ArchiveOODA Original

Mitigating Cyber Risk In An Age of Continuous Crisis

In early May we began a discussion with our OODA Network members that started with an observation. About six months prior we had been through the Solar Winds attack, which from our perspective was clearly one of the most damaging attacks/espionage operations in history. Soon after that, the attack series named Hafnium by Microsoft was revealed. Hafnium had started as espionage but then turned into a Gold Rush of criminal activity, one of the worst attacks in history. Then the Codecov attack hit.  This is a widely used tool for software developers that is used for managing continuous integration and continuous deployment of code. Turns out some nation state level actor modified this tool so that all code that was used by it was also copied off and sent to the bad actor. It was brilliant and absolutely one of the worst in history.

The discussion we had in early May was, since we are now getting something we could call the worst attack in history every 2 months, what can we expect next? Could the rate accelerate even more?

Since then there was the Colonial Pipeline attack, of course. Not necessarily a sophisticated actor but a new business model and good code, causing one of the worst attacks in history. It was followed by many other major ransomware attacks and then a major Microsoft announcement of an attack dubbed “PrintNightmare” which was also, clearly, one of the worst in history. Three days later an attack on an IT management software package named Kaseya (which is used by many IT and security providers) was revealed. This one is also huge, clearly one of the worst in history. The rate of new massive attacks is clearly accelerating.

We are not oblivious to the many good and positive things occurring in the cybersecurity community. But all of us should understand that some things just don’t cause real world results. Other things may be directionally correct by have very little impact (like the new cyber Executive Order, and the Biden-Putin summit where cyber was discussed).

Point of all this:

If you are a business leader, do not expect anyone is going to save you from this. Take responsibility for building your own secure infrastructure and defend your business. This is why we thought of the quote from Paul Carus’s 1894 book “Karma: A Story of Buddhist Ethics” (often misattributed to Buddha):

“No one saves us but ourselves. No one can and no one may. We ourselves must walk the path.“

 

If you are in government, we empathize and know how hard your job is. Please do keep making directionally correct moves, but understand we do not believe you will really help stop these attacks. Just going off of 40 years of observations here. Please try to prove us wrong and do what you can. And keep helping assess situations and provide helpful advice where you can, you (especially CISA and NSA) are doing great at that.

All of us should implement a zero-trust architecture. We tell you how here: The New Enterprise Architecture is Zero Trust

Everyone should understand the new ransomware threat. We tell you how here: Ransomware, and update on the nature of the threat.

Do a quick review of priority controls designed to mitigate malicious code like ransomware. We tell you how here at: The Executive’s Guide to Mitigating The Ransomware Threat.

If you are not already on distribution for our Daily Pulse do so now. This will help you track the interrelated connections between geopolitical events, technological developments, cyber risks and opportunities.

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage

This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking

COVID-19 Sensemaking: What is next for business and governments

From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page.

Space Sensemaking: What does your business need to know now

A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Bob Gourley

Bob Gourley

Bob Gourley is the co-founder and Chief Technology Officer (CTO) of OODA LLC, the technology research and advisory firm with a focus on artificial intelligence and cybersecurity which publishes OODALoop.com and CTOvision.com. Bob is the author of the book The Cyber Threat. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.