Guest Editorial by Dr. Brian Gant, Assistant Professor of Cybersecurity at Maryville University
It turns out that an effective way for hackers to infiltrate networks is not by targeting those networks directly but by targeting cybersecurity tools on the edges of those networks designed to protect them.
This was shown recently when the cybersecurity firm Mandiant, now owned by Google, reported that for the past year, suspected Chinese state-sponsored hackers have been using this indirect method of cyber espionage for hacking into networks while avoiding detection.
As with each new major cybersecurity incident, this points to some important issues and risks that both the general public and IT and cybersecurity professionals in particular, need to become more aware of to better protect themselves and the organizations they work for.
Let’s first look at why this latest tactic can be difficult to detect. One reason involves the common perception that hackers usually target networks directly.
Most organizations recognize this as a risk and depending on their available resources and budget, they’ll devote at least some resources toward protecting their networks. This can be through an in-house team of cybersecurity professionals, outsourcing to third-party vendors, or a combination of both.
However, a risk that’s less widely recognized by both the public and even IT professionals is the way that hackers can indirectly access networks by targeting the very tools designed to protect those networks, tools designed by companies such as VMware, Citrix Systems, SonicWall, and Fortinet.
Since organizations tend not to monitor their security tools as closely as their networks, compromises can go undetected for a long time. Combined with this, even though these tools are designed to protect networks, the tools themselves are often inadequately protected and vulnerable.
Unfortunately, once hackers compromise these security tools, they can use them as peripheral gateways into networks.
With high-profile events such as the Colonial Pipeline ransomware incident, the motive of the hackers was profit-oriented. Still, with this latest string of intrusions, that is not necessarily the case.
(See how the Colonial Pipeline cyberattack caused a major blow to the gasoline industry in the southern and eastern parts of the United States, but it also showed how vulnerable the US energy grid is to more attacks in the future. Courtesy of CNET and YouTube.)
These state-sponsored actors are likely after any kinds of new technology, research, and information they could use now or in the future to benefit the state sponsoring their activities, most likely China.
Sometimes it’s not necessarily out of a motive to actively harm or dominate so much as wanting just to assert their presence and relevance on the world stage. But regardless of the reason, organizations need to protect themselves.
It’s easy to get desensitized to news about cyber intrusions and data breaches due to how many there have been in recent years. However, the significance of this latest development is that it suggests the scale of China’s breach of U.S. organizations may be more serious than previously realized.
This is partly because of the aforementioned way that this method of cyber espionage can be difficult to detect. It took this long to figure out that this has been happening, which suggests there may be more of it going on than has been uncovered.
This should be very concerning to organizational leaders, IT and security professionals, and the general public alike.
There are many reasons why the public should be concerned and why IT and cybersecurity professionals should help them understand these reasons. Cybercrime impacts everyone at multiple levels simultaneously: themselves as individuals, the organizations they work for, and society as a whole.
The same method of indirect infiltration that these state-sponsored hackers have been using can also be used on small businesses and individuals.
These Chinese espionage groups are also known to target at least 39 different industries. Many of these are linked to the 16 critical infrastructures in the U.S. that make everything we do at almost every minute of our day possible.
This is why it would be beneficial for organizations to invest more in developing an overall security awareness culture to help their employees understand these risks and to habituate them to certain basic practices and precautions that protect both the organization and themselves.
Organizations must also do their due diligence regarding whether any third-party vendors they work with adequately protect themselves.
Despite how obvious this may seem, I am continually surprised at how unaware these many organizational leaders, and even the IT professionals who work for them, can be and how lax they are about verifying that the security firms they work with are securing their tools.
After all, how can a cybersecurity firm protect your organization if they don’t protect itself? This is a major reason why these recent cyber attacks happened in the first place.
Likewise, it’s extremely important to have good device and asset management practices: knowing what’s in your network, how many Windows machines you have, how many Linux machines you have, and which departments and persons own those machines.
It’s common for vulnerabilities to be allowed to persist, allowing Advanced Persistent Threat groups ample opportunities to exploit those vulnerabilities. Often, these vulnerabilities are allowed to persist even if administrators are aware of them and even if they have the patches for them, simply because they don’t know who the owner of the compromised devices in question are.
Other times, even if they know who the owners are, the organization may not have sufficient resources, manpower, or skill level of their personnel to employ the fix.
