Howard Solomon of Cyber Security Today. The Week in Review and Terry Cutler of Montreal’s Cyology Labs discuss several stories from the past seven days. These include a U.K. Parliamentary report saying the country isn’t prepared for a targeted ransomware attack, North Korea’s Lazarus group is still exploiting the two-year-old Log4j vulnerability and the latest on insider attacks in a jail sentencing and a U.S. Air Force report into data leaking by an Airman.
Howard Solomon: This is pretty incendiary stuff. My first question is, is any country ready for what the report calls “a coordinated and targeted attack?”
Terry Cutler: There’s much to digest here, not just because of the sheer complexity. There’s not just one group that handles everything [in a nation], so we must have an advanced cybersecurity infrastructure and be constantly updated. And there would have to be collaboration between national and corporate levels. Just try to imagine the people involved in handling all this. You’ve got CISOs aging three years just in one company, and they would probably lose 50 years of their life handling all this. So, the most significant piece will be government and private sector collaboration. There have to be regular application updates, audits, and penetration testing all the time, which we’re not seeing now with companies. And suppose they also adhere to a more robust regulatory framework. In that case, more vigorous laws must be in place — something like GDPR in Europe, where there must be breach notifications to victims and the government.
Howard: This year, we’ve seen record-reported ransomware attacks, which raises the question. Can a country be ready for a coordinated and targeted ransomware attack? That’s a worst-case scenario.
Terry: It’s going to come down to rapid response and detection. But we’re short-staffed in cybersecurity. We’re three million personnel short worldwide. Not many of us want to work for the government, for example, because the pay is much less [than in the private sector]. You have less flexibility with your schedule. All those factors have come into place. I agree there needs to be a specialized cyber security force with the proper measures to help protect the country. There also needs collaboration with law enforcement because we can stop these attacks in specific ways, but we need to go to the source and shut these bad guys down.
You can listen to the full podcast here. Cyber Security Today, Week in Review for Friday Dec. 15, 2023