As the cybersecurity community slowly recovers from the SolarWinds Orion breach, we speak to Michael Bahar, a leader in cybersecurity and privacy, about the aftermath of this attack. Bahar is a partner in the Washington D.C. office of Eversheds Sutherland (U.S.) LLP, and the firm’s Litigation practice. He was Deputy Legal Advisor to the National Security Council at the White House, former Minority Staff Director and General Counsel for the U.S. House Intelligence Committee, and a former Active Duty Navy JAG.
James Arlen has been named Chief Information Security Officer (CISO) at Aiven, a software company that combines open source technologies with cloud infrastructure. Arlen represents a key addition to the executive team at the company.
One of the biggest threats to wireless security devices is radio jamming, which occurs when a malicious actor illegally purchases a radio frequency jammer tool and uses it to block alarm devices’ connections to their affiliated security company. If alarms can’t properly communicate through their network—which is typically cellular—then they cannot notify security providers when there’s a crisis.
An example of how businesses are benefitting from integrated cloud-based systems would be in the retail industry. Retail end users have integrated their security camera network, heat-mapping and video analytics technology with a cloud-based system so they can remotely monitor who is in their store. The heat-mapping and analytics technology also showcases where customers are spending the most time in their store, providing retailers with insight as to where they can place specific item displays or promotional items. This information can also be used to inform on if a specific location in a store needs additional signage to encourage social distancing, or even if it needs increased camera coverage within a store. The practical applications of integrated cloud-based systems and other security technology are nearly endless.
ANSSI, the French cybersecurity agency, has reported an intrusion campaign targeting the monitoring software Centreon distributed by the French company CENTREON which resulted in the breach of several French entities. The first victim seems to have been compromised from late 2017. The campaign lasted until 2020.
Kia Motors America has allegedly suffered a ransomware attack by the DoppelPaymer gang. The gang is demanding $20 million for a decryptor and not to leak stolen data, according to news reports.
If the experiences of 2020 taught us anything, it’s that risk in the modern world cannot be understood or sufficiently mitigated with a siloed approach. Individual threats, such as regulatory risk and IT security, converge. Lacking a high-level view, it’s difficult to see the web of cause and effect – making it more difficult to anticipate, prepare, or mitigate the biggest risks. 2020 may be over, but the challenges remain in 2021. Compliance and risk management will need a shared umbrella of information and communication to tackle the complex, integrated risks of today’s landscape.
The acceleration of digitization initiatives was paramount to ensure business continuity during this global crisis. As we rebuild economic stability in 2021, technology – especially automation and security – will play a significant role in positioning enterprises to return to growth.
Ransomware attacks, phishing scams, fake news and several other cyberattacks made headlines in 2020. As millions of Americans shifted to remote work for business continuity, cybercriminals sprung into action, evolving their social engineering tactics. Smishing and vishing are new variants that are fast gaining traction, targeting mobile phones.