The term "cyberwar" is being bandied about more and more. While some appears to be just more hyperbole, FUD and clickbait, there's something going on; capabilities are catching up with intent - and not just by nation-states. The commoditization of attack tools has made it possible for anyone with a grudge to conduct denial of service, locate and track targeted individuals, and suppress the free flow of information.
Yes, the Russians penetrated a dam, a water utility in Illinois was compromised, and the energy sector is known to have other countries extant within computing systems since 2011. That's bad enough, but now activists are using GPS to track women entering Planned Parenthood, 60% of domestic violence victims have spyware on their phones and are being tracked by their abusers, and anti-government fanatics are waking up to the fact that they can buy their way into capabilities that were once reserved for technical experts.
This does not bode well for the operators of critical infrastructure at the local scale - traffic management, communication systems for law enforcement and public safety, water and waste treatment, dam operations - the list goes on. While ransomware is an annoyance, it's not personal. Intentional disruption is, and I believe that as we are watching for signs of North Korea and ISIS activity, we need to be vigilant on the domestic front as well. Our infrastructure, our freedom of speech, and the fidelity of our election systems are all being threatened.
Some news references that support the assertion:
- Clueless kiddies using exploit kits are behind ransomware surge
- Right wing cyber attacks on Healthcare.gov website confirmed
- How to Hack an Election
At Critical Informatics we have initiated threat research as a division of SOC operations. We'll keep the radar up, and will monitor and communicate on events and trends that may impact our collective ability to provide life-safety, life-sustaining, and quality of life services.
Type your search and press enter
- Threat Intelligence
- Happy Hour
- InfoSec 101
- Security Awareness
- Public Sector
- Financial Services
- Press Release
@critinformatics | Sep 21, 2018#ICYMI: Our technology is the foundation of the @pisces_nw project, which provides no-cost #cybersecurity event monitoring to #localgovernments while training the next generation of #securityanalysts in WA State. https://t.co/goUE7p2rXQ https://t.co/jGp9hQrKiS
@critinformatics | Sep 20, 2018[EVENT] We’re going to @techtalksummits in #Seattle next Wed., 9/26, at El Gaucho, and we’d like you to join us! Register today for an engaging evening of IT discussions, w/ free drinks and apps—Get there in time to hear @seattlemkh speak at 7 PM! https://t.co/V7Zp8XgNqd https://t.co/471r9FKiHY
@critinformatics | Sep 20, 2018#ICYMI [VIDEO] Check out this month’s #NewsJacker w/ @seattlemkh for the latest #InfoSecNews on #SmartCity & #Aviation #vulnerabilities, #ElectionSecurity, #WannaCry culprits, #NationStates, & more. #ITSecurity #InfoSec #ThursdayThoughts https://t.co/uREOTBFN7P https://t.co/f5V3OOBFCA
@critinformatics | Sep 19, 2018RT @FileFacets: #GDPR - Another Y2K or Real Apocalypse? Learn the essential #cybersecurity requirements that U.S. companies need to know to…