Finally, organizations across all industries need to be more proactive and vigilant about immediately sharing information whenever there’s an indication of a compromise.
Unfortunately, despite ISACs (Information Sharing and Analysis Centers), many organizations neglect to share information about possible cybersecurity compromises with the ISACs of their industries and/or law enforcement.
This can be for a variety of reasons but frankly, whatever those reasons are, organizations need to do it and understand that it hurts everyone when they don’t, including themselves.
Rather than being attributable to a single cause, this latest string of cyber espionage is likely a result of a combination of the reasons I’ve mentioned.
But whether it’s lack of awareness, poor asset and device management, insufficient resources and personnel, working with cybersecurity firms that don’t adequately protect themselves, or neglecting to share information—the result is that organizations across a wide range of industries have become increasingly vulnerable to stealthier and more sophisticated methods of cyber espionage.
Solving the problem will, therefore, also require a combined and comprehensive approach to being more proactive and less reactive in the ways described.
About the Author
Dr. Brian Gant, an accomplished information technology, cybersecurity, and critical infrastructure educator and researcher, is an Assistant Professor & Program Coordinate of Undergraduate Cybersecurity Programs at Maryville University.
Dr. Gant brings more than 15 years of teaching experience into his practice. He is a 2003 alumnus of Maryville and continues to serve in various capacities across campus.
Dr. Gant is dedicated to practical instruction and allowing his students to think abstractly about complex problems which require multilayered approaches. His instruction is hands-on, allowing his students to learn at different levels and communicate with each other as future cybersecurity leaders.
American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now entering its Eighth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
Active shooter incidents are often unpredictable and evolve quickly.
Amid chaos, anyone can play an integral role in mitigating the impacts of an active shooter incident. DHS aims to enhance preparedness through a “whole community” approach by providing products, tools, and resources to help you prepare for and respond to an active shooter incident.
(For example, CISA’s “Active Shooter Preparedness: School Security and Resilience” video provides information geared towards educators, school resource officers, and school administrators who serve in important roles in safeguarding schools. Courtesy of CISA and YouTube.)
(The DHS Active Shooter PowerPoint Presentation and Webinar video is used by DHS-qualified subject-matter experts as a visual reference to guide critical infrastructure owners and operators with a better understanding of developing an organization’s emergency action plan. Courtesy of CISA and YouTube.)
Using a vehicle as a weapon in a terrorist attack is not new.
Recent terrorist incidents and violent extremist propaganda demonstrate that using vehicles as a weapon continues to be of interest to those wishing to cause harm.
(Learn More. The FBI, DHS, and TSA—in coordination with the Truck Renting and Leasing Association and the American Car Rental Association—have released a short training video to help vehicle rental employees identify suspicious activities and behavior by customers who may wish to use a rented vehicle for nefarious purposes. Courtesy of the FBI – Federal Bureau of Investigation and YouTube. Posted on Aug 3, 2022.)
Nitin Natarajan was appointed to serve as the Deputy Director for CISA on February 16, 2021. Before joining CISA in February 2021, Natarajan served in various public and private sector positions spanning over 30 years.
Most recently, he served as an executive at consulting firms providing subject matter expertise on a number of topics, including IT, cybersecurity, homeland, and national security, critical infrastructure protection, environmental emergency management, continuity of operations, and health security matters.
Natarajan also held several federal government roles, including serving as the Deputy Assistant Administrator for the Office of Land and Emergency Management at the U.S. Environmental Protection Agency, the Director of Critical Infrastructure Policy at the White House/National Security Council, and the Director at the U.S. Health and Human Services overseeing their critical infrastructure, continuity of operations (COOP), and medical logistics programs.
Prior to serving in the federal government, Natarajan served in positions at the state/local government level and served as a hospital administrator.
Natarajan started his career spending 13 years as a first responder in New York including service as a flight paramedic. He was the Commander of a federal medical response team, based in New York, and has extensive experience deploying to natural and man-made disasters throughout the nation.
He holds an undergraduate degree from the State University of New York and a graduate degree from the United States Naval Postgraduate School.
(Hear from Nitin Natarajan to learn more about the Cybersecurity and Infrastructure Security Agency (CISA) is an operational component of the Department of Homeland Security (DHS). Under the leadership of Director Jen Easterly, CISA works to understand, manage, and mitigate risk to the nation’s cyber and physical infrastructure in the public and private sectors. Their virtual mini-Industry Day events allow CISA and industry leaders to have meaningful discussions about cybersecurity, infrastructure, risk management, and communications capabilities, challenges, and technologies, as well as future business opportunities. Courtesy of CISA and YouTube.)
