Weekly Cybersecurity Brief: Who Holds the Cyber Power?

Share on facebook
Share on linkedin
Share on twitter
Share on email
Share on whatsapp

Famous author Erin Hunter once said, “Power is neither good nor evil, but its user makes it so.” Power can take many forms. Whether it be holding a managerial position, being named captain of your sports team, or even taking charge of the largest bank robbery in history, power is all around us. When it comes to cybersecurity, it seems as though the cyber-criminal holds power over the victim’s head to achieve its goal. However, the apparent criminal does not always get to hold all the power. Articles by Catherine Stupp from Wall Street Journal, Paul Lilly from PC Gamer and Davey Winder provide insight into the struggles of gaining cyber power in today’s growing security industry.

To begin, this past week a security penetration tester discovered that an update to Windows 10’s antivirus software can be used to download malware. This new switch in the command line tool gives Windows users ability to download the same ransomware that caused Garmin to pay a multi-million-dollar ransom to hackers. This glitch gives power to any employee with adequate knowledge of cybersecurity who may also have a personal agenda. If administrators are not aware of this bug, they will quickly lose power leaving themselves and the organization vulnerable to the hacker.

Secondly, some cybersecurity experts worry that the 50-million strong BTS fanbase, ARMY and K Pop Stans, could be a major security threat. ARMY and K-Pop Stans members are extremely active on social media. Therefore, if one member were to leak malware, the whole group could follow in-suit resulting in millions of security breaches. Some experts are even going as far as comparing the fan base to an old hacktivist group called Anonymous, which used hacking skills to sway political protests. If these notions end up being correct, the 50 million fan base would hold an immense amount of cyber power. This power could be stronger than the government itself resulting in cyber-chaos. 

Many organizations are seeing the need to maintain cyber power. Because of this, corporations are hiring CISOs to explain the need for cybersecurity to other executives. Furthermore, tools are being developed that help estimate the potential cost of security breaches to an organization. Although these tools can not exactly predict the cost of a cyberattack, they can still be leveraged for preventative measures. If an organization wants to hold cyber power, the CISO must work directly with the CFO to make decisions that will benefit the company’s network security. As an organization, you want to use your cyber power for good – if not, the power may be in the hands of the bad.

Key Takeaways

Cyber Chiefs Calculate Data Breach Costs to Explain Risks to Executives – Catherine Stupp, Wall Street Journal

  • Corporate cybersecurity leaders are helping explain the costs of security breaches to executives
  • New tools are popping up that will assist in explaining these risks to business leaders who are not experts in the cybersecurity space
  • Cybersecurity calculators help executives determine how much a security breach might cost the organization
  • There is not one tool that can exactly predict the cost of cyberattacks, but CISOs are working with CFOs to determine the best choices to make when it comes to technology and security for their organization

Windows 10’s built-in antivirus can now be used to download viruses – Paul Lilly, PC Gamer

  • A security penetration tester recently discovered that an update to Windows 10’s antivirus software can be used to download malware
  • This new switch in the command line tool was able to download the same ransomware that caused Garmin to pay a multi-million-dollar ransom to hackers.
  • If administrators are not aware of this bug, a rogue employee could cause major damage

Meet the New Anonymous – 100 Million BTS Army and K-Pop Stans, A Cyber Force to be Reckoned With? – Davey Winder, Forbes

  • Some cybersecurity experts believe that the 50-million strong BTS fanbase, ARMY and K Pop Stans, could be a major security threat
  • ARMY and K-Pop Stans are extremely active on social media. So, if one member were to leak malware, the whole group could as well
  • Experts are comparing the fan base to an old hacktivist group called Anonymous, which used hacking skills to sway political protests
  • Although some cybersecurity professionals believe ARMY and K-Pop could be a potential threat, others believe it is a harmless social media campaign that will not result in criminal activity

Sources

https://www.wsj.com/articles/cyber-chiefs-calculate-data-breach-costs-to-explain-risks-to-executives-11599643800

https://www.pcgamer.com/windows-10s-built-in-antivirus-can-now-be-used-to-download-viruses/

https://www.forbes.com/sites/daveywinder/2020/09/06/meet-the-new-anonymous-100-million-bts-army-and-k-pop-stans-a-cyber-threat-to-be-reckoned-with/#79dc96472640

 

Discover More: