What lessons can be learned from the latest cyber attack on the US State Department?

The news has just leaked out:

The US State Department was recently the victim of a cyber-attack.

The attack is believed to have taken place a few weeks ago, shortly after a Senate committee warned of the risk of a data breach.

What is surprising is that this is not the first time the State Department has been the subject of a cyber-attack. Indeed, it was one of dozens of federal agencies - and thousands of private data networks (more than 18,000 government and private computer networks) - hit by the massive SolarWinds breach in December 2020.

What then of the computer security lessons learned from the Department of Defense (DOD) "Zero Trust Reference Architecture"(1) and from the National Institute of Standards and Technology's Special Publication 800-207 on "COMPUTER SECURITY" devoted to the ZERO TRUST ARCHITECTURE (2)?

Is this just another example of the famous saying that it is the shoemaker who is the worst shod?

Or should we look further and analyse the content of the American ZERO TRUST concept to understand what has happened?

In fact, a closer look at the concept shows us that it is still focused on human behavior with the training of the staff in charge and the abundant hierarchy of cascading authorizations and privileges.

Is this not the heart of the matter?

We all know that the human factor is the weakest link in the IT security chain. No one is safe from a mistake and when the attacker has access to the credentials of the highest authorities in a system, he has access to everything he wants.

This is why we at PT SYDECO have created a close protection system, totally independent of the human factor and the type of attack, precisely because we are aware of this weakness and because antivirus software only works with a certain delay when it comes to new viruses. We call this system SP-One©.

SP-One© is inspired by the processes and mechanisms of our IMMUNE SYSTEM to protect our computer systems against any external aggression.

Since 29 January 2021, SP-One© has been subject to numerous daily attacks, each one equally unsuccessful. As of August 23, 2021, they totalled 1,117,745 attacks.

No one has succeeded in breaking through the protection of the program that SP-One© protects.

So isn't the best protection against cyber attacks the integration of SP-One© in a ZERO TRUST architecture using MICRO SEGMENTATION?

***

(1) Department of Defense (DOD) Zero Trust Reference Architecture

Version 1.0 February 2021 Prepared by the Joint Defense Information Systems

Agency (DISA) and National Security Agency (NSA) Zero Trust Engineering Team

(2)This publication is available free of charge from

https://doi.org/10.6028/NIST.SP.800-207

Comments

QUIZZ

The 3 first ones who will give the right answers to the 10 following questions will win a Personal Firewall ARCHANGEL© PICCOLO 1. What is the relation between the 3 background photos that are on the profile page of Mr. Patrick HOUYOUX President-Director of PT SYDECO? 2. How many devices does the Firewall of Next Generation ARCHANGEL© 2.0 series SA1470 protect and how many secure tunnels does it create? 3. What is the price of a one-year licence that a user of ARCHANGEL© PICCOLO will have to pay to continue protecting his or her IT installations from the second year onwards? 4. What are the three programs which are housed in a single server that enable PT SYDECO's Integrated Protection System, to protect data at all times? 5. Can PICCOLO protect a Smartphone? 6. When (D/M/Y) did PT SYDECO signed a MOU with the Faculty of Engineering of University Gadjah Mada Yogyakarta? 7. What are the three main features that make SydeCloud©, PT SYDECO'

A lesson in cyber safety

In an article published on 19 June 2023 in globalsecuritymag.fr/, Benoit Grunemwald, cybersecurity expert at ESET France, recounts the cyberattack suffered by REDDIT, an American social news aggregation, content rating, and discussion website, in February of the same year, and draws some lessons from it. This article follows the hackers' attempts, last repeated on 16 June, to obtain a ransom of 4.5 million dollars in order to delete the 80 GB of data stolen from the company, to which the company did not respond. The data was not encrypted, so the company did not lose it. However, the same cannot be said for its reputation. Benoit Grunemwald explains that " It all started with a phishing email to harvest employee account data. All it takes is for a single employee to be trapped for cyber criminals to gain access to internal documents, software code, employee data , etc." He goes on to stress the " need to integrate in-depth security methods and resources, such as zer

BOT attacks: a growing threat on the Internet

Bot attacks , the malicious and damaging use of automated computer programs known as bots (or BOTS), have become a growing concern and a pervasive reality in the modern digital landscape. BOTS, or software robots, are automated programs originally designed to perform tasks on the Internet without human intervention. Unfortunately, hackers have also managed to turn them into a hacking technique, created with malicious intent, to manipulate, defraud or disrupt a site, application, API or users, potentially causing enormous damage to businesses and users, compromising the security of systems and data. To carry out their BOTS attacks, the majority of hackers use software called botkits, which are freely available online and sold on the Dark Web. Vendors of this type of software also offer paid services to carry out BOT attacks, including software to power DDoS attacks. BOT attacks include, but are not limited to, Email Spam , which is used to send spam emails containing malicious software

Sydeco Blog

Search This Blog