In response to the 1995 domestic terror bombing at the Oklahoma City Alfred P. Murrah Federal Building, the Interagency Security Committee was created and, with collaboration, establishes policies, monitors compliance, and enhances the security and protection of Federal Facilities.
(2020 marked the 25th Anniversary of the Interagency Security Committee. On October 19, 1995, six months after the Oklahoma City bombing of the Alfred P. Murrah Federal Building, Executive Order 12977 created the Interagency Security Committee to address continuing government-wide security for federal facilities. Courtesy of CISA and YouTube.)
With growing recognition among the Federal security community that a “one-size-fits-all” approach is no longer acceptable, the ISC’s Risk Management Process has become the standard for physical security within the federal government.
Realizing the need to educate security personnel, the ISC RMP Training Program was formed. The ISC RMP is the first training program recognized and certified by the ISC to train federal security professionals in the ISC Risk Management Process.
This is done through collaborative exercises and hands-on interactive instruction based on an Instructional Systems Design, a nationally recognized process.
The Risk Management Process and Facility Security Committee Training Course awards Continuing Education Units is offered at no cost to participants and provides an understanding of the ISC Risk Management Process Standard, and the roles and responsibilities of Facility Security Committees.
To learn more about the ISC RMP Training and how to register, please visit www.cisa.gov/interagency-security-committee-training.
The continually evolving ‘ASTORS’ Awards Program will highlight the trail of Accomplished Women in Leadership in 2023 and the Significance and Positive Impact of Advancing Diversity and Inclusion in our Next Generation of Government and Industry Leaders. #MentorshipMatters
So be on the lookout for exciting upcoming announcements of Speakers, Presenters, Book Signing Opportunities, and Attendees at the 2023 ‘ASTORS’ Awards Presentation Luncheon in November of 2023 in New York City!
Nominations are currently being accepted for the 2023 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.
|Access Control/ Identification||Personal/Protective Equipment||Law Enforcement Counter Terrorism|
|Perimeter Barrier/ Deterrent System||Interagency Interdiction Operation||Cloud Computing/Storage Solution|
|Facial/IRIS Recognition||Body Worn Video Product||Cyber Security|
|Video Surveillance/VMS||Mobile Technology||Anti-Malware|
|Audio Analytics||Disaster Preparedness||ID Management|
|Thermal/Infrared Camera||Mass Notification System||Fire & Safety|
|Metal/Weapon Detection||Rescue Operations||Critical Infrastructure|
|License Plate Recognition||Detection Products||COVID Innovations|
|Workforce Management||Government Security Programs||And Many Others to Choose From!|
Submit your category recommendation for consideration to Michael Madsen, AST Publisher, at: email@example.com.
These challenges have become a national priority with an influx of investments in innovative new technologies and systems.
Enter American Security Today, the #1 publication and media platform in the Government Security and Homeland Security fields, with a circulation of over 75,000 readers and many tens of thousands more who visit our AST website at www.americansecuritytoday.com each month.
The 2022 exclusive sold-out ‘ASTORS’ luncheon featured representatives of law enforcement, public safety, and industry leaders who came together to honor the selfless service of those who stand on the front lines and those who stand beside them – providing the capabilities and technologies to create a safer world for generations to come.
Last year marked the 20th anniversary of the Department of Homeland Security (DHS), which came out in force to discuss comprehensive collaborations between private and public sectors that have led to the development of intelligence and technologies which serve to protect our nation.
The keynote address was provided by U.S. Customs and Border Protection (CBP) Office of Field Operations (OFO) Deputy Executive Assistant Commissioner (DEAC) Diane Sabatino, who described the changes to CBP through the tragedy of 9/11 and the relentless commitment to its mission and ongoing investment in the latest technologies and innovations to protect our borders and Homeland.
The resounding theme of the DEAC’s remarks was her pride in the women and men of the CBP and their families who support them.
AST was also joined by Legendary Police Commissioner William Bratton, who spoke about his love for the City of New York, the Profession of law enforcement to which he has dedicated his life, and for which he continues to drive thought leadership and innovation.
