Rogue States Are Funding Stateless Hackers

Cyber-attacks are more likely to come from criminals funded by US enemies than from the enemies themselves, former National Security Agency director Mike Rogers said, speaking at the US  National Cyber Symposium in Colorado earlier this month

“Cyber criminals are a much bigger threat than nation-states.... some states are creating relationships with cyber criminals, giving them money, tools and targets. I suspect that will grow, and it won’t just be the Russians.”

Cyber-attacks will soon become a weapon, Rogers said, because of the growing number of internet-connected devices from cellphones and fitness trackers to thermostats and medical devices such as pacemakers. Rogers also warned that the Pentagon needs to change how it buys weapon systems to build in cyber security from the beginning and include funding for cyber updates and defensive “fixes,” since many systems have outdated cyber security protections by the time they are delivered. 

Rogers said that he is not concerned about a cyber “Pearl Harbor” or surprise attack on the US government or corporate computer networks because such an attack wouldn’t be a surprise, and governments and businesses have recovered more quickly from hackers than from natural disasters. 

He said he is more worried about breaches affecting health care information, because such data are widely shared and the devices measuring health data are multiplying. He added that  the NSA had “lost capabilities” due to leaked information by former contractor Edward Snowden. Those capabilities “had been publicly acknowledged and had to be shut down,” Rogers said. 

At a different conference session, John Chen, Executive Chairman and CEO of the telecoms company, BlackBerry, described how his company was headed for financial disaster when he arrived in 2013, with declining sales, dwindling cash and facing Chinese competitors who could sell similar devices for less than the cost of the parts for BlackBerry’s smartphones.

He said he had to slash costs so the company started to generate instead of burn through cash as competitors from China took advantage of lower costs to commoditixe the mobile phone market.  To come up with a new strategy, Chen said he refocused the company on privacy and security through software giving the company higher profit margins than selling consumer phones that were dropping in price.

The company made numerous acquisitions over the past six years as part of its new strategy, including its purchase late last year of antivirus software provider Cylance to add artificial intelligence capabilities to BlackBerry’s security products for internet-connected devices. 

Governing.com:      Image: Nick Youngson

You Might Also Read:

Cyber Security Threats Are Growing In 2019:

North Korea, WannaCry, Cyberattacks And Lazarus:

 

« Organised Social Media Manipulation
WEBINAR: How to perform a security investigation in AWS »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BSI Group

BSI Group

BSI is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence

Jetico

Jetico

Jetico provides pure & simple data protection software for all sensitive information throughout the lifecycle. Solutions include data encryption and secure data erasure.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

infySEC

infySEC

InfySEC is an information security services organization offering Security Technology services, Security Consulting, Security Training, Research & Development.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Green House Data

Green House Data

Green House Data is a managed services provider delivering hybrid solutions to enterprises who need secure IT environments and efficient management of their critical applications and business data.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

Threat Con

Threat Con

Threat Con is a one of its kind event in Nepal, a series of annual international security conventions similar to the famous Black Hat and DEF CON conferences.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

IDCARE

IDCARE

IDCARE is Australia and New Zealand’s national identity & cyber support service. Our service is the only one of its type in the world.

Corgea

Corgea

Corgea is AI-powered security platform that finds, triages and fixes your insecure code.