It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

What's up with American cybersecurity

page: 1
8
<<   2  3 >>

log in

join
share:

posted on Dec, 21 2020 @ 11:39 AM
link   
With the recent Russian cyberattack, we often wonder what's up with American cyber defense?

With the NSA, and the FBI crack cyber defense team, why is America so vulnerable?


As an IT professional, though not an IT security specialist, I know something about why we are so vulnerable.

Of course, though not a specialist in IT security, being in the field for years one has to know enough about it. Recalling the y2k craze pre-year-2000, our organization went all over the metropolitan area installing y2k patches on thousands of machines. Though it turned out y2k was a red herring, the world didn't end, and only a few instances of problems cropped up.

Anyway, one reason the U.S. is so vulnerable is the fact that it is the economic and technological hub of the planet. Everybody and all look to the U.S. as the leading in almost everything technologically developmental and advanced. Also, the software industry so voluminously churns out new applications that are utilized by the industry, but the problem is a lot of that software is very vulnerable to hacking attacks. As this present instance:



SolarWinds and FireEye
The attackers penetrated federal computer systems through a popular piece of server software offered through a company called SolarWinds.
The threat apparently came from the same cyberespionage campaign that has afflicted cybersecurity firm FireEye, foreign governments and major corporations.
The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which will now be scrambling to patch up their networks.


link

This sounds like a disaster already made. These usually third-party applications often are buggy, weak, and untested yet get full access to networks globally, and hackers smell blood and attack and enter through these vulnerable programs.

I came up in the IT industry when you'd get new hardware or software products, and we would be the first to use them and experience all the bugs and problems even the creator of this new product knows anything about!
The companies prized our feedback, but it would often be too late, and the product's problems would have already been damaging enough to be useless. Eventually, they'd fix the product, but not always.

Here, for example, is what I'm talking about related to this present Russian hack:
www.usatoday.com...



The attackers planted malware in computer networks after using what FireEye CEO Kevin Mandia has called "a novel combination of techniques not witnessed by our partners in the past or us."


Read that: NOT WITNESSED BY US OR ANY OF OUR PARTNERS IN THE PAST

That's the point; these programs aren't thoroughly tested at all and enter these massive enterprise networks connected to powerful corporations, and wham…the whole world might get infected.

On one level, it's not their fault since the software is so generally speaking vulnerable, and one cant test something ad Infinitum…as in the end, no software is 100 percent free from attack.

When you download what they always say is FREE to download, one often gets a bunch of junk along with what you wanted. In America, all the hotshot software programmers and producers of these buggy programs love to use us as guinea pigs.

It's amazing to see these colossal enterprise networks get suckered into buying these supposed network applications that allow the network to run better but are so vulnerable.

To sum up, why is America so vulnerable? Well, it amounts to its strength as an industrial and technological power but also its greed.







edit on 21-12-2020 by Willtell because: (no reason given)



posted on Dec, 21 2020 @ 11:46 AM
link   
I think complacency plays a part. There's not much of an incentive when you're just looking to increase profit margins compared to staying ahead of competitors and keeping your business alive.



posted on Dec, 21 2020 @ 11:49 AM
link   
It's not that we are "so vulnerable", it's more of technology evolves on a daily basis. What's unexploited today could be exploited tomorrow. Its a constant game of cat a mouse - and America isnt always the victim.

There are some freakishly talented people out their, and they dont all live in America



posted on Dec, 21 2020 @ 11:57 AM
link   
a reply to: Willtell

America's about as vulnerable as anyone else when it comes to cyber attacks. The nature of the internet itself means any computer connected to it is vulnerable to attack. Most servers are regularly subject to attacks, there's people all over the world that spend pretty much all their time probing and testing servers for vulnerability, developing new tools, searching for backdoors, anything they can find.

The US government's a fairly big target for lots of reasons, suffice to say, it's servers are likely under constant attack from everywhere. It's bound to happen that someone's going to find a weakness.

But, I do agree with some of what you say, the american government and military's reliance on third party contractors is detrimental to them in the long run.



posted on Dec, 21 2020 @ 12:00 PM
link   


What's up with American cybersecurity





The strange alliance between the American and Russian leaders doesn't help....

www.bbc.com...



posted on Dec, 21 2020 @ 12:01 PM
link   

originally posted by: AScrubWhoDied
It's not that we are "so vulnerable", it's more of technology evolves on a daily basis. What's unexploited today could be exploited tomorrow. Its a constant game of cat a mouse - and America isnt always the victim.