New York City Police Department (NYPD) Chief of Department Kenneth Corey, came out to address Luncheon attendees and shared some of his experiences and the changes in policing he’s witnessed over his more than three decades of service.
FDNY Chief Joseph Jardin honored the men and women of the FDNY, not only those who currently serve but all of those who have selflessly served, with special recognition of those lost on 9/11.
Chief Jardin spoke about the continuing health battle of many following 9/11 with cancer and respiratory disease, yet now knowing the full consequences, would not have made a different decision to respond.
As Chief Jardin noted, mission-driven service is the lifeblood of every firefighter, volunteer, and sworn member, and has been so throughout the history of the Fire Service.
Former head of the FBI’s active shooter program, Katherine Schweit joined AST to sign complimentary copies of her book, ‘STOP THE KILLING: How to End the Mass Shooting Crisis,’ thanks to the generosity of our 2022 ‘ASTORS’ Awards Sponsors.
We were pleased to welcome the esteemed New York City Fire Department (FDNY); the New York City Police Department (NYPD); and the NYC Hospital Police, as well as Executive Management from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and many other DHS agencies, Federal law enforcement agencies, and private/public partnerships such as the National Association of Women Law Enforcement Executives (NAWLEE), the 30×30 Initiative, a coalition of professionals advancing the representation of women in policing; and Operation Lifesaver, Inc. (OLI) (rail safety advocates).
The prestigious Annual ‘ASTORS’ Homeland Security Awards Program highlights the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition and keep our Nation safe – one facility, street, and city at a time.
In 2022 over 240 distinguished guests representing Federal, State, and Local Governments, and Industry Leading Corporate Firms gathered from across North America, Europe, and the Middle East to be honored among their peers in their respective fields.
Each year, to keep our communities safe and secure, security dealers, installers, integrators, and consultants, along with corporate, government, and law enforcement/first responder practitioners, convene in New York City to network, learn and evaluate the latest technologies and solutions from premier exhibiting brands at ISC East, the Natural Disaster & Emergency Management Expo (NDEM EXPO), and the ASIS NYC Expo.
ISC East is the Northeast’s leading security & public safety event, hosted in collaboration with sponsor Security Industry Association (SIA) and in partnership with ASIS NYC.
Corporate firms, the majority of which return year to year to build upon their Legacy of Wins, include:
Advanced Detection Technologies, AMAROK, ATI Systems, Axis Communications, Automatic Systems, BriefCam, Canon U.S.A., Cellbusters, CornellCookson, CyberArk Fortior Solutions, guardDog.ai, Hanwha Techwin of America, High Rise Escape Systems, IPVideo Corporation, Konica Minolta Business Solutions, NEC National Security Systems, NICE Public Safety, OnSolve, PureTech Systems, Quantum Corporation, Rave Mobile Safety, Regroup Mass Notification, Robotic Assistance Devices, Rajant Corporation, SafeLogic, Select Engineering Services LLC, Singlewire Software, SolarWinds Worldwide, Teledyne FLIR, Valor Systems, and West Virginia American Access Control Systems, just to name a few!
The traditional security marketplace has long been covered by a host of publications putting forward the old-school basics to what is Today – a fast-changing security landscape.
American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State, and local levels of government as well as firms allied to the government.
American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers’ eyes throughout the story with cutting-edge editorial that provides solutions to their challenges.
AST Digital Publications are distributed to over 75,000 qualified government and homeland security professionals, in federal, state, local, and private security sectors.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches both Private & Public Experts, essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture, and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from Government at the federal, state, and local levels as well as from private firms allied to the government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website, and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.
The Annual CHAMPIONS edition reviews ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firm’s products and services, including video interviews and more.
The 2022 CHAMPIONS serves as your Go-To Source through the year for ‘The Best of 2022 Products and Services‘ endorsed by American Security Today – and can satisfy your agency’s and/or organization’s most pressing Homeland Security and Public Safety needs.
From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection, and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware, and Networking Security – to name a few), the 2022 ‘ASTORS’ CHAMPIONS EDITION has what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.
It also features guest editorial pieces from some of the security industry’s most respected leaders and recognized firms in the 2022 ‘ASTORS’ Awards Program.
For more information on All Things American Security Today, as well as the 2023 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at firstname.lastname@example.org.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos
Subscribe to the AST Daily News Alert Here.
Highlighting CISA & NIST’s Efforts Under EO 14028: Standards & Security
Click Here For The Original Source.