Thoughts, Musings, and Other Items from the Worlds of Infosec, ICS, and Beyond

Silos of Excellence

A new Twitter account appeared on 27 May 2020 for “NSA Cyber”, claiming the following: “Welcome to the intersection of threat intel, vulnerability analysis, and technical expertise! All to better equip you against malicious #cyber activity.” This was a very interesting development, and a separate effort from the US National Security Agency/Central Security Service (NSA/CSS) “official” or main Twitter account. Designed as an outlet specific for the NSA’s relatively new Cybersecurity Directorate, the account quickly Read more

By Joe, ago

The Opportunistic Adversary and the Pressure of Events

Since the COVID-19 pandemic began to spread throughout much of the world, I’ve covered how this slowly unfolding catastrophe will impact the business climate of information security, why cost-saving reductions in network defense may be deeply undesirable, and how responses to certain actions in a pandemic landscape will be difficult to say the least. One perspective missing, although it has been hinted at in some of the above items, is that of the cyber adversary Read more

By Joe, ago

Security in a Time of Austerity

The steadily unfolding COVID-19 pandemic continues to unleash chaos and uncertainty in tandem with the disease’s impacts on human health. In just the past few days, total US new unemployment numbers for the past two weeks increased by over 10 million people, the price of crude oil continues to crash, and global travel numbers have collapsed. All of these items are fueled by the unprecedented collapse – or outright disappearance – of consumer demand as Read more

By Joe, ago

Articulating Response to Adversary Actions in a Self-Inflicted Crisis

The obvious story as of this writing is the slow-motion catastrophe of the novel coronavirus referred to as COVID19. While the medical struggle around this pathogen is harrowing and full of heroes (and villians), another struggle has emerged more in line with the political and economic consequences of this disease. Specifically, multiple entities detected disinformation campaigns surrounding COVID19, with sources attributing some of this activity to Russia, and other activity to the People’s Republic of Read more

By Joe, ago

Cyber Security in an Era of Crisis

At the time of this writing, times are weird and they are only going to get weirder. Since initial identification in China in late 2019, the novel coronavirus COVID-19 has swept through most of the world. From prompting the virtual lockdown of hundreds of millions for weeks in China through the harrowing stories emerging of overwhelmed hospitals in Lombardy, the pandemic has uprooted lives and disrupted rhythms across the globe. In conjunction with medical and Read more

By Joe, ago

Getting the Story Right, and Why It Matters

The realm of computer security incidents and events draws increasing amounts of attention, not only from specialists and key decision-makers within the field but also “lay” (or non-technical) audiences. As a result of such increasing desire to know about and understand events in this field, researchers as well as journalists publishing public material must take care to ensure accuracy in communication while at the same time balancing this with accessibility. Getting lost in technical jargon Read more

By Joe, ago

Assassination, Retaliation, and Implications

Late 02 January 2020 (US Eastern time), the United States launched a strike outside Baghdad airport killing Qasem Soleimani, Iranian general and leader of the paramilitary Qods Force. General Soleimani was a despicable person responsible for promoting conflict and prolonging strife in various areas of the Middle East (among other locations), and his passing should not be mourned. Yet the manner in which his assassination took place and its repercussions are quite interesting, both for Read more

By Joe, ago

Security Externalities and the Undefended Victim

Throughout the roiling (and often tiring) discussion over the release and disclosure of “offensive security tools” (OST – previously addressed here), one disadvantage is constantly referenced to show the harm of publicly-available hacking tools and techniques. Put most simply, individuals cite how many organizations either have little or no security expertise, tooling, or personnel. Therefore, arguments that publicly available tools and techniques can improve security are irrelevant for nearly all small and many medium-sized organizations Read more

By Joe, ago

The False Choice of Penetration Testing Tools

As of this writing (late December 2019), an argument has continued through multiple social media formats on the value (or harm) created by “offensive security tools” (OSTs). As with most discussions taking place online, the discourse – rooted in an originating, absolutist blog post – has rapidly devolved into rival camps that equate essentially into “yay” or “boo” choruses with respect to security testing tools and software. While such crowing from the rooftops afforded by Read more

By Joe, ago

Force Multiplication through Standardization and Communication

I recently watched a documentary about the Supermarine Spitfire – Spitfire: The Plane that Saved the World – one of the iconic airframes not only of the Second World War, but of military aviation from its start to the present. In addition to the documentary’s interviews with surviving Spitfire pilots and use of archival footage, the film also noted two critical items enabling the Spitfire’s success: the Rolls Royce Merlin engine and the Royal Air Read more

By Joe, ago