Army Technology – Predicting cyberattacks: the need for new cyber security tools

armytechnology-technology-logoPreparation is crucial for protecting against cyberattacks and being able to predict when they are coming and where they are coming from is becoming increasingly important for the defence industry. The UK’s Defence and Security Accelerator is tackling the issue with a new competition to spur innovation in predictive tools.

Gemalto’s chief technology officer of data protection Jason Hart warned the technology was at least three to four years away, telling the newspaper: “What we want it to do is identify when something suspicious happens, apply the appropriate security controls to mitigate the risk, then report back that it has noticed a potential attack, stopped it and protected the data.”

To read the full article click here.

CRN Online – Black Hat 2018: 10 Execs On The Top Cybersecurity Threat America Faces Around The 2018 Midterm Elections

crnVoting Under The Microscope

The November 2018 midterm contests have generated more scrutiny from a cybersecurity perspective than any election in recent memory due to the unprecedented high-profile data leaks and Russian-backed social media disinformation efforts during the 2016 election cycle.

In addition to a potential reprisal of all the issues from 2016, some observers fear that the voting machines themselves could be tampered with by a nation-state actor or agent.

CRN spoke with 10 executives and technical leaders at Black Hat 2018 to separate fact from fear, and get a sense of the most realistic scenarios that could cause disruption in the runup to the election or at the ballot box.

“A compromised user name or password is the single easiest way in for bad actors since the system isn’t able to distinguish between the intended or an unintended user entering the right password, according to Jason Hart, Gemalto vice president and CTO for data protection. By gaining access to election data, Hart said bad actors can cause reputational damage and discredit a candidate or their entire campaign”.

ITPro – Tech firms welcome Cyber Security Export Strategy

itproBut experts caution against nation state hacking risks, and urge firms to get basics right

The UK government’s new Cyber Security Export Strategy has been welcomed by tech industry experts who believe it will help small businesses secure contracts with overseas buyers.

The plan, published by the Department for International Trade (DIT) yesterday, sets out to support the UK’s cyber security companies and small businesses as they look to grow, and make the UK a global leader in the fight against cybercrime.

Data protection CTO Jason Hart said he is happy to see the UK sharing its expertise, but stresses the need for businesses to get the ‘basics’ right to fully protect their valuable data.

“The UK has long been a cyber security leader, so it’s great to see some of this expertise being shared with other countries,” he said.

“With much of our world now connected by valuable data, hackers can easily access this data unless everyone gets the basics right when it comes to security.

“Businesses need to be protecting what matters by encrypting the data at its source and restrict access via identity controls. If the UK can help other nations follow these basic security principles then we’ll go some way to better protecting our valuable assets.”

To read the full article click here.

SC Magazine – Covert warfare: How likely are attacks on the UK’s critical infrastructure?

scmediaAttacks on critical national infrastructure are growing in number and sophistication. So how big is the UK’s risk?

However, at the same time, Jason Hart, CTO of data protection at Gemalto points out that power stations and other industrial SCADA systems connected to the internet have a manual override switch. He says, therefore, that they are more at risk of another form of attack, on the integrity of the system.He explains: “A breach is about confidentiality, integrity and availability. If the availability of the system is targeted, it can manually override this so the underlying critical system will have the ability to shut down if needed.”

Therefore, he says: “What we need to worry about is the integrity of the data: What if attackers get in and alter the data that the SCADA system uses to make decisions?”
Hart suggests attackers could gain access through a SQL injection, or weak passwords. In the NHS, he points out, it would be “a massive problem” if patient data is altered or changed.
To read the full article click here.