wazuh-agent-4.7.2-1.msi /q WAZUH_MANAGER=”167.172.6.98″ WAZUH_AGENT_GROUP=”Windows” WAZUH_AGENT_NAME=”Desktop-R8UQ69L” WAZUH_REGISTRATION_SERVER=”167.172.6.98″
The Cyber Guys: Are we going to have a catastrophic cyber event in 2024?
What would happen to the country if most of the internet went down for a day?
In January 2023, the World Economic Forum released a cybersecurity report that found 93% of cyber leaders, and 86% of cyber business leaders believe geopolitical instability makes a catastrophic cyber event likely in the next two years. Nation states may focus on cyber warfare to accomplish their objectives rather than kinetic alternatives.
With major wars going on in Gaza and Ukraine, that could look like an attack on critical infrastructure as a response to American policy in either region. On a small scale, this has already happened. In November the federal Cybersecurity and Infrastructure Security Agency revealed hackers had breached computers at “less than 10” water facilities in different parts of the United States. U.S. and Israeli authorities issued an advisory confirming that hackers had “accessed multiple U.S.-based” water facilities that operate Israeli-made equipment, likely by breaking into internet-connected devices with default passwords.
The U.S. and Israeli government agencies blamed hackers affiliated with the Islamic Revolutionary Guard Corps, a military branch of the Iranian government, for the activity.
In December the Jerusalem Post reported a significant cyberattack that impacted Israeli emergency services. Cyberattacks on critical infrastructure, such as emergency services, can result in response time delays, compromised communication systems, and even the loss of sensitive data. These attacks not only put lives at risk but also have far-reaching societal and economic implications.
The hacking goes both ways. A hacking group previously linked to Israel, known as “Gonjeshke Darande” or “predatory sparrow,” claims it took down 70% of the gas stations in Iran by gaining access to the payment systems.
But geopolitical instability is not the only threat in cyberspace. The WEF conducted cybersecurity scenario simulations in 2020 and 2021 called Cyber Polygon. In the 2020 exercise, it predicted the world would experience a “digital pandemic.” There could be a virus that mass-infects internet-connected devices similar to how the coronavirus mass-infected the physical world. In the case of a “digital pandemic,” the infection would spread so much faster the only answer might be to remove devices from the internet so they don’t get infected — effectively shutting down the internet for a time.
The 2021 Cyber Polygon exercise focused on an attack on third-party supply chains where major organizations were “collateral damage” of the attack. For example, in February 2022, a cyberattack on commercial satellite services in Ukraine caused electricity-generating wind farms to shut down across central Europe. In July 2021, supermarkets in Sweden were forced to close their doors after a cyberattack on IT services provider Kaseya, based in Florida.
But wait, there’s more! Cybercrime has become big business. Cybercrime is expected to grow from $3 trillion in 2015 to $10.5 trillion in 2025. Crime ranges from phishing emails looking for $100 Amazon gift cards, to social engineering of crypto wallets producing millions, to ransomware that affects small town business and huge multinational businesses alike.
As a business owner, what can you do to protect yourself? Are you doomed?
Of course not, you can set up a defense-in-depth strategy to protect your data. Change the default passwords on all your devices. Use good password hygiene. Set up multi-factor authentication on your systems wherever you can. Back up your data. Implement application whitelisting that allows only approved applications to run. Train your employees how to identify malware and social engineering schemes. Have a Business Associate agreement in place. Create an incident response plan in case of a cyber incident and develop a disaster recovery plan in case you lose access to all your data.
If a catastrophic event does occur in 2024, you can survive and thrive if you properly prepare. Want to learn how? Ask the Cyber Guys from CyberEye.
JOURNEY TOWARDS SECURITY
Stay secure while preparing for the new year
The new year is upon us!
Whether you are posting pictures from the holidays on social media, creating a new year budget, or setting up that gifted smart TV, cybercriminals are finding ways to sneak their scams into these exciting times. As you take on whatever the new year throws at you, make sure your journey includes staying cyber secure.
