Use The Military To Attack Hackers

Chris Krebs the former US cyber security chief of Cyber and Infrastructure Security Agency (CISA) has says the US military should hit cyber criminal gangs that hack  organisations and governments. He has suggested that military cyber attackers could use ransomware to try to thwart gangsters by revealing personal information, a tactic known as doxing. 

“You have to chase the bad guys, and I’m not just talking about law enforcement.” Krebs said in an interview with the Financial Times. "You actually place a title 10 employee - civilians employed by the military - Deploy intelligence features, like Cyber Command. You send them a message directly, saying, “We know who you are, we will either quit or come after you using information warfare.” You expose them. There is something you can do."  

Krebs’ comments contradict the conventional way of thinking about establishing cybersecurity. Experts tend to warn businesses not to “hack” ransomware attackers. This is because it can be difficult to identify the enemies you are dealing with and their abilities. 

To understand the challenge facing CISA and the rest of the government, it helps to understand the frustrating nature and  enormity of the SolarWinds hack. Early reports focussed on agencies like the US Departments of Treasury and Commerce, but the hack was much broader than that and we still don’t know precisely which systems may have been compromised and what data may have been taken. 

Digging out every possible compromise will take discretion and trust, the kind of qualities Krebs had been building up in his role and lost when he was abruptly shown the door. Krebs was fired from his role as the head of CISA following him publicly contesting Donald Trump's baseless claims of voter fraud in the election. 

For almost a year hackers have used SolarWinds software to spy on governments and business in the US, and around the world.

The Verge:      Business Insider:       Financial Times:        EMINETRA

You Might Also Read: 

Biden Selects His Cyber Team:

 

« Losses From Cyber Crime Exceed $1Trillion
Data Privacy & You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Cipher Security

Cipher Security

Cipher Security provides unique robustness tests and penetration tests, as well as customizable development services for vendors and providers.

Exein

Exein

Exein are on a mission to build the world’s first ecosystem for firmware security so that all different types of firmware are secure around the world.

PeopleSec

PeopleSec

PeopleSec specializes in the human element of cybersecurity with a comprehensive set of services designed to maximize your security by educating your workforce as a whole.

Cyber Security Courses

Cyber Security Courses

Cyber Security Courses was formed to help students in the UK find cyber security courses online.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

SecSign Technologies

SecSign Technologies

SecSign Technologies delivers user authentication, messaging, file sharing, and file storage with next generation security for company networks, websites, platforms, and devices.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

ATSG

ATSG

ATSG is a global leader in transformational technology solutions for today’s digital enterprise. Cybersecurity ranging from Advisory & Assessment to Fully Managed Detection and Response Services.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.