Nothing is more difficult than making predictions. For this reason I did not do any “predictions for 2021 cyber security” posting before year 2021 started. Instead of trowing out wild ideas what might be coming, I have collected here some trends other people have predicted or reported.
The State of internet security in 2020 was hard. The trends that stormed last year will continue long to 2021: “Rapidly accelerated digital transformations, opportunistic phishing campaigns, discontinuity of information security operations and financial constraints are creating the perfect storm in a COVID-19-disrupted world.” Last year trend was Instead of ‘bring your own device’, these days it’s rather ‘bring your own office’.
2020 was a bumper year for cybercriminals, and this boom is expected to continue into 2021. 2021 Cybersecurity and IT Failures Roundup article presents you Lessons learned from the many failures, interruptions, crimes and other IT-related setbacks that made the news in 2020. Smart cyber security people have read about them and learned their lesson.
Kaspersky’s top three cybersecurity predictions for 2021 are increase in targeted attacks, attacks that are more disruptive exploiting contemporary issues and we will continue to have frequent and significant data breaches. I can pretty much agree on those. Cybersecurity must adapt to counter new threats in a transformed world
Head of Europol’s European Cybercrime Centre: there are no systems that cannot be breached article says that humankind has to choose between evolution by digitization, and stagnation. Naturally, the world is moving ahead. We can’t be naive and expect that bad things will not happen along with it. “We can’t be naive and expect that bad things will not happen along with it. Resilience is important.”
In 2021 Trend Micro predicts that cybercriminals will look to home networks as a critical launch pad to compromising corporate IT and IoT networks. New Cybersecurity Threat Predictions for 2021 article points out the the traditional network perimeter has been replaced with multiple edge environments, WAN, multi-cloud, data center, remote worker, IoT, and more, each with its unique risks.
DDoS attacks: Big rise in threats to overload business networks. Cyber attackers are threatening to take organisations offline with DDoS attacks if they aren’t paid bitcoin by a deadline – but victims are being urged not to give in to demands.
One sure bet is that ransomware attacks will only escalate further over this year. Pay-or-Get-Breached Ransomware Schemes Take Off in 2021. In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, which means that first they encrypt your data so you can’t access it and then they say they will publish your most secret data for other people to see if you don’t pay up. Ransomware victims that have backups are paying ransoms to stop hackers leaking their stolen data.
Modern cybercrime is becoming increasingly open-sourced which means that already some of the most sophisticated and notorious cybercriminals are utilizing open-source tools to conduct their criminal activities and this will increase.
Trend Micro survey results claim that AI set to replace humans in cybersecurity by 2030. I am just wondering what this claim means and have people who have answered to the survey really understood AI and cyber security? My predictions is that we will need humans and AI and even traditional solutions for a long long time.
The lack of people with cyber security skills is still a problem for many companies because AI will not replace them any time soon. There are different views how the situation has developed. Cybersecurity Skills Shortage Falls for First Time article claims that that shortfall in skills has therefore dropped from 4.07 million last year to 3.12 million. As The End Of 2020 Approaches, The Cybersecurity Talent Drought Gets Worse article says that information technology industry has a real problem on its hands – and it’s only getting worse. While cybercrime grows exponentially, businesses are facing a severe cybersecurity talent drought. The supply of available, qualified security professionals is insufficient and the competition for services has dramatically increased. Some companies try to make claims that they have invented a “silver bullet” for educating cyber professionals like This educator claims to have invented an entertaining way to learn cybersecurity. Some of the cyber security issues move to cloud, so we need more people who know security and cloud. The Cloud Talent Drought Continues (And Is Even Larger Than You Thought)
Hackers leverage sophisticated and novel techniques to break into networks article tells that recent SolarWinds and JetBrains attacks are prime examples of why state-sponsored attacks are so dangerous. The hackers leveraged sophisticated, novel techniques to break into networks and obtain backdoor access to government agencies and enterprises. Expect to see more break-ins connected to those incidents and expect more similar incidents that have not just year been revealed.