There are some freakishly talented people out their, and they dont all live in America



You're right, that's why I said this in the op:



On one level, it's not their fault since the software is so generally speaking vulnerable, and one cant test something ad Infinitum…as in the end, no software is 100 percent free from attack.



posted on Dec, 21 2020 @ 12:08 PM
link   
a reply to: Willtell

The technology of computing and the Internet is predominantly American. But it has been deployed internationally. The security of other countries are compromised by that, in regard to the US having access to all their data. That leads to resentment and push-back.

The NSA and other cybersecurity agencies no longer protect American interests. What they now do is gather, store, classify and sort all of the world's data and metadata. It is an enormous undertaking but it doesn't actually put much in the way of cyber defense, because good cybersecurity would actually block their collection of data.

It is like how Hoover's FBI did it. They kept dossiers on all sorts of average and non-criminal citizens, using the dossiers as blackmail and to control. Only this has dossiers on everyone in the world, without exception, US citizens too. And used for the same purposes.

It is the most corrosive, unconstitutional and oppressive political tool in the world, exceeding the Stalinist and Nazi data gathering and citizen categorization efforts. The holocaust was enabled by such technologies.

And every US President, from George Bush (Jr) onward, has cooperated in the ongoing negation of freedoms and privacy guaranteed by the US Constitution.

If they blocked all the open doorways that they have put in place, then the hackers could not get through (as effectively). The internet is not 'free' but is politicized, and corporatized, and monetized, without constraint or ethical consideration.

edit on 21/12/2020 by chr0naut because: (no reason given)



posted on Dec, 21 2020 @ 12:09 PM
link   
Many of the replies are right; it's the nature of the computer and network beast; software and hardware are generally vulnerable by nature and continuously changing.

So, there's probably no end to this or no solution but to use a topical phrase: patches.

The country probably needs a cybersecurity czar. I know they have that in the FBI and Homeland security, and of course, there's the vaunted NSA, but they need a concentrated effort and these organizations have other primary duties, not merely cybersecurity.



posted on Dec, 21 2020 @ 12:12 PM
link   
a reply to: Willtell

If you repair computers it's amazing how many people are loaded with spyware and the like, It's just the Russians are taking use of that. Won't be the first time.



posted on Dec, 21 2020 @ 12:12 PM
link   
a reply to: chr0naut

You make a good point. It's sort of a catch 22. That's why they need a Cybersecurity czar or agency dedicated to just that outside of the usual suspects.

If that occurs expect conflict to arise per your points...



posted on Dec, 21 2020 @ 12:30 PM
link   
Here's specifically how this hack too place

Microsoft had 40 of its clients affected at least. This product is definitely a rival of MS since they have similar tools. Network specialists would know this better. HP used to have a good suit but stopped it.

SolarWinds hack hit tech companies and hospital system: What you need to know



Blamed on Russia, the hack infiltrated federal agencies and private companies.





Earlier this year, hackers compromised software made by a cybersecurity company you might not have heard of. The infiltration led to a massive malware campaign that's now affecting US federal agencies as well as governments around the world, according to the security firm and news reports.

The hacked company, SolarWinds, sells software that lets an organization see what's happening on its computer networks. Hackers inserted malicious code into an updated version of the software, called Orion. Around 18,000 SolarWinds customers installed the tainted updates onto their systems, the company said.

The compromised update process has had a sweeping effect, the scale of which keeps growing as new information emerges. Based on newspaper reports, the company's statements and analysis from other security firms, a Russian intelligence agency reportedly carried out a sophisticated attack that struck several US federal agencies and private companies including Microsoft



link

Pretty scary stuff, an update infected with the tools to infiltrate!




Hackers managed to access a system that SolarWinds uses to put together updates to its Orion product, the company explained in a filing with the SEC. From there, they inserted malicious code into otherwise legitimate software updates. This is known as a supply-chain attack, because it infects software while it's being assembled.

It's a big coup for hackers to pull off a supply-chain attack, because it packages their malware inside a trusted piece of software. Instead of having to trick individual targets into downloading malicious software with a phishing campaign, the hackers could rely on several government agencies and companies to install the Orion update at SolarWinds' prompting.

The approach is especially powerful in this case because hundreds of thousands of companies and government agencies around the world reportedly use the Orion software. With the release of the tainted software update, SolarWinds' vast customer list became potential hacking targets.


