Warfare-Cyber Convergence a Major Challenge for the US Army

Network Convergence is one of the US Army's biggest challenges.. As evidence, look no further than the decision to disband its electronic warfare division, which will fold into a newly established cyber directorate at the Pentagon within the Army.  “We need to be aware that we are very likely going to fight an adversary that is converging using [cyber and electromagnetic activity] integration, ISR and fires across full spectrum conflict,” said Col Timothy Presby, Training and Doctrine Command capabilities manager of cyber, at TechNet Augusta earlier in August. “So unless we actually work together and converge our capabilities, we will be left short.” Many current and former Army officials believe the convergence and new cyber directorate are a good step. Creating the new cyber directorate and keeping it within the G-3 is “absolutely” a good idea, Gen. Jennifer Napper (ret.) told C4ISRNET in an interview.  “The fact of the matter is, it all works together or contests each other and interferes with each other so you have to have it all in one area,” said Napper, who formerly served as the director of policy, plans and partnerships for the Cyber Command and commander of the Army’s Network Enterprise Technology Command. Will this effort truly strengthen the US Army's cyber-warfare capabilities? Share your comments with the Cloud and Cyber Security Center.

New York Governor Calls for CyberSecurity Programs for Banks and Insurance Firms

New York state is proposing new rules requiring banks and insurance companies to establish cybersecurity programs and designate an internal cybersecurity officer, in what Gov. Andrew Cuomo described as a "first-in-the-nation" move to codify cyber safety policies. The proposed rules come after some of the world’s biggest banks -- including JPMorgan Chase & Co. and HSBC Group -- have reported significant cyber intrusions and U.S. corporations in general have been frequent targets of hacking. Money center banks and insurance companies have built their own cybersecurity programs in recent years, often at expenses of hundreds of millions of dollars. The biggest impact of the new regulations is likely to be on small banks and insurers, which may now need to bring their cyber programs up to at least a minimum standard. Governor Andrew Cuomo said the regulations would "guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible." Will these measures truly strengthen the cyber security of the banking and insurance industries or simply be superfluous government fluff? Share your comments with the Cloud and Cyber Security Center.

US President Obama Delivers Plea for Deescalation of Cyber Warfare

US President Obama asked for USD 19 billion for cybersecurity efforts in his budget request, a 35 per cent increase from current levels, with USD 3 billion earmarked to help modernise the patchwork of computer systems used in government agencies. President Obama urged deescalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. Citing a new era of significant cyberwarfare capabilities, the president urged moving into a space where leaders begin to institute some norms to prevent global escalation from spinning out of control. "We're going to have enough problems in the cyberspace with non-state actors who are engaging in theft and using the Internet for all kinds of illicit practices, and protecting our critical infrastructure, and making sure our financial systems are sound," Obama said, "and what we cannot do is have a situation where this becomes the Wild, Wild West, where countries that have significant cybercapacity start engaging in competition -- unhealthy competition or conflict through these means when, I think wisely, we've put in place some norms when it comes to using other weapons." New evidence implicating Russia in attempts to undermine the U.S. election has come to light, wrote Senate Minority Leader Harry Reid, D-Nev., in a letter to FBI Director James Comey, late last month. Will the US call for deescalation of cyber warfare yielded bona fide results or simply be viewed as political rhetoric? Let us know your thoughts here at the Cloud and Cyber Security Center.

Cisco Acquires CloudLock Validating Demand for CASB Security Solutions

Cloud Access Security Brokers, aka CASBs, provide security and visibility for companies moving to the cloud. They logically or physically sit between the customer and whichever cloud services it uses. Martin Zinaich, information security officer for the city of Tampa, summarizes their function and purpose: "Cloud access security brokers are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. They increasingly support the control of enterprise social networking use, and popular infrastructure as a service (IaaS) and platform as a service (PaaS) providers." This, Zinaich added, "is a smart play for Cisco." Cisco's move confirms that the security industry considers CASBs to be the way forward in cloud security. Last year Microsoft bought Adallom and turned it into its Cloud Application Security service launched in April 2016.  The emergence of CASBs has been recent and rapid. Bill Burns, CISO at Informatica, has been involved in two recent studies on CASBs in 2014 and 2015. "One of the surprises in the first study," he said in a recent interview "was that CASBs were a relatively unknown technology, but the problem they addressed one of the most worrisome areas that needed to be addressed. This year’s results showed much more awareness for the CASB solutions." Can CASB products truly strengthen cloud security? Send your comments to the Cloud and Cyber Security Center.

Cisco WebEx Meetings Player Code Execution Vulnerability (CVE-2016-1464)

The vulnerability is due to improper handling of user-supplied files. An attacker could exploit this vulnerability by persuading a user to open a malicious file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the user. Cisco informed customers has released software and firmware updates for some of its products in an effort to address several vulnerabilities rated as having critical, high and medium severity. Francis Provencher, security researcher and founder of the Canadian government agency COSIG, has been credited by Cisco for identifying two vulnerabilities in WebEx Meetings Player. The more serious of the flaws, rated critical, is CVE-2016-1464, which allows an unauthenticated attacker to remotely execute arbitrary code by convincing a user to open a specially crafted file with the vulnerable software. Another vulnerability found by the researcher, classified as having medium severity, allows an unauthenticated attacker to hack WebEx Meetings Player. by getting the victim to open a malicious file. Both vulnerabilities found by Provencher affect Cisco WebEx Meetings Player version T29.10 for WRF files. Cisco has released updates to address the bugs, but no workarounds are available. Cisco has also published advisories describing five different vulnerabilities affecting Small Business series switches and IP phones. Four of the issues were reported to the vendor by Nicolas Collignon and Renaud Dubourguais of Synacktiv, and one by security researcher Chris Watts. Will this bug fix by Cisco fully resolve the WebEx Media Player vulnerability? Send your assessment to the Cloud and Cyber Security Center.