Want to avoid having your online accounts hacked? Enable two-factor authentication. Better than the best password: How to use 2FA to improve your security article tells that this is a crucial security measure that requires an extra step when signing in to high-value services. The article explains how to set up 2FA and which accounts to focus on first.
A new version of OWASP Top-10 is coming this year. OWASP Top-10 2021 Statistics-based proposal article tries to make an OWASP Top-10 2021 predictions calculated by understandable metrics, make everyone able to reproduce the results, and present to an entire community for the feedback.
Privacy is an illusion. But that‘s a good thing article says that everyone’s information is available. It doesn’t matter who you are. Some people would pay lots of money to get that privacy illusion back and some just don’t care. With the Death of Cash, Privacy Faces a Deeply Uncertain Future article says that in One Future We have a Private, Anonymous Alternative to Cash but in the Black Mirror Future the Money in Your Pocket Knows Everything About You. Cash is dying that’s for sure. There are still ways to sen anonymous emails and it is a good idea to prepare to your digital life after death.
Ransomware attacks will explode in 2021 article claims that the Capitol riot and its aftermath makes the case for tech regulation more urgent, but no simpler. Against increased regulation there are freedom of speech sounding issues like Should Jack Dorsey be able to silence the president of the United States? Whether the storming of the US Capitol was an attempted coup, an insurrection, or an assault on democracy is merely a question of semantics. The US is now the focus of global instability. EU chief warns over ‘unfiltered’ hate speech and calls for Biden to back rules for big tech.
Legal requirements for IoT security start to emerge article tells that legislative activities are starting to make security a legal requirement for consumer IoT designs to have vaguely defined “reasonable security features”. US Government is beginning to create legislation mandating IoT security. The US House of Representatives, for instance, introduced H.R. 1668 – The Internet of Things Cybersecurity Improvement Act of 2020. There are NIST recommendations such as NISTIR 8259 — Foundational Cybersecurity Activities for IoT Device Manufacturers. EU introduces a cyber security IoT standard to protect its citizens and ENISA Publishes Guidelines on Securing the IoT Supply Chain.
7 Cybersecurity Predictions for Smart Buildings and Infrastructure for 2021: Continuous patch management and security updates, OT transparency for IT stakeholders, Natively secure OT network, Cloud-based access to remote sites instead of VPN, Zero touch onboarding, More cybersecurity in small facilities, Certified cybersecurity products and solutions.
IoT security is still complicated. For many development teams, the idea of building cybersecurity into their IoT design can seem daunting. 6 essential activities to help developers build in IoT cybersecurity article gives some ideas to improve cyber security in your IoT development.
2,204 Comments
Tomi Engdahl says:
Browser ‘Favicons’ Can Be Used as Undeletable ‘Supercookies’ to Track You Online
Favicons can break through incognito mode, VPNs, and Pi-holes to track your movement online
https://www.vice.com/en/article/n7v5y7/browser-favicons-can-be-used-as-undeletable-supercookies-to-track-you-online
Tomi Engdahl says:
What OSHA can teach us about cybersecurity
https://www.controleng.com/articles/what-osha-can-teach-us-about-cybersecurity/?oly_enc_id=0462E3054934E2U
Many of the lessons and changes applied to manufacturing after the Occupational Safety and Health Act of 1970 can be applied to the growing challenge manufacturers face with industrial cybersecurity. Three keys to improving cybersecurity are highlighted.
Tomi Engdahl says:
Hackers ask only $1, 500 for access to breached company networks
https://www.bleepingcomputer.com/news/security/hackers-ask-only-1-500-for-access-to-breached-company-networks/
The number of offers for network access and their median prices on the
public posts on hacker forums dropped in the final quarter of last
year but the statistics fail to reflect the real size of the initial
access market.
