20 Sep 2019

Key Senate Panel Approves $250 Million for Election Security

The US Senate Appropriations Committee on Thursday approved $250 million in funding for election security at the state level. Democratic Senator Patrick Leahy, the ranking member of the Appropriations Committee, stated that “funding election security grants is a matter of national security.” Republican Senate Majority Leader Mitch McConnell had initially

Read More
19 Sep 2019

Russia carried out a ‘stunning’ breach of FBI communications system, escalating the spy game on US soil

In 2016, Russian officials managed to breach the FBI communications system in a way that seriously undermined the bureau’s ability to track Russian spies in the US and prompted the FBI and the CIA to break off communications with certain assets out of fear they could otherwise be compromised by

Read More
19 Sep 2019

The Air Force Will Let Hackers Try to Hijack an Orbiting Satellite

The US Air Force wants to let hackers attempt to take over a satellite at next year’s Defcon cybersecurity conference in Las Vegas. This year, the Air Force let infosec experts at the conference have a go at an F-15 fighter-jet data system. Because the hackers exposed several severe vulnerabilities,

Read More
17 Sep 2019

Deception Needs to be an Essential Element of Your Cyber Defense Strategy

In the cyber defense community, we talk about a wide-range of risk mitigating technologies, strategies, and activities.  We talk about attacker deterrence and increasing costs for the attacker.  We invest in endpoint agents, threat intelligence, DLM, and other mitigating technologies on a daily basis.

Here’s why one of the most compelling emerging use cases for increasing attacker costs is through the use of deception.

Read More
10 Sep 2019

Mitigating Risks To America’s Cognitive Infrastructure

This is the second of a series on our nation’s most neglected critical infrastructure, our cognitive infrastructure. The first post dove into the nature of the challenge and why it is so important for our future that the threats to our cognitive infrastructure are understood and addressed. This post flows from that one and suggests ways the nation can mitigate many of these risks.

Read More
09 Sep 2019

Should social media organizations be subject to strict privacy regulation?

Four out of five (80%) IT security professionals believe that governments should introduce new security and privacy legislation, and they feel this is particularly true for legislation dealing with the data collection and storage practices of social media companies. However, the vast majority (82%) of respondents said that lawmakers have

Read More
06 Sep 2019

Most citizens are against local governments paying ransomware attackers

Three in four (75%) US taxpayers are worried out ransomware threats to their private data and 80% are worried about how the threat impacts local governments, a new survey by Morning Consult and IBM shows. Around 60% of respondents don’t want targeted government entities to pay ransomware actors, and over

Read More
05 Sep 2019

US Lawmakers Propose Bill to Fortify Federal Cybersecurity

US lawmakers will introduce the Advancing Cybersecurity Diagnostics and Mitigation Act to the US House of Representatives this week. The law aims to bolster the government’s cybersecurity program by providing state, local, and tribal governments with access to the Continuous Diagnostics and Mitigation (CDM) program that has been in use

Read More
03 Sep 2019

America’s Most Critical Infrastructure is also Our Most Neglected Infrastructure

This special report is the first of a two-part series designed to both inform OODA members on the nature of challenges to our nation’s most critical infrastructure and provide recommendations for action that can mitigate these challenges. Our thesis is that America’s most critical infrastructure is our cognitive infrastructure. This is also the most attacked and least defended. In short, our most important critical infrastructure is also our most neglected infrastructure.

Read More
30 Aug 2019

US Cyberattack Hurt Iran’s Ability to Target Oil Tankers, Officials Say

In June of this year, US security experts destroyed a database used by Iran’s Islamic Revolutionary Guards Corps (IRGC) to plan attacks against international oil tankers in the Persian Gulf, US officials told The New York Times earlier this week. They claim the cyberattack significantly undermined the IRGC’s efforts to

Read More