Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

10/26/2017
06:35 PM
Curtis Franklin
Curtis Franklin
Curt Franklin
50%
50%

Is Your Security Military-Grade?

Simple civilian security won't cut it for most businesses. It's time to take your cybersecurity mil-spec.

Most companies and individuals in the developed world have very little knowledge of advanced military tactics. We don't need that knowledge in our daily lives. The rise in state-sponsored cyber crime is changing the calculus when it comes to knowing advanced hacking techniques. And most of us have a lot to learn.

Think about it: Do you know what the four F's are in small-unit tactics? If someone asked you to quickly set up a Fire Trap, could you do it? Unless you've recently served in the military or are prepared for civilian action on at a very high level, the answer is probably "no." The good news is that most of us can live happy, safe lives while remaining ignorant of those and many other tactical topics.

Even if your job involves physical security for a business the liklihood is great that you'll never be required to know vertical envelopment or the applications of motti. The differences in civilian and military needs and tactics are just too great.

In the world of cyber defense, though, there is only a small difference in the tactics used by criminal hacking groups and those used by nation-state hackers bent on economic disruption. We've seen this sort of tactical similarity in recent ransomware attacks that focused their damage in Europe and in very targeted attacks on civil infrastructure in Ukraine.

So what do you need to know if you're going to avoid becoming a casualty of this latest war? First up is figuring out how to keep up with new information. US-CERT should be on your daily update list. In addition, there are several mailing lists and bloggers that should be hitting your in-box at least once a day. Author's Note: Which security writers and lists do you look to for info? I'd love to know your favorites -- please let me know in the comments! Next, you must understand what the warnings mean.

When a researcher puts out information on a new vulnerability, dig into it and follow the code. Look at the services and apps that the vulnerability hits and immediately start the process of understanding whether your enterprise applications depend on the affected services. Talk to your best security people and get them to explain exactly what's happening. You'll probably find that most of your security folks are eager to share their knowledge with someone who comes asking genuine questions to which they really want to know the answer.

Finally, convince your executives that you're not too small, too insignificant, or too obscure to be a target. One of the things that we've seen is that many attacks use shotguns as an analogy -- their pellets of destruction spread all over the landscape. Being prepared means keeping up with backup and recovery routines, having an up-to-date business continuity plan and yes, practicing both to make sure you know that they work.

Security isn't easy and it may not be cheap. But in the second decade of the current millenium it's far cheaper than repairing the damage that can come from a military-grade exploit launched against your company.

What's your plan? Are you worried about the escalating danger? Or has your business gone back to abacus and quill pen to escape the cyber danger? Let us know -- it's a story that involves all of us.

Related posts:

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cloud Security Threats for 2021
Or Azarzar, CTO & Co-Founder of Lightspin,  12/3/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Assessing Cybersecurity Risk in Todays Enterprises
Assessing Cybersecurity Risk in Todays Enterprises
COVID-19 has created a new IT paradigm in the enterprise and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27772
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could po...
CVE-2020-27773
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to appli...
CVE-2020-28950
PUBLISHED: 2020-12-04
The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.
CVE-2020-27774
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but co...
CVE-2020-27775
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but c...