Rogue States Are Funding Stateless Hackers

Cyber-attacks are more likely to come from criminals funded by US enemies than from the enemies themselves, former National Security Agency director Mike Rogers said, speaking at the US  National Cyber Symposium in Colorado earlier this month

“Cyber criminals are a much bigger threat than nation-states.... some states are creating relationships with cyber criminals, giving them money, tools and targets. I suspect that will grow, and it won’t just be the Russians.”

Cyber-attacks will soon become a weapon, Rogers said, because of the growing number of internet-connected devices from cellphones and fitness trackers to thermostats and medical devices such as pacemakers. Rogers also warned that the Pentagon needs to change how it buys weapon systems to build in cyber security from the beginning and include funding for cyber updates and defensive “fixes,” since many systems have outdated cyber security protections by the time they are delivered. 

Rogers said that he is not concerned about a cyber “Pearl Harbor” or surprise attack on the US government or corporate computer networks because such an attack wouldn’t be a surprise, and governments and businesses have recovered more quickly from hackers than from natural disasters. 

He said he is more worried about breaches affecting health care information, because such data are widely shared and the devices measuring health data are multiplying. He added that  the NSA had “lost capabilities” due to leaked information by former contractor Edward Snowden. Those capabilities “had been publicly acknowledged and had to be shut down,” Rogers said. 

At a different conference session, John Chen, Executive Chairman and CEO of the telecoms company, BlackBerry, described how his company was headed for financial disaster when he arrived in 2013, with declining sales, dwindling cash and facing Chinese competitors who could sell similar devices for less than the cost of the parts for BlackBerry’s smartphones.

He said he had to slash costs so the company started to generate instead of burn through cash as competitors from China took advantage of lower costs to commoditixe the mobile phone market.  To come up with a new strategy, Chen said he refocused the company on privacy and security through software giving the company higher profit margins than selling consumer phones that were dropping in price.

The company made numerous acquisitions over the past six years as part of its new strategy, including its purchase late last year of antivirus software provider Cylance to add artificial intelligence capabilities to BlackBerry’s security products for internet-connected devices. 

Governing.com:      Image: Nick Youngson

You Might Also Read:

Cyber Security Threats Are Growing In 2019:

North Korea, WannaCry, Cyberattacks And Lazarus:

 

« Organised Social Media Manipulation
WEBINAR: How to perform a security investigation in AWS »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Asavie

Asavie

Asavie provide solutions for Enterprise Mobility Management and secure IoT Connectivity.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

GBT Technologies

GBT Technologies

GBT Technologies is a technology company focused on chip design and software to enable IoT, global mesh networks, and for applications relating to artificial intelligence.

IronClad Encryption (ICE)

IronClad Encryption (ICE)

Ironclad Encryption is Dynamic Encryption. The encryption sequence changes continuously so there is never a correlation between data sent and data received.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Third Wave Innovations

Third Wave Innovations

Third Wave Innovations (formerly RCS Secure) offers a full spectrum of cybersecurity safeguards and IT services.

RIIG Technology

RIIG Technology

Our mission is to empower organizations with high-quality, verifiable data and advanced intelligence solutions, ensuring robust security and effective risk management.