Five defining moments that shaped cybersecurity in 2020

Among the many disruptions brought by 2020, cyber threats ranked in the top concerns. As we had to rely more on digital for work and social life, cyber-attacks became very real threats for most aspects of our lives: health, work, freedom, national security, and even life itself. 

Here is a selection of 5 defining moments that confirms the need for cyber protection essential for both private and professional life.

  1. In March-April 2020, the rapid shift from in-office to remote work conditions forced the limits of pre-existing IT architectures. Many adjustments were done in a rush and that affected the security posture. The attackers didn’t miss the opportunity and the number of attacks targeting remote workers increased sharply. Cybersecurity became a top priority for our employers and us, ensuring our ability to continue working.
  2. In early December 2020, IBM discovered a series of cyber-attacks aimed at the companies and government organizations that will be distributing coronavirus vaccines around the world. State-sponsored attackers (and not only) are engaging in advanced cyber attacks that can have a direct impact on our health. These may generate delays or even compromise the vaccine efficacy (ex. by manipulating storage temperature). The lack of proper cyber protection affects healthcare organizations’ ability to provide proper and timely care for patients.
  3. In September 2020 the life of a German patient was lost because emergency care was delayed due to a ransomware attack. Not only our health but our lives themselves depend on the availability and ability of IT systems to properly function. As worrying as this sounds, the cyber resilience of healthcare systems is essential for emergency treatment that keeps some of us alive.
  4. November 3rd, 2020 was elections day in the US. Much was written on the topic of foreign intervention during the election process. Sophisticated attacks, that include technical means, social engineering, and mass manipulation are (unfortunately) regularly used during political campaigns/elections. Cyber defense proves to be also the guardian (one of the many) of our democratic processes.
  5. In December 2020, the Solarwinds breach became public. This highly sophisticated attack allowed access to very sensitive information or special resources (like the attack tools used by the Fireeye’s Red Team). This breach (and others like it) have very serious consequences, including the ability of states to effectively defend themselves against physical aggression. Cybersecurity is today weaved into the fabric of our (physical) national security.

Like it or not, the pervasiveness of technology comes with great benefits but also with great responsibility and real threats. As much as we are diligent about our physical security, we need to learn to be diligent about cybersecurity: for us and for our loved ones. This involves general awareness, actions that we need to make, and questions that we need to ask.

Accelerating Safely on the Digital Highway

I wrote this post a couple of months back but it’s highly relevant for 2021 and it’s worth being brought up again. You will also find below a reference to an interesting on-demand webinar hosted by InfoSecurity Magazine..

Despite today’s harsh medical crisis we are living great times of innovation. For the past years, digital transformation has been stuck more or less at buzzword level, but the last 2 months marked a sharp change, with many businesses being force into a new “digital only” norm. Now more than ever, digital transformation proves its value in an unprecedented and unforeseeable way: the higher the degree of digitization, the better an organization adapts to the current reality.

The ability to enable employees to continue their work while at home, the automation of processes or access to digital markets are key capabilities that improved the resilience of businesses and governments during the last months. These forced behavioral changes will have long lasting (positive) effects. One of the most spectacular is the acceleration of all digitalization initiatives in the years to come.

But, a word of warning. While it offers many advantages for organizations, digital transformation also creates significant security vulnerabilities. The more an organization relies on digital, the less capable is to continue to effectively operate with the IT systems down or compromised. Inevitable, things can and will go wrong at some point. Either by mistake, by intention or simply due to an unforeseen and unfortunate event.

What is cyber-resilience and why is it important?

Cyber-resilience is the ability to continue delivering the intended outcomes (digital services) despite adverse cyber-events. However, mastering cyber-resilience has some strings attached to it, bringing various challenges mandatory to be considered and overcame. Needless to say, navigating through the modern-day cyber-threat landscape is paramount to address and vital for ensuring business continuity.

If larger organizations are typically better prepared, cyber-resilience proves to be a more difficult challenge for mid-sized organizations due to less capabilities and resources. So, how can a mid-sized organization increase its cyber-resilience without sky-rocketing the costs?

In a special joint-webinar with InfoSecurity Magazine, we will explore how organizations can increase their cyber-resilience throughout digital transformation! The session will be focused on outlining the pillars of a security architecture that provide the ability to detect cyber-incidents early and effectively respond to emerging threats.

