Matej Spišák on LinkedIn: UK becomes first country to ban default bad passwords on IoT devices (2024)

Last month, I had the great privilege to attend the Program on Cyber Security Studies Seminar organized by the George C. Marshall Center. 📌 The program consisted of very professional and insightful lectures covering topics such as ransomware, incident response and crisis communications, emerging technology and challenges, national cybersecurity laws, national cybersecurity strategies, insider threats, and geopolitical competition in cyberspace, as well as a table-top exercise to put what we have learned into practice. 📌 Special thanks to Sean S. Costigan PhD for moderating the exercise and guiding us through an interesting discussion and to Jonathan G. Odom, JD, LLM, Richard Magnan, Jonathan Loehr, and others who contributed to a very high quality of the program!📌 While constant learning is crucial in cybersecurity, it is also important to build a network of professionals. Since the majority of cybersecurity challenges have a transnational character, I am really glad for having a chance to meet all the great people from around the world who attended the seminar: João Thiago Oliveira Pinho Ilja David Blagoje Gledovic Liljana Pecova-Ilieska Mihai Lupascu Onyinye Onyekpeze Brankica Popović Saba Tchitchinadze Armands K. Ayodele Hanidu Nne Ikoiwak Thorsten Ziegler Jamila Akaaga Ade (Nee Maishanu) Jana Wiedemann and others.📌 I am looking forward to using all the new knowledge in practice and to further cooperating with all the people I met thanks to this opportunity.#cybersecurity #ransomware #incidentrespons #technology

78

4 Comments

NATO to launch new cyber center to contest cyberspace 'at all times'"NATO will establish a new cyber center at its military headquarters in Mons, Belgium, a senior official confirmed to Recorded Future News on Wednesday. The new facility, details about which have not previously been reported, marks the fruition of a significant doctrinal shift in how the alliance approaches operations in cyberspace. The shift, as officially set out in NATO’sStrategic Concept (2022), states that “cyberspace is contested at all times,” meaning it cannot just be a concern for the military alliance during moments of crisis or conflict. NATO needs to constantly engage with adversaries on computer networks — not just when Article 4 or Article 5 are triggered by allies."#cyber #cybersecurity #cyberdefense #NATO

35

1 Comment

UK says China aimed 'malicious cyber targeting' at democratic institutions"The British government has publicly accused Chinese state-affiliated hackers with “carrying out malicious cyber activity targeting UK institutions and individuals important to our democracy.” In a statement to parliament on Monday, Deputy Prime Minister Oliver Dowden said the United Kingdom would not tolerate attacks against democratic institutions, and announced sanctions against two individuals and a front company linked to a hacking campaign targeting British parliamentarians. It comes as the National Cyber Security Centre (NCSC) assessed that the hacking group APT31, previously attributed to the Chinese Ministry of State Security, had been conducting “online reconnaissance activity” against individuals in the House of Commons and House of Lords who had publicly criticized Beijing. Also on Monday, the NCSC attributed last August’shackof the country’s Electoral Commission — the independent agency overseeing voting eligibility as well as political parties' election financing — to an unspecified Chinese state-affiliated actor. At the time, the Commission said a “high volume of personal data” had potentially been stolen, including “the name and address of anyone in the UK who registered to vote between 2014 and 2022.” #cyber #cybersecurity #china

8

The Office of the Director of National Intelligence (ODNI) released the 2024 Annual Threat Assessment of the U.S. Intelligence Community. Cyber-related issues have important place in the document."China remains the most active and persistent cyber threat to U.S. Government, private-sector, and critical infrastructure networks. Beijing’s cyber espionage pursuits and its industry’s export of surveillance, information, and communications technologies increase the threats of aggressive cyber operations against the United States and the suppression of the free flow of information in cyberspace.""Russia will pose an enduring global cyber threat even as it prioritizes cyber operations for the Ukrainian war. Moscow views cyber disruptions as a foreign policy lever to shape other countries’ decisions and continuously refines and employs its espionage, influence, and attack capabilities against a variety of targets.""Iran’s growing expertise and willingness to conduct aggressive cyber operations make it a major threat to the security of U.S. and allied and partner networks and data. Tehran’s opportunistic approach to cyber attacks puts U.S. infrastructure at risk for being targeted, particularly as its previous attacks against Israeli targets show that Iran is willing to target countries with stronger cyber capabilities than itself. Iran will continue to conduct malign influence operations in the Middle East and in other regions, including trying to undermine U.S. political processes and amplify discord.""North Korea’s cyber program will pose a sophisticated and agile espionage, cybercrime, and attack threat. Pyongyang’s cyber forces have matured and are fully capable of achieving a variety of strategic objectives against diverse targets, including a wider target set in the United States and South Korea."#cyber #cybersecurity #intelligence #threatintelligence #threatassessment

14

"The Federal Communications Commission approved a voluntary cybersecurity labeling program for wireless consumer Internet of Things (IoT) products.The program allows manufacturers to put a new “U.S Cyber Trust Mark” on devices that comply with cybersecurity standards developed by the National Institute of Standards and Technology (NIST), includingwhat the White House described last yearas “unique and strong default passwords, data protection, software updates, and incident detection capabilities.”The FCC said it foresees the label applying to products like home security cameras, internet connected appliances, fitness trackers, garage door openers, baby monitors and voice-activated devices. IoT devices have become frequent targets for hackers,particularly nation states andcriminalsseeking tobuild powerful botnetsthat allow them tolaunch larger attacks."#iot #iotsecurity #internetofthings #cybersecurity

5

I’m happy to share that I’ve obtained a new certification: Microsoft Security, Compliance, and Identity Fundamentals from Microsoft!

This content isn’t available here

Access this content and more in the LinkedIn app

25

1 Comment

NIST Releases Version 2.0 of Landmark Cybersecurity Framework"NIST’s cybersecurity framework (CSF) now explicitly aims to help all organizations — not just those in critical infrastructure, its original target audience — to manage and reduce risks. NIST has updated the CSF’s core guidance and created a suite of resources to help all organizations achieve their cybersecurity goals, with added emphasis on governance as well as supply chains."#nist #nistframework #nistcsf

2

I’m happy to share that I’ve obtained a new certification: Microsoft Certified: Azure Fundamentals from Microsoft!

This content isn’t available here

Access this content and more in the LinkedIn app

30