Rogue States Are Funding Stateless Hackers

Uploaded on 2019-09-30 in TECHNOLOGY--Hackers, INTELLIGENCE--International, FREE TO VIEW

Cyber-attacks are more likely to come from criminals funded by US enemies than from the enemies themselves, former National Security Agency director Mike Rogers said, speaking at the US  National Cyber Symposium in Colorado earlier this month

“Cyber criminals are a much bigger threat than nation-states.... some states are creating relationships with cyber criminals, giving them money, tools and targets. I suspect that will grow, and it won’t just be the Russians.”

Cyber-attacks will soon become a weapon, Rogers said, because of the growing number of internet-connected devices from cellphones and fitness trackers to thermostats and medical devices such as pacemakers. Rogers also warned that the Pentagon needs to change how it buys weapon systems to build in cyber security from the beginning and include funding for cyber updates and defensive “fixes,” since many systems have outdated cyber security protections by the time they are delivered. 

Rogers said that he is not concerned about a cyber “Pearl Harbor” or surprise attack on the US government or corporate computer networks because such an attack wouldn’t be a surprise, and governments and businesses have recovered more quickly from hackers than from natural disasters. 

He said he is more worried about breaches affecting health care information, because such data are widely shared and the devices measuring health data are multiplying. He added that  the NSA had “lost capabilities” due to leaked information by former contractor Edward Snowden. Those capabilities “had been publicly acknowledged and had to be shut down,” Rogers said. 

At a different conference session, John Chen, Executive Chairman and CEO of the telecoms company, BlackBerry, described how his company was headed for financial disaster when he arrived in 2013, with declining sales, dwindling cash and facing Chinese competitors who could sell similar devices for less than the cost of the parts for BlackBerry’s smartphones.

He said he had to slash costs so the company started to generate instead of burn through cash as competitors from China took advantage of lower costs to commoditixe the mobile phone market.  To come up with a new strategy, Chen said he refocused the company on privacy and security through software giving the company higher profit margins than selling consumer phones that were dropping in price.

The company made numerous acquisitions over the past six years as part of its new strategy, including its purchase late last year of antivirus software provider Cylance to add artificial intelligence capabilities to BlackBerry’s security products for internet-connected devices. 

Governing.com:      Image: Nick Youngson

You Might Also Read:

Cyber Security Threats Are Growing In 2019:

North Korea, WannaCry, Cyberattacks And Lazarus:

 

« Organised Social Media Manipulation
WEBINAR: How to perform a security investigation in AWS »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Modulo Security

Modulo Security

Modulo provides automated Governance, Risk, and Compliance (GRC) solutions.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

CYSEC Academy

CYSEC Academy

CYSEC Academy offer cyber certifications, cyber assurance and cyber defense training, hands-on learning training modules, public, private and bespoke training courses.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

QuickLaunch

QuickLaunch

QuickLaunch transforms how cloud-savvy institutions and companies manage human and device authentication, authorization, access control and integration.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Privafy

Privafy

Privafy helps mobile service providers, IoT manufactures , and enterprises redefine the way they protect Data-in-Motion.

Perygee

Perygee

Perygee is a fully integrated platform for operational security. Companies depend on Perygee to identify and streamline the most important security practices for their operations.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CertiProf

CertiProf

CertiProf has been enhancing professional lives since 2015, offering a wide range of IT certifications and agile framework training.

Seal Security

Seal Security

Seal Security revolutionizes software supply chain security operations, empowering organizations to automate and scale their open source vulnerability remediation and patch management.