Use The Military To Attack Hackers

Chris Krebs the former US cyber security chief of Cyber and Infrastructure Security Agency (CISA) has says the US military should hit cyber criminal gangs that hack  organisations and governments. He has suggested that military cyber attackers could use ransomware to try to thwart gangsters by revealing personal information, a tactic known as doxing. 

“You have to chase the bad guys, and I’m not just talking about law enforcement.” Krebs said in an interview with the Financial Times. "You actually place a title 10 employee - civilians employed by the military - Deploy intelligence features, like Cyber Command. You send them a message directly, saying, “We know who you are, we will either quit or come after you using information warfare.” You expose them. There is something you can do."  

Krebs’ comments contradict the conventional way of thinking about establishing cybersecurity. Experts tend to warn businesses not to “hack” ransomware attackers. This is because it can be difficult to identify the enemies you are dealing with and their abilities. 

To understand the challenge facing CISA and the rest of the government, it helps to understand the frustrating nature and  enormity of the SolarWinds hack. Early reports focussed on agencies like the US Departments of Treasury and Commerce, but the hack was much broader than that and we still don’t know precisely which systems may have been compromised and what data may have been taken. 

Digging out every possible compromise will take discretion and trust, the kind of qualities Krebs had been building up in his role and lost when he was abruptly shown the door. Krebs was fired from his role as the head of CISA following him publicly contesting Donald Trump's baseless claims of voter fraud in the election. 

For almost a year hackers have used SolarWinds software to spy on governments and business in the US, and around the world.

The Verge:      Business Insider:       Financial Times:        EMINETRA

You Might Also Read: 

Biden Selects His Cyber Team:

 

« Losses From Cyber Crime Exceed $1Trillion
Data Privacy & You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DataVantage

DataVantage

DataVantage data masking and data management software helps you prevent data breaches, pass compliance audits and meet regulatory requirements such as HIPAA and PCI DSS.

Mixed Mode

Mixed Mode

Mixed Mode is a specialist in embedded and software engineering for applications including IoT and secure embedded systems.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

ReSec Technologies

ReSec Technologies

ReSec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Chestnut Hill Technologies (CHT)

Chestnut Hill Technologies (CHT)

CHT provide Best Practices IT Cybersecurity and Technology Solutions and Consulting Support to the Mid Cap through Fortune 1000 Nationwide.

Olympix

Olympix

Dev-first Web3 security that starts at the source. Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

Pontiro

Pontiro

At Pontiro, we are enabling a new era of data-sharing. Bridging the gap between protected data and valuable insights through the use of cutting edge Homomorphic Encryption.

BlackSwan Technologies

BlackSwan Technologies

BlackSwan Technologies is reinventing enterprise software through Agile Intelligence for the Enterprise – a fusion of data, artificial intelligence, and cloud technologies.