As the internet takes physical form, today’s cybersecurity simply doesn’t cut it.
By Natali Tshuva, Sternum
By 2023, there will be three times more networked devices on this planet than humans, according to a report from Cisco. As more and more connected devices join the Internet of Things, the target banks of hacker crews, including sophisticated and state-backed malicious actors, grow to include not just computers with sensitive data, but also pacemakers and railway sensors. In an era where a hacked camera could work as a point of access for a cyberattack, time is running out for governments and private businesses to build up an adequate defense. Simply put: The existing solutions to cybersecurity are just not sufficient any longer. Read the full article.
Don’t fall back.
By Gina Johnson, The CyberWire
It’s that time of year when we seek out cozy sweaters, colorful leaves, and pumpkin spice everything (not me, I’m a mint mocha person). It is also the time of year when many of us like to look ahead to the coming fall and winter seasons, holidays and family time, and hunkering down in the type of semi-hibernation that only us humans are capable of. If you’re like me, you are likely to be found snuggled under a blanket in front of a fire pit (or fireplace) scrolling all of the pre-holiday sales that will inevitably begin popping up over the next few weeks as you prepare for the coming holiday season. And if you are like me, most of that scrolling will be taking place on your phone or tablet.
This is also the time of year when news broadcasts love to air those investigative pieces that repeatedly warn us about the pitfalls of online shopping and scam deals that make so many people roll their eyes at and dismiss with an “it won’t happen to me” shrug. Here’s the thing: they air these pieces because it does happen. It happens to a lot of people, every year. People are always looking for the best deal, and the holiday crush is when they tend to forget the adage of “if it is too good to be true, it is”, and leap at that unbelievably cheap cashmere sweater. Next thing you know, you’re being sent a box containing a sweater made from questionable materials that is so small that it may not even fit your daughter’s American Girl doll.
Navigating the holiday retail hellscape is always a challenge, especially when you consider how many cookies are left behind from just browsing different websites. Nothing ruins casual online “window” shopping like having ads for video game consoles pop up in the middle of a stroll through your favorite shoe website, right? Even better when your kid gets those popups and decides to follow them to some shady “bargain” website selling a PlayStation 5 for $199, despite multiple warnings to stay off of TheseAreNotShadyDeals [dot] com. There is no nightmare quite so dreaded as the one that entails contacting your bank to dispute fraudulent charges from TheseAreNotShadyDeals because that $199 charge quickly ballooned to an overdrawn account during the holiday season because some kind soul made a ton of purchases on the other side of the planet with the card details they snagged from a fraudulent website.
Get cozy, light a fire, and protect yourselves, friends. Happy fall, y’all!
Heard around the studio...
By The CyberWire staff
We enjoyed collecting quotes for this piece last month and thought we would share some quotes again. Our team is fortunate to talk with cybersecurity leaders every day. Through these interviews, we hope to bring their expertise to you on our podcasts. Some of our interviewees give opinions on the news of the day, share findings of reports, explain research their team did in tracking the latest threats, and share details of their career journeys. We thought we would share some interesting quotes with you by a few of our guests.
"You would think that all steps, any step possible, would be taken to change that situation, but those steps weren't taken. It was saying, "Well gee, if we changed that, people would use Instagram less." – WIRED's Steven Levy on Caveat about Facebook's internal research practices.
"For culture, I think it's interesting to draw back to organizational culture and think about the values and the norms that an organization has and how those potentially influence behavior. So the three are really interrelated to one another. For some time in cybersecurity, we focused a lot more on awareness, and I think there was a perception if we could just help people understand more about the threats, then we'll have solved the human issue. But of course, it is so much wider than that." – Dr. Jessica Barker from Cygenta on 8th Layer Insights.
"I think we're finding ourselves in an interesting point of time because deepfakes are already out there. They're already being used. They're not, I would say, something that is considered as widespread as may be phishing or malware. But I think at the same time, there's a reason the FBI issued a warning that deepfake attacks are imminent in the next 12 to 18 months. The technology is moving really fast, making very sophisticated videos much more accessible than they were before." – Etay Maor from Cato Networks on the Hacking Humans.
"I think as a woman in cyber security, I've either experienced first hand or seeing things happen to, and with women, from gatekeeping to gaslighting, to harassment, bullying everything, it runs the gamut. And I've been through some of these things and what I've found to be the most important throughout these adversities is to be an upstander and to stand up for others and then be fortunate enough to have others stand up for you. I found that it was a sure way to really influence culture more than having programs that try to fix the culture. It's more of a lived experience. ." – IBM Security's Limor Kessem on Career Notes.
"So I got this Cookie Monster puppet when I was about six or seven years old and I just took to it immediately, started doing puppet shows, and I did all the voices because I grew up watching Sesame Street. And this is before the Muppet Show. So my parents had a friend of theirs over the house one time, and I was doing what I always did with all of their friends, which was entertaining them with my puppets, whether they wanted it or not, and this friend said to my parents, they said, you know, this little guy has, uh, some talent here. Um, I work at the local PBS station and we hire the kids to be on some of our shows. Well, you should bring them down and have an audition. And so I did, and I got the job. I was one of those kids who could read stuff without sounding like I was reading stuff. And there was a high demand for that skill because there weren't a lot of kids who could do that. That's how I bought my first computer. Right. I saved the money from that along with money from my paper route. And that's how I bought my first computer, which was the TRS-80." – The CyberWire's Dave Bittner on Career Notes.
We hope some of these quotes sparked your interest to explore the interviews further.