Tomi Engdahl says:
What OSHA can teach us about cybersecurity
Many of the lessons and changes applied to manufacturing after the Occupational Safety and Health Act of 1970 can be applied to the growing challenge manufacturers face with industrial cybersecurity. Three keys to improving cybersecurity are highlighted.
https://www.controleng.com/articles/what-osha-can-teach-us-about-cybersecurity/?oly_enc_id=0462E3054934E2U
Learning Objectives
The OSHA Act and the formation of OSHA in 1970 forced manufacturers to report on safety incidents and accidents.
Industrial cybersecurity needs a similar level of accountability to show how incidents affect manufacturing as a whole.
The emphasis needs to be on preventing attacks before they happen instead of after the fact.
Tomi Engdahl says:
https://etn.fi/index.php/13-news/11741-tietoturvaohjelmistoihin-laitetaan-nyt-valtavasti-rahaa
Tomi Engdahl says:
DRAM’s Persistent Threat To Chip Security
https://semiengineering.com/drams-peristent-threat-to-chip-security/
Rowhammer attack on memory could create significant issues for systems; possible solution emerges.
Tomi Engdahl says:
https://www.electropages.com/blog/2021/02/apple-facebook-and-privacy-labels-what-are-privacy-labels
Tomi Engdahl says:
Reinventing Managed Security Services’ Detection and Response
https://www.securityweek.com/reinventing-managed-security-services-detection-and-response
Tomi Engdahl says:
A Swiss Army Knife for Industrial Operations Protection
https://www.securityweek.com/swiss-army-knife-industrial-operations-protection
Tomi Engdahl says:
https://etn.fi/index.php/13-news/11738-f-secure-tietovuodot-altistavat-kuluttajat-kyberrikoksille
Tomi Engdahl says:
Number of ICS Vulnerabilities Continued to Increase in 2020: Report
https://www.securityweek.com/number-ics-vulnerabilities-continued-increase-2020-report
The number of vulnerabilities discovered in industrial control system (ICS) products in 2020 increased significantly compared to previous years, according to a report released on Thursday by industrial cybersecurity firm Claroty.
According to Claroty, the number of ICS vulnerabilities disclosed in 2020 (893 vulnerabilities) was nearly 25% higher compared to 2019 and close to 33% higher than in 2018. The company believes this increase is likely the result of heightened awareness of the risks posed by vulnerabilities in industrial products, as well as researchers and vendors putting more effort into identifying and patching security holes.
The company said 61% of vulnerabilities were discovered by third-party researchers, many of them employed by cybersecurity companies.
Tomi Engdahl says:
Käsikirja tukemaan terveydenhuollon kyberturvallisuutta Suomessa -Myös koronakriisin aikaisia vaikutuksia käsitelty
https://www.hyperlinkki.mediaparkki.com/2021/01/05/kasikirja-tukemaan-terveydenhuollon-kyberturvallisuutta-suomessa-myos-koronakriisin-aikaisia-vaikutuksia-kasitelty/
Tomi Engdahl says:
https://jyvsectec.fi/wp-content/uploads/2020/12/%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8B%E2%80%8Bkyberhairioiden-hallinta-kasikirja-terveydenhuollon-toimijoille.pdf
Tomi Engdahl says:
“On moraalitonta jättää haittojen torjunta rikoksen uhrille”, sanoo
tutkija henkilötunnuksen muuttaminen ei poista mahdollisuutta
identiteettivarkauteen
https://yle.fi/uutiset/3-11782128
Nykyistä laajempi vahva tunnistaminen esimerkiksi verkkokaupassa
estäisi tehokkaasti henkilötunnuksen väärinkäyttöä.
Tomi Engdahl says:
Rumat luvut: Kasvua 311 % kiristäjille ainakin 290 miljoonaa
https://www.is.fi/digitoday/tietoturva/art-2000007799824.html
Kiristysohjelmilla taottiin rahaa aivan uudella vimmalla viime vuonna,
rahan liikkeitä seuraava asiantuntija arvioi.
