Use The Military To Attack Hackers

Chris Krebs the former US cyber security chief of Cyber and Infrastructure Security Agency (CISA) has says the US military should hit cyber criminal gangs that hack  organisations and governments. He has suggested that military cyber attackers could use ransomware to try to thwart gangsters by revealing personal information, a tactic known as doxing. 

“You have to chase the bad guys, and I’m not just talking about law enforcement.” Krebs said in an interview with the Financial Times. "You actually place a title 10 employee - civilians employed by the military - Deploy intelligence features, like Cyber Command. You send them a message directly, saying, “We know who you are, we will either quit or come after you using information warfare.” You expose them. There is something you can do."  

Krebs’ comments contradict the conventional way of thinking about establishing cybersecurity. Experts tend to warn businesses not to “hack” ransomware attackers. This is because it can be difficult to identify the enemies you are dealing with and their abilities. 

To understand the challenge facing CISA and the rest of the government, it helps to understand the frustrating nature and  enormity of the SolarWinds hack. Early reports focussed on agencies like the US Departments of Treasury and Commerce, but the hack was much broader than that and we still don’t know precisely which systems may have been compromised and what data may have been taken. 

Digging out every possible compromise will take discretion and trust, the kind of qualities Krebs had been building up in his role and lost when he was abruptly shown the door. Krebs was fired from his role as the head of CISA following him publicly contesting Donald Trump's baseless claims of voter fraud in the election. 

For almost a year hackers have used SolarWinds software to spy on governments and business in the US, and around the world.

The Verge:      Business Insider:       Financial Times:        EMINETRA

You Might Also Read: 

Biden Selects His Cyber Team:

 

« Losses From Cyber Crime Exceed $1Trillion
Data Privacy & You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

The Josef Group (TJG)

The Josef Group (TJG)

The Josef Group Inc. is a certified woman-owned permanent staffing agency specializing in Information Technology, Engineering, and US Government "cleared" IT candidates.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Fluency Security

Fluency Security

Fluency is the only Security Analytics & Orchestration (SAO) solution that automates correlation, detection, validation and ongoing tracking.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

CyRise

CyRise

CyRise is a venture accelerator focused squarely on early stage cyber security startups.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

TechRate

TechRate

Techrate is an analytics agency focused on blockchain technology and engineering. Or expertise includes security and technical audits of projects.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

PreVeil

PreVeil

We started PreVeil to bring radically better security to ordinary business and personal communication and information storage.

Chorus

Chorus

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.