Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Security Professionals. Show all posts

Aftermath of Ransomware Attacks Take a Mental and Physical Toll on Security Pros


A research conducted by the Royal United Services Institute (RUSI) has underlined the mental and physical toll that cybersecurity workers face in their work.

Through a series of interviews with people who had been at the forefront of ransomware attacks and their aftermath, RUSI discovered that people were experiencing financial, reputational, and social harm in addition to illnesses related to stress as a result of ransomware assaults.

Ransomware attacks involve evading an organization’s network security, and then encrypting and exfiltrating their data, followed by demanding payment to get the data returned safely.

Personal Insight From Victims

Several individuals RUSI spoke with reported sleep deprivation, which left them extremely tired and prone to dozing off at work. Security personnel reported varying degrees of stress; one respondent believed that the stress of a ransomware attack could have contributed to a heart attack that needed to be surgically treated.

In one of the cases, the interviewee needed hospital visits because the strain of a ransomware assault caused them to be severely dehydrated after drinking too much coffee, which made their pre-existing cardiac problem worse.

After their employer hired an outside IT firm to help with recovery, several of the people RUSI spoke with felt under pressure and incompetent; yet, inadequate integration and communication caused inefficiencies following the incident. Furthermore, a lot of security experts—especially those with years of expertise in a single role—see ransomware assaults as a chance to retire or step down.

Also, several victims claimed that excess workload resulted in a challenging work/life balance and many of them said they had lost out on their personal and family time. In one instance, a person was required to look after a senior team member so they could work longer hours.

Beyond cybersecurity personnel, ransomware attacks on hospitals have a physical impact as well. They cause above-average additional deaths from postponed visits and lost data. In addition, the Hackney Council's ability to maintain and repair social housing was hampered by the aftermath of a ransomware attack, leaving some residents to spend protracted lengths of time in mouldy and wet dwellings.  

With CISOs' Evolved Roles, They Must Also Evolve Their Ways


Evolving Role of CISO

Before the rapid development and popularity of digitization, the role of CISO (Chief Information Security Officer) was constrained to just being a part of IT teams, directing IT staff and planning cybersecurity defense. Regardless of conducting crucial tasks, CISOs were not traditionally a part of high management and had limited influence on the main business.

This has changed due to the rising risk of a cybersecurity breach and the rising expense of remediation. CISO is no longer a mere security evangelist, but holds much greater significance in the IT world. 

However, with more power comes more responsibility. The cyber landscape now has become more complicated than ever, with more frequent cybercrime activities being witnessed than ever before. As cyberattacks become more complex, frequent, and damaging, the CISO is ultimately responsible for any defensive blunders made in defending against existing and new risks.

Moreover, the shortage of security professionals only adds to the struggle and strain that comes with this profession. Thus, CISO is required to focus on this issue to maintain its efficiency, with their evolving jobs. They may both safeguard their businesses and reduce their stress levels by devoting time and money to important areas like cultivating loyalty, dealing with legacy systems, and developing a culture that prioritizes security.

Building Loyalty and Skills

Competing with one another, CISOs are striving to acquire qualified cybersecurity personnel. Because there is now a dearth of qualified cybersecurity professionals and great demand, the majority of them may select where they work and demand higher pay. It will be challenging to compete with this, especially for CISOs who increasingly have more budgetary authority but also more accountability for spending wisely.

CISO can instead employee professionals who are not much skilled in cybersecurity, or even work in IT. They might gradually transition into important new cybersecurity responsibilities with the correct training and assistance. After all, not all cybersecurity positions require technological expertise.

Moreover, for roles that do require technical skills, Many firms have an underutilized resource—their developer community. Developers are in a great position to upgrade their skills, could learn secure coding approaches, and share responsibility for security because of their solid understanding of how computers function. 

Looking internally eventually profits a firm’s morale and loyalty. Also, the corporation gains new cybersecurity expertise, and their employees gain whole new lucrative career.