Tomi Engdahl says:
The Untold History of Americas Zero-Day Market
https://www.wired.com/story/untold-history-americas-zero-day-market/
The lucrative business of dealing in code vulnerabilities is central
to espionage and war planning, which is why brokers never spoke about
ituntil now.
Tomi Engdahl says:
Darknet crypto kingpin JokerStash retires after illicit $1 billion
run: research
https://www.reuters.com/article/amp/idUSKBN2AC14R
The kingpin or kingpins of the worlds biggest illicit credit card
marketplace have retired after making an estimated fortune of over $1
billion in cryptocurrency, according to research by blockchain
analysis firm Elliptic shared with Reuters.
Egregor ransomware operators arrested in Ukraine
https://www.zdnet.com/article/egregor-ransomware-operators-arrested-in-ukraine/
Arrested suspects are believed to be clients of the Egregor RaaS, not
the Egregor gang itself.. Members of the Egregor ransomware cartel
have been arrested this week in Ukraine, French radio station France
Inter reported on Friday, citing law enforcement sources.
Tomi Engdahl says:
Deepfake porn is ruining women’s lives. Now the law may finally ban it.
https://www.technologyreview.com/2021/02/12/1018222/deepfake-revenge-porn-coming-ban/
After years of activists fighting to protect victims of image-based sexual violence, deepfakes are finally forcing lawmakers to pay attention.
Tomi Engdahl says:
https://www.uusiteknologia.fi/2021/02/11/tarficom-kokosi-tietoturva-asiat-yhteen/
Tomi Engdahl says:
Poikkeuksellisena vuonna 2020 kyberturvallisuus kosketti kaikkia
https://www.hyperlinkki.mediaparkki.com/2021/02/11/poikkeuksellisena-vuonna-2020-kyberturvallisuus-kosketti-kaikkia/
Tomi Engdahl says:
Spam and phishing in 2020
https://securelist.com/spam-and-phishing-in-2020/100512/
The weirdest hacking techniques youve never heard of
https://www.pandasecurity.com/en/mediacenter/mobile-news/weirdest-hacking-techniques/
Tomi Engdahl says:
Vast Majority of Phishing and Malware Campaigns Are Small-Scale and Short-Lived
https://www.securityweek.com/vast-majority-phishing-and-malware-campaigns-are-small-scale-and-short-lived
Researchers from Google and Stanford University have analyzed the patterns of more than 1.2 billion email-based phishing and malware attacks targeting Gmail users, and found that most attack campaigns are short-lived and sent to fewer than 1,000 targets.
Users in North America are targeted the most, they found, with 42% of the observed attacks targeted users in the United States, 10% hitting people in the United Kingdom, and 5% aimed at users in Japan.
Most of the analyzed 406,002 phishing campaigns and 1,724,160 malware campaigns, the researchers say, were short, with fewer than 1000 users targeted by 91% of the phishing emails and 99% of the malware emails.