Key takeaways:

– How detection and response contribute to cyber-resilience
– How to tackle the challenges of implementing a detection and response solution in a mid-sized organization
– How to simplify the security architecture with an extended detection and response strategy

Initially posted on Bitdefender Business Insights: https://businessinsights.bitdefender.com/accelerating-safely-on-the-digital-highway

Top 5+1 lessons of 2020

The year 2020 is over and many of us would like to forget it as quickly as possible. We all hope for a better 2021 but, with all the hardship, 2020 was an extraordinary year and it delivered us some valuable life lessons. Here is what I’ve learned in the last 12 months:

  1. Black Swans do exist! From time to time unexpected events just happen. The 2008 economic crisis was such an event and the Covid-19 pandemic is a black swan too. It’s not that nobody could see them coming, on the contrary. Only a few months before the pandemic stroke, in October 2019, I attended a session dedicated to the risk of global pandemics. But I think, deep inside, we just don’t want to acknowledge that they are a real possibility. It’s just too unsettling.
  2. Humanity is resilient but as individuals, we are very fragile. Fortunately, till now nobody from my inner circle was severely ill but many people that I know got infected, some were hospitalized, and a handful didn’t make it. There is a lot of personal and family drama around. Life is worth being loved and cherished today. We don’t know what tomorrow holds.
  3. Things that are difficult to imagine can happen in the right context. Only a year back it was hard to imagine that the 2020’s restrictions were possible. I couldn’t conceive that I would willingly accept the limitation of so many personal liberties just to stay healthy. But I did.
  4. Global collaboration pays off! The race for a Covid-19 vaccine was a global effort at a scale never seen before. And the effort paid off. In one short year, we got 3 vaccines against Covid-19. They still have to prove effective in limiting and stopping the pandemic but what we achieved as a global community is amazing. I think many of the world’s problems could be solved with similar effort and collaboration.
  5. Family matters! When hardship comes, the family is the one we can truly rely on. Beyond the challenges, 2020 brought the huge opportunity of spending more time with loved ones. For some of us, it offered the chance to experience unique moments that otherwise, we would have missed out.

As every crisis brings opportunity, most opportunities (blessings) come with challenges. This is the sixth and most personal lesson. For me, 2020 is a key life landmark. I became a father! And alongside the great joy and fulfillment came a lot of work and commitment. It’s worth the effort, but it’s surely not easy. 

There is always this duality in things. With the good and the bad 2020 entered history but should not be forgotten. Especially not the precious lessons that we learned.

Happy new year, 2021!

Defeating supply chain attacks together

The recent security incident involving Solarwinds Orion proves that cybersecurity is a team game. We all use software developed by a wide range of providers (and we will continue to do so). Any successful attack on one of these vendors (suppliers) can have negative consequences on all users of their software solutions. Solarwinds was targeted by a complex attack (most probably state-sponsored) that successfully deployed malicious code into their IT management software product Orion (The backdoor code was hidden within the legitimate library SolarWinds.Orion.Core.BusinessLayer.dll, according to Microsoft). Due to the extended use of the product, the impact is potentially massive.

This reminds me of another famous cyber-attack: Stuxnet. How can you breach a heavily protected nuclear plan? It seems that the most effective way is through one of the suppliers. The attack against Iran’s nuclear facility was possible by secretly infecting at least five outside companies connected in some way to the nuclear program. Although Stuxnet itself is not a threat anymore, his legacy is: Duqu (2011), Flame (2012), Havex (2013), Industroyer (2016), and Triton (2017) posed characteristics similar to Stuxnet and created havoc in the energy sector till 2018 (at least).

What should we learn out of these examples?

We need to learn to play the cybersecurity game as a team: vendors and customers.

Software users:

  1. Learn to evaluate the vendors not only from price & features capabilities but also from the internal processes, best practices, and compliance efforts.
  2. Consider your suppliers as your partners. Don’t squeeze everything you can out of their offers as this will translate sooner or later into the quality (and security) of the software that you buy.
  3. Contribute to the quality of the products that you use. Be vigilant and proactive in identifying bugs, vulnerabilities, and unexpected behaviors of software solutions. Report them and follow through until you get an acceptable resolution.

Software vendors:

  1. Be responsible! Develop software that is secure by design, coding, and testing. Your customers’ security posture depends on you!
  2. Take your users seriously! Incentivize them to act as your extended testing and bug hunting team. Make sure their feedback is considered and incorporate whenever appropriate.
  3. Whenever a vulnerability or a security incident is reported, announce all affected customers promptly! Then fix the problem.

We can only win together, #togetherforsecurity !

Republished LinkedIn article: https://www.linkedin.com/pulse/defeating-supply-chain-attacks-together-bogdan-carlescu