Dealing with Legacy Systems

Patching systems and keeping them up-to-date is not an easy task. While many company are already equipped with built up infrastructure, including legacy equipment, frameworks, and equipment that has been tightly interwoven into their work processes, ripping out and replacing is not an easy alternative. CISOs are responsible for preserving and managing these older programs, while also using the most recent apps that are running in hybrid clouds and using contemporary frameworks. 

However, cybercriminals are smart. When attempting to hack into a network or steal data, they nearly always seek for the weakest link, and such outdated frameworks, apps, and infrastructures are frequently the chosen targets.

Thus, CISOs are required to work on their maintenance plans for all legacy software. External access should be completely eliminated, if at all possible, but it is crucial that teams receive training in security best practices for all active programming languages through practical training methods and courses. Nothing gets left behind when the most recent technologies are used alongside outdated languages that have proper security support.

Creating a Security-First Culture 

In order to improve security and ease the CISO's workload, the solution may not entirely depend on technology. The best way to genuinely establish a company where security is a top priority is through a shift in culture. CISOs are in a unique position to drive this transition, both with other executives and the people they lead. They are both members of senior management and members of the security team.

A security-first culture will thus implant security into every aspect of a company's operations. Instead of being a consideration until later in the SDLC, developers should be able to write secure code that is devoid of flaws and resistant to assaults right away. This effort should be led by designated security champions from among the developer ranks, who will serve as both a coach and a motivator. With this strategy, security is ingrained in the team's DNA and supported by management rather than being mandated from above.

While these changes cannot be met overnight, they may happen gradually with some combined efforts. Since, the threat landscapes remain complex, highly advanced and ubiquitous to be handled by any one individual or a small team. Thus, it requires every employee – no matter their role – to actively contribute to increased security; only then will a business have a chance to prevent costly breaches and downtime. 

Former Amazon Security Engineer Charged of Defrauding a Crypto Exchange


A prominent cybersecurity pro for Amazon is apparently facing a problem. The U.S. Department of Justice has detained security engineer, Shakeeb Ahmed, with charges of defrauding and money laundering from an unnamed decentralized cryptocurrency exchange, both charged carrying a maximum 20-year-imprisonment.

According to Damian Williams, the U.S. attorney for the Southern District of New York, this was the second case their firm was announcing that is highlighting the case of “fraud in the cryptocurrency and digital asset ecosystem.”

As noted by the DOJ, Ahmed – a former security engineer for an “international technology company” – was able to "fraudulently obtain" from the aforementioned exchange almost $9 million worth of cryptocurrencies. He executed this by creating bogus dates for pricing, in order to produce the fees that he later withdrew for himself.

Williams further added, "We also allege that he then laundered the stolen funds through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges. But none of those actions covered the defendant's tracks or fooled law enforcement, and they certainly didn't stop my Office or our law enforcement partners from following the money."

Ahmed is also charged with allegedly attempting to steal more money from the exchange via "flash loan" attacks, another type of crypto vulnerability

While it was initially imprecise as to what company the accused had worked for, cybersecurity blogger Jackie Singh on Tuesday mentioned that Ahmed was a former Amazon employee. Jackie further mentioned several other online profiles the accused appeared to have links with.

According to a LinkedIn profile that matches Ahmed's job description, he works at Amazon as a "Senior Security Engineer" and has worked there since November 2020. The user's profile continues to claim Amazon as his employer. However, it is still unclear if this profile is in fact representing Ahmed.

Following this, Amazon was contacted to confirm the aforementioned details, to which the company confirmed that he had worked for Amazon. However he is no longer employed with the company, they added. The tech giant said that it could not provide any further information regarding his role in the company.

Moreover, a report by Inner City Press – a New York outlet – confirms that Ahmed appeared at the court following his detainment on Tuesday. The report mentions him wearing flip-flops, shorts, and a T-shirt saying “I code,” to the court hearing. Later, he was released on bond after pleading not guilty and will be permitted to continue living in his Manhattan apartment, according to the site.