nation-state - All Articles - CISO Platform2024-03-29T02:24:46Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/nation-stateFireEye Hacked – A Stark Reminder of Cybersecurity Riskshttps://www.cisoplatform.com/profiles/blogs/fireeye-hacked-a-stark-reminder-of-cybersecurity-risks2020-12-10T08:21:03.000Z2020-12-10T08:21:03.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p style="text-align:center;"><iframe width="560" height="315" src="https://www.youtube.com/embed/kzkR6zcsHUo?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>Even the best security organizations can be hacked! Watch my message to both the cybersecurity industry as well as those attackers that hacked FireEye and stole the RedTeam tools. </p><p>This skirmish went to the hackers, but the battle continues.</p></div>Missing the Big Picture from the SolarWinds Hackhttps://www.cisoplatform.com/profiles/blogs/missing-the-big-picture-from-the-solarwinds-hack2020-12-15T22:57:43.000Z2020-12-15T22:57:43.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/HmIOoN5n01c?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>The cybersecurity industry is consumed with scale and effectiveness of one of the biggest hacks in recent memory. The emerging narrative and stories are missing important pieces of the puzzle. The attackers, likely a nation-state, gained unprecedented access to the U.S. government, military, critical infrastructure, and most major businesses. </p><p>The full scope and reasons are not clear, but it is imperative to figure out. The mystery must be solved, for the benefit of everyone, so we can prepare for what is next.</p></div>Finding the Next SolarWinds Type of Supply Chain Attackhttps://www.cisoplatform.com/profiles/blogs/finding-the-next-solarwinds-type-of-supply-chain-attack2021-01-20T21:13:40.000Z2021-01-20T21:13:40.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/Ps9HVzh8mLY?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>The SolarWinds compromise showed that supply-chain attacks are possible and the ramifications can be tremendously impactful. Other nation states will be investing in efforts to duplicate this success. That makes IT tools, security products, hardware & firmware vendors, and cloud service providers prime targets for exploitation.<br /></p><p>Cybersecurity processes, solutions, and efficiencies must adapt to prevent and rapidly detect similar methods of supply-chain attacks.</p></div>More Supply-Chain Cyberattacks are in the Windhttps://www.cisoplatform.com/profiles/blogs/more-supply-chain-cyberattacks-are-in-the-wind2021-02-17T05:28:24.000Z2021-02-17T05:28:24.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><a href="{{#staticFileLink}}8669840896,original{{/staticFileLink}}" target="_blank"><img src="{{#staticFileLink}}8669840896,original{{/staticFileLink}}" class="align-center" alt="8669840896?profile=original" /></a></p><p>It appears<span> </span><a href="https://gizmodo.com/france-just-suffered-a-solarwinds-style-cyberattack-1846276808" target="_blank">France is the main victim for this recent attack</a><span> </span>which has several uncanny similarities to the SolarWinds exploitation that exposed thousands of U.S. government agencies, critical infrastructure organizations, and major businesses. Let me be absolutely clear (again), that these attacks have been active for years and will continue to increase in pace, scope, and boldness! According to the French cybersecurity agency<span> </span><em><a href="https://www.ssi.gouv.fr/en/" target="_blank">Agence Nationale de la sécurité des systèmes d’information</a></em><span> </span>(ANSSI), this attack may have begun back in 2017.</p><p></p><p>Every active nation-state offensive cyber team is working to establish footholds in adversaries by going through supply chain solutions. The success exemplified by the SolarWinds attacks has proven to nations that undermining technology supplier’s products and services is a tremendously powerful means of gaining access to many sensitive systems within a targeted nation. This will become a foundational element for digital spy craft in the future.</p><p></p><p>I have already posted several<span> </span><a href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">Cybersecurity Insights videos (YouTube channel)</a><span> </span>on the topic, will be speaking at the<span> </span><a href="https://hmgstrategy.com/events/upcoming-summits/2021/03/18/default-calendar/2021-silicon-valley-ciso-executive-leadership-summit" target="_blank">upcoming HMG CISO conference</a><span> </span>about the long-term ramifications, and will continue to post my thoughts on this growing threat that is not going away! This is the moment organizations either begin to adapt or eventually become prey. Know the risks.</p><p><a href="{{#staticFileLink}}8669840896,original{{/staticFileLink}}" target="_blank"></a></p></div>