I wouldn't buy their stock now!



posted on Dec, 21 2020 @ 12:38 PM
link   
is cyber security a proactive field, or a reactive field?
I'd say largely reactive. You don't know what you need until someone has infiltrated a weak spot. Then you need a patch.
This case, hardware code was targeted, which is usually the first line of defense, and not usually suspect of the intrusion.

It was a brilliant hack in that it went after the most prolific vendors in the world.



posted on Dec, 21 2020 @ 12:48 PM
link   
a reply to: network dude
I thought they use to hire people or have teams set up to actively run attacks and look for vulnerabilities.

My dad used to do that in the 90s and early 2000s, be given latest tech and try to find ways to exploit it. He got canned when companies started to remove those departments.

Did they decide to cut costs by letting random internet warriors do it after its released instead of paying people before releasing?



posted on Dec, 21 2020 @ 01:01 PM
link   

originally posted by: Nivhk
a reply to: network dude
I thought they use to hire people or have teams set up to actively run attacks and look for vulnerabilities.

My dad used to do that in the 90s and early 2000s, be given latest tech and try to find ways to exploit it. He got canned when companies started to remove those departments.

Did they decide to cut costs by letting random internet warriors do it after its released instead of paying people before releasing?


The other thing is that people who expose weaknesses in data systems, can get charged or otherwise penalized for hacking.



posted on Dec, 21 2020 @ 01:01 PM
link   
a reply to: Nivhk

I don't know who uses white hat hackers to protect security, but I'm sure some entities do.
I remember the nice Christmas bonus when Y2k came along. We had a few tools that verified systems could transition to a year past 19XX, and had lots of folks bring in systems, and call us out for on site checks due to the panic caused by some random nutters. It was a good time to be in IT. And a fantastic time to start up a new business. I opened my shop up in 2000. it was like a money printing press for a while. And when the real estate market crashed, a spectacular learning lesson on poor investing practices.



posted on Dec, 21 2020 @ 01:04 PM
link   

originally posted by: network dude
is cyber security a proactive field, or a reactive field?
I'd say largely reactive. You don't know what you need until someone has infiltrated a weak spot. Then you need a patch.
This case, hardware code was targeted, which is usually the first line of defense, and not usually suspect of the intrusion.

It was a brilliant hack in that it went after the most prolific vendors in the world.


That statement is partially true. The purpose is driven by what the C-Level folks decide it more important. Before an attack, it's a reactionary stance since it is not considered a "money making" part of the business. It's a "Dog" profile. However, after an attack, the C-Level folks suddenly get a crash course in how this should not be a Dog but treated as a "Question Mark" aspect of their business. A part that if investment is made, then it can reduce costs and mitigate risks across all lines of business including PR perception.

I know, I've been in the CyberSecurity world for over a decade and I have seen this behavior repeat itself numerous times.


ETA: Adding a link to define "Dog" and "Question mark" for those unfamilair with the BCG marketing matrix.
Understanding the BCG Matrix Model



edit on 12/21/2020 by Krakatoa because: (no reason given)



posted on Dec, 21 2020 @ 01:21 PM
link   
a reply to: Krakatoa

I'm small potatoes. Most of my clients are small businesses with less than 20 employees. I did some corporate work for a bit but was largely out of my element. (sucks to admit that, hits the ego hard) but I was/am able to mutli-task and keep my core group protected and running.

But I do find the back end work fascinating. Miles above me, but fun none the less.



posted on Dec, 21 2020 @ 01:24 PM
link   
To manglement the cost of good security is not seen until its too late.

Its more than just making sure everythings patched up and tight but a company wide ethos, people would be much more alert if their wages depended on how well they were doing things.

The problem really can be seen in the development process in a lot of places where security is something that can be bolted on once the code is ready but the moment the code is ready its shipped sans the security features which since they're not of interest to the sales people will never get done unless theres a top level panic.



posted on Dec, 21 2020 @ 01:26 PM
link   
a reply to: network dude

We made a fortune too. Went all over school systems' chemical joints like Merck J and J and installed those patches, which all turned out to be nothing.

It was exciting at the time, though, wasn't it?


Until


2001 and then 2008 when that kind of excitement we can do without.

edit on 21-12-2020 by Willtell because: (no reason given)



posted on Dec, 21 2020 @ 01:37 PM
link   
a reply to: olaru12

BS. It's a deep state lie. They want to switch our focus back on Russia and away from China.
IMO if Russians lurk for something it's a good thing. We may find it on Wikileaks in a week and see the globalists roasted



new topics

top topics



 
8
<<   2  3 >>

log in

join