Cyjax has partnered with Security Magazine to bring you a monthly Cybersecurity and Geopolitical vodcast hosted by Chief Information Security Officer (CISO) of Cyjax, Ian Thornton-Trump, and Tristan de Souza (Editor and Head of Communications), in which they ruminate on the enmeshing of cybersecurity and geopolitics and the new challenges and intriguing flashpoints these bring to enterprise security and risk professionals. Don’t miss this informative, insightful and entertaining monthly video podcast and find out the latest talking points affecting your industry, your career and the future of security. Listen to Episode Two now!
Microsoft Exchange vulnerabilities
This month saw reports that Chinese computer network operatives exploiting multiple 0day vulnerabilities to access on-premises Exchange Servers. The threat group, dubbed HAFNIUM, forced Microsoft to distribute an out-of-band patch because of the breadth of the attacks: primarily US-based entities across several industry sectors, including infectious disease research, law, higher education, defence, and policy (think tanks and NGOs). As noted by Ian, this is a serious issue: email is both incredibly vulnerable and incredibly valuable, from a threat actor’s perspective. If access is gained to a company inbox, all manner of sensitive data can be exposed. In many ways, this was just a ticking time bomb. What’s the best way forward? And how do we create a secure environment for business communication?
SolarWinds keep blowing
This story, which initially broke at the beginning of December 2020, has yet to run its course. There are now a little under ten individual malware variants tied to the supply-chain attack, and the SolarWinds executives have been hauled in front of US government committees. Intriguingly, there appears to be no appetite for similar action in the UK, even though this attack will almost certainly have compromised ongoing espionage activity across the Five Eyes countries – of which the UK is one. Ian compares SolarWinds’ reaction – to blame an intern – with the way in which Zoom tackled innumerable bug reports that were laid bare in the media and pored over by people across the globe, after its product was catapulted to the forefront of everyone’s consciousness by the onset of the coronavirus pandemic. One of these companies got it right. Tristan points out that corporate responsibility needs to play a far bigger role in the protection of data.
Cybercrime and the American recovery
We have yet to see what the fallout from the SolarWinds and Microsoft issues – as well as those affecting Accellion – will have on the cyber-insurance sector. Will premiums be raised? Will there be more stringent penalties imposed on the victims by their insurers down the line? And is legislation necessary? Certainly, the theft of intellectual property and the potential exposure of data in mailboxes could be disastrous for the victims. But it is hard to see any benefit for either Russia or China (the alleged state sponsors of the groups responsible for the attacks on SolarWinds and Microsoft) to slow down the recovery in the US. Rather than state-sponsored cyber-attack groups, Tristan sees ransomware groups like Cl0p as being the main threat to the US and global economic recovery. The operators of Cl0p have been distributing their ransomware through an Accellion file transfer product, infecting both public and private sector organisations around the world, causing untold disruption and a heavy financial cost on victims.
Rounding off the podcast, Ian ropes in Meghan and Harry (and the way in which social media has been used to both help and hinder them) to make a broader point about Russian disinformation, and political discourse more generally: he wonders whether have we reached a point where our politics is so divided that we cannot hope to establish consensus around things such as climate change and internet governance? And what should the long-term strategies be for addressing misinformation? That last question may well come up time and time again, but for now, get Ian and Tristan’s insights on all of the topics outlined above – here.