There are many resources and programs online you can use to help accomplish fitness and health goals. When searching for gyms, workout plans, or healthy recipes, watch out for scams. Some of these scams are nothing more than misleading ads, while others result in no product being delivered at all. Be wary of any pills, diets, or programs that promise immediate results.
The new year is a great time to look at finances. With the rise of online shopping, it can be difficult to keep track of purchases. Set a routine to check your transactions on debit and credit cards and look for any suspicious charges you didn’t make. Many people are using budgeting apps. Make sure to read reviews and research the app before downloading or entering your personal information on it. Avoid entering your banking information on unknown apps.
Online surveys may seem like an easy way to make money, but it is important to do your research before participating. Many of these sites are scams. If the money offered seems too high or if a reward is offered just for signing up, it is likely a scam. Be careful with your personal information. Read the privacy policy and leave the survey immediately if the questions ask for sensitive information.
Costco or Walmart
Where do you prefer to shop? Walmart is easy to get in and out. Usually without even the slightest interaction. Costco on the other hand is different. You need to have a membership card first. No card, no access.
Your computer security is similar. Generally speaking the security you are using is either the Walmart model or the Costco model. If you chose Walmart, malware can get in and out without you ever knowing. Sadly though, you are never offered the option for the Costco security model. Except here at Cybereye. Give us a call so we can tell you how it works and so you can have the peace of mind our customers rave about.
In the year 1209 the Cathars were besieged at Carcassonne in southern France. The Cathars were a religious group branded heretical by the Pope. Within the heavily fortified city the Cathars were protected but vulnerable to a supply chain attack.
The Castle Comtal within the fortified city in France’s Aude department, stands as a monumental testament to medieval military architecture and strategy. One of the most distinctive features of this castle is its portcullis with two independently controlled gates. This engineering marvel serves as an apt metaphor for the need to separate your Information Technology (IT) and Cybersecurity teams.
The Portcullis at Carcassonne
The fortified city of Carcassonne has a complex defensive system that has stood the test of time. One of its remarkable features is the portcullis, a heavy grilled door that could be dropped or raised to secure the castle’s entrance. But what sets Carcassonne’s portcullis apart is its two independently controlled gates. This means that even if one gate were compromised, the other could remain secure, providing an additional layer of defense.
Separating IT and Cybersecurity Teams: A Modern-Day Portcullis
In modern organizations, the IT and Cybersecurity teams often have different mandates but overlapping responsibilities. The IT team is generally responsible for managing the hardware, software, and networks that keep the company running. In security terms this is called “Availability”. The Cybersecurity team, on the other hand, focuses mainly on protecting the “Confidentiality” (controlling who can see what), and the “Integrity” (who can change what).
Much like the dual gates of Carcassonne’s portcullis, these teams should operate independently but in tandem. A Change Board approves software installations and updates; The Cybersecurity team updates the allow policies and the IT team implements the changes.
Advantages of Separation
1. **Focused Expertise**: Specializing allows each team to become experts in their area, leading to better performance and problem-solving.
2. **Risk Mitigation**: Separating the approval and installation of software makes it almost impossible for a disgruntled employee to wreak havoc.
3. **Checks and Balances**: Independent operations allow for internal checks, reducing the likelihood of systemic failures and oversights.
The Harmony of Independence and Interdependence
While it’s crucial for these teams to operate independently, they should not work in silos. Much like the independent but harmoniously functioning gates of Carcassonne, IT and Cybersecurity teams should have protocols for secure communication and collaboration. For instance, while the IT team may be responsible for implementing a new software platform, the Cybersecurity team should be involved in assessing its security features and updating the allow policies.
Conclusion
The dual-gate portcullis at the Castle at Carcassonne serves as a timeless symbol of defense in depth. In a world where cyber threats are increasingly sophisticated, the need for separate but coordinated IT and Cybersecurity teams has never been greater. By learning from the past and applying its lessons to the present, your company can fortify your castle against the ever-evolving challenges facing you.