The Colonial Pipeline attack exposed what a lot of us have been saying for years – that when it comes to U.S. critical infrastructure, the emperor has no clothes. After the attack on Colonial was dealt with, TSA issued a directive very quickly that was pretty superficial. It required, among a couple of other things, […]
Continue reading → [DISPLAY_ACURAX_ICONS]When people talk about IoT – Internet of Things – these days, they are thinking of Amazon Alexa or Phillips Vue lightbulbs, but where IoT started was in factories and warehouses, decades ago. Industrial automation or IIoT is still where the biggest in IoT attacks lies. Today we learned about a critical remote code execution […]
Continue reading → [DISPLAY_ACURAX_ICONS]In light of the recent series of supply chain attacks (actually going back to 2011 at least), speed is crucial. SolarWinds, Microsoft Exchange, Kayesa and others. This weekend’s attack against MSP software provider Kaysera is a perfect example of why speed is so important. Many small and medium sized companies are dependent on managed service […]
Continue reading → [DISPLAY_ACURAX_ICONS]Paying Ransom is Tax Deductible Under current IRS regulations, paying cyber ransom after a hack is deductible, just like losses from a robbery, but the IRS is “looking into it”. One way the government could discourage ransom payments is if the cost is borne fully by the company’s owners. They still might choose to do […]
Continue reading → [DISPLAY_ACURAX_ICONS]Long before quantum computing becomes “main stream”, state actors will have access to it. In part, because they command large budgets; in part because it is important to them. Why do they care? Because, it will allow them to decrypt both communications that they intercept going forward and communications that they have intercepted in the […]
Continue reading → [DISPLAY_ACURAX_ICONS]As I said yesterday, some EOs are a couple of paragraphs long. This one goes on for pages. Today’s post is going to cover the section of the EO that addresses supply chain risk. Supply chain risk, as we saw in both the SolarWinds and Microsoft Exchange attacks, is a huge problem. So what does […]
Continue reading → [DISPLAY_ACURAX_ICONS]