Marcel Brown: November 2nd, 1988. Robert Morris of Cornell University launches a self-replicating worm as part of a research project designed to determine the size of the early internet. Due to a programming error, the “Morris Worm” began repeatedly infecting machines, clogging network traffic, and causing machines to crash.

Edwin Kwan: The US Securities and Exchange Commission has announced charges against SolarWinds Corporation and its CISO, its Chief Information Security Officer, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.

Hillary Coover: A coalition of 40 countries, led by the United States, is committing to never pay ransoms to cybercriminals again. This initiative, known as the International Counter Ransomware Initiative, ICRI, is a response to the increase of ransomware attacks on a global scale with the United States accounting for 46% of such incidents.

Ian Garrett: A recent study from the International Information Systems Security Certification Consortium, the nonprofit member organization for cybersecurity professionals, highlights that the workforce shortage in the cybersecurity industry has reached an all-time high of nearly 4 million people.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
SEC Charges SolarWinds and CISO for Misleading Investors Before Cyber Attack

The  US Securities and Exchange Commission has announced charges against SolarWinds Corporation and its CISO, its Chief Information Security Officer, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.

This is Edwin Kwan from Sydney, Australia.

SolarWinds suffered a supply-chain attack in 2020 which resulted in many other organizations being breached, including US government agencies. The complaint alleges that from at least its October 2018 initial public offering, through at least its December 2020 announcement of the two-year long cyber attacks, SolarWinds and the CISO defrauded investors by overstating SolarWinds’ cybersecurity practices and understated or failed to disclose known risks.

It was alleged that SolarWinds’ public statement about its cyber and risks were at odds with its internal assessment, including a 2018 presentation prepared by the company engineer and shared internally, including with the CISO, that the company’s remote access setup had vulnerabilities which could allow attackers unrestricted access. There was also other communication cited that alleged that the CISO was aware of the company’s cybersecurity risks and vulnerabilities but failed to resolve the issues or raise them sufficiently further within the company.

Resources
– SEC: https://www.sec.gov/news/press-release/2023-227

 

Hillary Coover
Global Alliance Takes a Stand: No More Ransom Payments to Cybercriminals

A coalition of 40 countries, led by the United States, is committing to never pay ransoms to cybercriminals again. They’re working to disrupt the funding sources of these hackers. This International Counter Ransomware Initiative is a response to the increasing global threat of ransomware attacks, with the United States being heavily impacted.

Hi, this is Hillary Coover in Washington, DC.

This initiative, known as the International Counter Ransomware Initiative, ICRI, is a response to the increase of ransomware attacks on a global scale with the United States accounting for 46% of such incidents. It aims to combat these criminals by improving information sharing on ransom payment accounts and creating “blacklists” of digital wallets used for ransom payments with the aid of artificial intelligence to track illicit funds.

Anne Neuberger, the US Deputy National Security Advisor for Cyber and Emerging Technologies, emphasized the urgency of cutting off the flow of money to ransomware criminals, asserting that as long as these funds continue to pour in, the problem will persist.

Ransomware attacks typically involve hackers encrypting an organization’s systems and demanding ransoms in exchange for decryption keys. In many cases, these attackers also pilfer sensitive data and use it to extort their victims or threaten to leak it online if the payments are not made.

Two information-sharing platforms will be established, one by Lithuania and another collaboratively by Israel and the UAE. Additionally, partner countries will share a “blacklist” through the United States Department of Treasury, which will contain information on digital wallets used for the transfer of ransomware payments. Artificial intelligence will be employed to analyze blockchain technology for the identification of illicit funds.

Notably, the volume of cryptocurrency payments to ransomware attackers is on course to reach its second highest annual total on record, as reported by blockchain analytics firm, Chainalysis, in July.

Resources
– Reuters: https://www.reuters.com/technology/alliance-40-countries-vow-not-pay-ransom-cybercriminals-us-says-2023-10-31/

 

Ian Garrett
The World Needs 4 Million More Cybersecurity Professionals

What do you do when you can’t even find the people to fill your open cybersecurity roles? A recent study from the International Information Systems Security Certification Consortium, the nonprofit member organization for cybersecurity professionals, highlights that the workforce shortage in the cybersecurity industry has reached an all-time high of nearly 4 million people. This is despite the field experiencing a growth of nearly 10 percent in the past year.

Hey folks, this is Ian Garrett in Arlington, Virginia.

The Cybersecurity Workforce Study reveals a significant workforce gap of just under 4 million cybersecurity professionals. This gap has increased by 12.6% year over year. The driving forces behind this shortage include cutbacks, economic uncertainty, artificial intelligence, and a challenging threat landscape. Currently, there are approximately 5.5 million cybersecurity professionals worldwide, while the estimated global workforce gap is 4 million.

The study reports that 67% of cybersecurity professionals have encountered a shortage of staff in their organizations, impacting their ability to prevent and troubleshoot security issues. Budget cuts, layoffs, and hiring freezes are contributing to this shortage.

The impact of layoffs varies across sectors, with entertainment, construction, and automotive industries experiencing the most significant effects. In contrast, sectors such as the military, government, and education have been less affected.

The study highlights that skills gaps are just as challenging as workforce shortages. More than half of cybersecurity professionals believe that skills gaps can be even worse than staffing shortages. Among the common skill gaps are cloud computing security, AI/ML, and zero-trust implementation.

Despite the growth in the number of cybersecurity professionals, the study emphasizes the need to double the workforce to adequately protect organizations and their critical assets. The current landscape is more complex than ever, underlying the urgency for organizations to invest in both new talent and existing staff, equipping them with the necessary skills to navigate evolving threats.

The cybersecurity workforce shortage is a significant challenge in the industry. As threats continue to evolve, organizations must address both workforce shortages and skill gaps to protect themselves effectively.

Resources
– CSO Online: https://www.csoonline.com/article/657598/cybersecurity-workforce-shortage-reaches-4-million-despite-significant-recruitment-drive.html

 

Marcel Brown
This Day, November 2nd, in Tech History

This is Mark Miller standing in for Marcel Brown, bringing you tech history for November 2nd.

November 2nd, 1988. Robert Morris of Cornell University launches a self-replicating worm as part of a research project designed to determine the size of the early internet. It was intended to count the number of computers that initiated connections when the worm was loaded onto them.

However, due to a programming error, the “Morris Worm” began repeatedly infecting machines, clogging network traffic, and causing machines to crash. Eventually the worm spread to 6,000 machines, which was roughly 10% of the internet at the time, causing significant downtime for government and university systems for two days. Morris was dismissed from Cornell sentenced to three years probation and a $10,000 fine.

This is Mark Miller with your tech history for the day. Marcel Brown will be back with you tomorrow to get you up to speed for November 3rd.

Resources
– https://thisdayintechhistory.com/11/02