time

The Changing Face of Threat Intelligence

New on The Edge: BECs and EACs: What's the Difference?

In 2017, we saw two cyberattacks that have fundamentally shifted our understanding of the threat environment. NotPetya, a cyberattack aimed at Ukraine by Russia, spun out of control, causing $10 billion in damages worldwide. That attack taught us that collateral damage is a real thing in cyberspace and one need not be the direct target of a cyberattack to suffer significant harm. 

Likewise, the WannaCry ransomware attack conducted by North Korea, also in 2017, demonstrated the crippling effect such attacks can have on the public and private sector, including healthcare institutions. Less noticed by the public, but perhaps even more critical to the American economy, is the continued theft of core intellectual property by nation-states, principally China, which undermines the global competitiveness of American companies and directly threatens American jobs, particularly as we seek to grow as an innovation-focused economic power.  

This effort undercuts not only the work of large enterprises but also small startups that are highly dependent on the creation of new and unique intellectual property and which are increasingly at the heart of American economic growth. 

More recently, as the global COVID pandemic has spread, we've seen a marked increase in malware attacks taking advantage of the situation and targeting the response and recovery infrastructure, including international organizations and vaccine manufacturers. We've likewise seen attacks on medical facilities resulting, indirectly, in patient deaths, financial institutions and governments being robbed or defrauded of hundreds of millions of dollars, continued efforts by adversaries to put privately owned critical infrastructure at risk, potentially to shape or modify government behavior. 

This all takes place as we continue to see nation-states like China not only siphoning off billions of dollars of intellectual capital from across the globe as noted above but also extracting massive amounts of data to train sophisticated machine learning algorithms. Furthermore, China, Russia, and Iran are engaged in efforts to manipulate popular opinion and undermine the rule of law and confidence in elected leaders and key institutions.

Unfortunately, the threat landscape is likely to get worse before it gets better. With the broad rollout of 5G networks globally and increasing capabilities and use of mobile and Internet of Things devices, not to mention the new work-from-home environment spurred by the COVID pandemic, we are operating in a target-rich environment for both nation-state and private cyberattackers. And the lines between the two are increasingly becoming blurred. While we've long known that the Russians operate through criminal proxies, the advent of such double-dipping in China is troubling given the massive scale and sophistication of attacks that collusion between criminal and nation-state actors in China can bring to cyber-threat landscape.

Moreover, this rapid growth in infrastructure and threats also means that the workload facing cybersecurity personnel is growing faster than we can possibly develop talent. There simply will not be enough people to solve this problem and, as such, we must crowdsource the knowledge we need and leverage advanced technologies to address this shortfall. 

The good news is that the private sector and the government have been improving defenses. The cybersecurity conversation has made it into nearly every boardroom, even if directors and risk committees aren't always prepared — or equipped — to fully grapple with the myriad threats they face.

Corporate cybersecurity leaders are increasingly gaining a seat at executive leadership meetings and seeing budgets more aligned to the threat. And the government has finally started to get serious about the threat by taking the fight to cyber adversaries overseas under new authorities with advanced capabilities and working across traditional lines. We should preserve and expand on these efforts by doubling down on the defend forward strategy and persistent engagement mission of US Cyber Command overseas, and by expanding partnerships and joint training, exercises, and planning among our cyber defenders in government and the private sector.

Yet more needs to be done. Government and industry continue to operate in traditional silos, focused first on defending individually, rather than protecting collectively. To be sure, industry and government have done more to share information recently than perhaps ever before, but such sharing is simply one aspect of the larger effort. The real key is to be able to collaborate defensively at speed and scale across companies, industries, states, and national boundaries. 

As the Cyberspace Solarium Commission noted earlier this year, we need a paradigm shift to collective defense, with shared situational awareness and broad collaboration across the board. As we look to the next year, and think about change we need, when it comes to the cyber realm, it's worth remembering the old adage that united we stand, divided we fall.

Gen. (Ret) Keith B. Alexander is the former director of the National Security Agency and founding commander of the US Cyber Command, and currently serves as chairman, president, and co-CEO of IronNet Cybersecurity. Jamil Jaffer served in senior national security roles in the ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Author
12/9/2020 | 10:11:47 AM
What aren't we considering economic sanctions?
It seems to me that the time has come to look at other options besides 'defending forward' - specifically the use of market forces to change behaviors. If we started denying legitimate business traffic from governments that overtly or tacitly support cyber crime, my feeling is that the business community would put pressure on leaders to curtail the activity. Said another way, let the oligarchs go stand on Putin's desk and behaviors will change.
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...