Thoughts, Musings, and Other Items from the Worlds of Infosec, ICS, and Beyond

The Unbearable Frequency of PewPew Maps

I recently made a joke online relative to a major – and very respected, if geopolitically controversial – security company advertising its revised “Cyberthreat Real-Time Map”. As many members of the security community are aware, “threat maps” – referred to derisively as “pewpew” maps – are heavy on eye-candy but very light on use or value. Yet pewpew maps – such as that featured by now-defunct security company Norse (pictured below) – remain prominent in Read more…

By Joe, ago

The Call is Coming from Inside the House

2020 has already been a WILD year to say the least – opening with the assassination of Qasem Soleimani, proceeding through multiple ecological crisis, and continuing with a historical pandemic (and all its implications for information security), we live in very interesting times indeed.  And yet, we’ve only just begun! An even greater event lies in our future with all sorts of possibilities for disinformation, disruption, and unrest: the 2020 US Presidential Election. After the Read more…

By Joe, ago

Driving Discord through Disinformation and Disruption

My country, the United States, has experienced days of disruption and discord not witnessed since the late 1960s across multiple municipalities and regions. Adequately parsing and analyzing these events, their motivations, and what lasting impacts they may have will be the work for others. Instead, these chaotic events identify a concrete opportunity and example of a phenomena previously discussed, cheekily referred to as being “kicked while down” – where an adversary takes advantage of conditions Read more…

By Joe, ago

Transforming the Threat Landscape and Avoiding Blind Spots

Two recent articles appeared concerning possible implications of or prompts for the 01 May 2020 Executive Order on the US electric system. Notably, the Executive Order was quickly followed by a US Department of Commerce investigation into the supply of electrical transformers. While the latter would appear related to typical trade concerns under the cloak of national security (an observation supported by initial media and industry reactions), subsequent media reporting would indicate security concerns might Read more…

By Joe, ago

Silos of Excellence

A new Twitter account appeared on 27 May 2020 for “NSA Cyber”, claiming the following: “Welcome to the intersection of threat intel, vulnerability analysis, and technical expertise! All to better equip you against malicious #cyber activity.” This was a very interesting development, and a separate effort from the US National Security Agency/Central Security Service (NSA/CSS) “official” or main Twitter account. Designed as an outlet specific for the NSA’s relatively new Cybersecurity Directorate, the account quickly Read more…

By Joe, ago

The Opportunistic Adversary and the Pressure of Events

Since the COVID-19 pandemic began to spread throughout much of the world, I’ve covered how this slowly unfolding catastrophe will impact the business climate of information security, why cost-saving reductions in network defense may be deeply undesirable, and how responses to certain actions in a pandemic landscape will be difficult to say the least. One perspective missing, although it has been hinted at in some of the above items, is that of the cyber adversary Read more…

By Joe, ago

Security in a Time of Austerity

The steadily unfolding COVID-19 pandemic continues to unleash chaos and uncertainty in tandem with the disease’s impacts on human health. In just the past few days, total US new unemployment numbers for the past two weeks increased by over 10 million people, the price of crude oil continues to crash, and global travel numbers have collapsed. All of these items are fueled by the unprecedented collapse – or outright disappearance – of consumer demand as Read more…

By Joe, ago

Articulating Response to Adversary Actions in a Self-Inflicted Crisis

The obvious story as of this writing is the slow-motion catastrophe of the novel coronavirus referred to as COVID19. While the medical struggle around this pathogen is harrowing and full of heroes (and villians), another struggle has emerged more in line with the political and economic consequences of this disease. Specifically, multiple entities detected disinformation campaigns surrounding COVID19, with sources attributing some of this activity to Russia, and other activity to the People’s Republic of Read more…

By Joe, ago

Cyber Security in an Era of Crisis

At the time of this writing, times are weird and they are only going to get weirder. Since initial identification in China in late 2019, the novel coronavirus COVID-19 has swept through most of the world. From prompting the virtual lockdown of hundreds of millions for weeks in China through the harrowing stories emerging of overwhelmed hospitals in Lombardy, the pandemic has uprooted lives and disrupted rhythms across the globe. In conjunction with medical and Read more…

By Joe, ago

Getting the Story Right, and Why It Matters

The realm of computer security incidents and events draws increasing amounts of attention, not only from specialists and key decision-makers within the field but also “lay” (or non-technical) audiences. As a result of such increasing desire to know about and understand events in this field, researchers as well as journalists publishing public material must take care to ensure accuracy in communication while at the same time balancing this with accessibility. Getting lost in technical jargon Read more…

By Joe, ago