Re: FBI Security Alerts
The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?
Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.
Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.
We're just piling bandages on top of bandages on top of bleeding limbs.
Sent from my BlackBerry using Tapatalk
The problem is that politicians have very little control over anything in this arena because these aren't the actions of nation states. You can sanction nations for sheltering cybercriminals, but with governments that already act like criminal organisations, what good does that do?
Better to focus efforts on ensuring that the companies being hit are in some way prepared: current and tested backups, compensating controls for end of life software and systems.
Already we're seeing a move from phishing and malicious downloads to supply chain attacks like Solarwinds and Kesaya that can hit multiple targets with a single strike. More evidence that the software used to even manage networks has become complex enough that even its maintainers can keep track of it, or just how deep of a look into our networks third-party software can have.
We're just piling bandages on top of bandages on top of bleeding limbs.
Sent from my BlackBerry using Tapatalk
Comment