Insider Threat Management

Insider Threat Level July 2019: Democracy on the Line Edition

Share with your network!

This month, we have seen a marked uptick in stories relating to issues of national security. So, for July’s Insider Threat Level, we’ll take a deeper look at five stories that illustrate the various aspects of our democratic state that could be affected by a cyberattack—including one perpetrated or abetted by an insider. 

We’ve written before about nation-state attacks, which are more common than many realise, and it’s never a bad time to remind organisations in both the private and public sector that having a strong insider threat management program is the best way to protect everything from voter data to national security secrets. Let’s dive in!

Consumer Data, Upcoming Elections Are at Risk, Black Hat Survey Says (Source: Dark Reading)

A survey of security professionals from a wide variety of industries conducted by the folks at Black Hat found that experts have significant concerns regarding potential vulnerabilities—including around upcoming elections. To get specific, their top concerns include:

  • privacy issues on social media channels
  • identified vulnerabilities in consumer authentication methods
  • the potential hacking of upcoming US elections

Much of the survey results focus on threats to consumers, but the "Black Hat USA Attendee Survey" does offer some warnings that should be heeded about the 2020 US elections. In fact, almost two-thirds of cybersecurity experts surveyed said it’s likely that voting machines will be hacked or attempted to hack in the next election. This same percentage warns that Russian cyber initiatives will likely have a significant impact on the 2020 US presidential election. Since it has been demonstrated that nation states like Russia are often successful with attacks like these because they rely on inside sources, it’s key for public and private entities to up their game when it comes to insider threat protection.

Cybersecurity Experts Worry About Satellite & Space Systems (Source: Dark Reading)

A senior research fellow in international security at the The Royal Institute of International Affairs (part of the non-profit think-tank Chatham House) warns that the reliance of space-based systems and satellites on civilian infrastructure equals higher vulnerability to attacks in times of conflict and espionage in times of peace. This is an important warning that should remind government agencies and contractors about the importance of developing an end-to-end cybersecurity plan that includes a comprehensive insider threat program

US wants to isolate power grids with “retro” technology to limit cyber-attacks (Source: ZDNet)

Here’s something you don’t hear every day: Let’s go backward in time to get more secure. Interestingly enough, the US is very close to improving power grid security by mandating the use of "retro" (in other words: analog and/or manual) technologies on US power grids. This serves as a defense against potential foreign cyber-attacks that could bring down power sources around the country. If these measures are approved, the government will work to establish a two-year pilot program with the National Laboratories to study power grid operators and identify new vulnerabilities, as well as ways to protect.

NSA Forms Cybersecurity Directorate Under More Assertive U.S. Effort, WSJ

In good news, the National Security Agency has announced plans to develop a cybersecurity directorate later in 2019. This is part of a larger program to align the agency’s offensive and defensive operations more closely, according to U.S. officials. In particular, Anne Neuberger has been tapped to lead the new directorate, which is slated to become operational on October 1, 2019. It’s a good sign that at least portions of the government are taking action to prevent threats—including insider threats—from derailing national security. 

BONUS: The Biggest Cybersecurity Crises of 2019 So Far, WIRED

Now that we are about halfway through the year, WIRED takes us on a journey through six months' worth of: 

  • data breaches
  • supply chain manipulations
  • state-backed hacking campaigns
  • harbingers of cyberwar in 2019

It comes as no surprise that ransomware is an ever-growing threat, corporate and US government security is still a mess (see earlier articles), and geopolitical tensions continue to rise. This recap of some of the major cybersecurity incidents that have cropped up so far this year serves as a useful illustration of where we stand and where we need to work harder to protect valuable data and assets.