Tomi Engdahl says:
https://www.uusiteknologia.fi/2021/02/16/etatyo-voi-heijastua-digiturvariskeina-uusi-digiturvaraportti-tulossa/
Tomi Engdahl says:
F-Secure: Tietovuodot altistavat kuluttajat kyberrikoksille
https://etn.fi/index.php/13-news/11738-f-secure-tietovuodot-altistavat-kuluttajat-kyberrikoksille
Tomi Engdahl says:
https://www.uusiteknologia.fi/2021/02/11/tarficomm-kokosi-tietoturva-asiat-yhteen/
Tomi Engdahl says:
https://www.securityweek.com/securityweek-host-supply-chain-security-summit-march-10-2021
Tomi Engdahl says:
Know Your Adversary: Think Like a Hacker
https://www.eetimes.eu/know-your-adversary-think-like-a-hacker/
Tomi Engdahl says:
https://www.uusiteknologia.fi/2021/01/28/tietoturvan-hallinnointi-yha-haastavampaa/
Tomi Engdahl says:
https://www.securityweek.com/security-resolutions-make-2021
Tomi Engdahl says:
Experts warn U.S. needs new cyber strategy
https://m.youtube.com/watch?v=AjX-WnJ75C0&feature=share
Julkaistu 14.2.2021
Cybersecurity experts told 60 Minutes that the U.S. needs to develop a new cyber strategy to deal with Russia and other adversaries. https://cbsn.ws/37eJXYt
Tomi Engdahl says:
Beware of COVID19 vaccine scams and misinformation
https://www.welivesecurity.com/2021/02/16/beware-covid19-vaccine-scams-misinformation/
The vaccination push provides a vital shot in the arm for the worlds
battle against the pandemic, but it’s also a topic ripe for
exploitation by fraudsters and purveyors of misinformation
Tomi Engdahl says:
How DNS-over-HTTPS (DoH) has Changed the Threat Landscape For
Companies
https://quointelligence.eu/2021/02/dns-over-https-doh/
DNS-over-HTTPS (DoH) protocol is now offered and in some instances
standard, in major Internet browsers. DoH provides the benefit of
communicating DNS information over a secure HTTPS connection in an
encrypted manner. . The protocol offers increased privacy for
home-users but presents new challenges for enterprise networks and new
opportunities for malicious actors. In order to prevent evolving
threats from malware authors, organizations should stay updated and
follow the latest security recommendations.
Tomi Engdahl says:
Supply chain attacks are on the rise: Check your software build
pipeline security
https://www.zdnet.com/article/supply-chain-attacks-are-on-the-rise-check-your-software-build-pipeline-security/
Defending against supply chain attacks is more than trying to stop the
theft of encryption keys to access protected cloud resources.
Tomi Engdahl says:
Recordhigh number of vulnerabilities reported in 2020
https://www.welivesecurity.com/2021/02/15/record-breaking-number-vulnerabilities-reported-2020/
High-severity and critical bugs disclosed in 2020 outnumber the sum
total of vulnerabilities reported 10 years prior
Tomi Engdahl says:
This cybersecurity threat costs business millions. And it’s the one
they often forget about
https://www.zdnet.com/article/this-cybersecurity-threat-costs-business-millions-and-its-the-one-they-often-forget-about/
Phishing emails that dupe users into sending cyber criminals wire
transfers is by far the most lucrative form of cybercrime – here’s
what you need to know.
Tomi Engdahl says:
Introducing DNS Shotgun
https://en.blog.nic.cz/2021/02/16/introducing-dns-shotgun/
DNS Shotgun is a bechmarking tool specifically developed for realistic
performance testing of DNS resolvers. Its goal is to simulate real
clients and their behaviour, including timing of queries and realistic
connection management, which are areas where traditional tools are
lacking.
Tomi Engdahl says:
https://etn.fi/index.php/13-news/11661-darkwebista-saa-luottokortin-eurolla-kaikki-henkilotiedot-kympilla
Tomi Engdahl says:
Fun: Cloud
https://www.facebook.com/groups/it.humor.and.memes/permalink/5648417835183954/
Tomi Engdahl says:
Software vulnerabilities be damned. IoT devices may soon come with protection from hackers built into their mechanical and electrical designs
Darpa Hacks Its Secure Hardware, Fends Off Most Attacks
https://spectrum.ieee.org/tech-talk/computing/embedded-systems/darpa-hacks-its-secure-hardware-fends-off-most-attacks
Last summer, Darpa asked hackers to take their best shots at a set of newly designed hardware architectures. After 13,000 hours of hacking by 580 cybersecurity researchers, the results are finally in: just 10 vulnerabilities. Darpa is calling it a win, not because the new hardware fought off every attack, but because it “proved the value of the secure hardware architectures developed under its System Security Integration Through Hardware and Firmware (SSITH) program while pinpointing critical areas to further harden defenses,” says the agency.
Tomi Engdahl says:
Better device configuration shouldnt be like herding cats
https://www.ncsc.gov.uk/blog-post/better-device-configuration-should-not-be-like-herding-cats
Hunting for common security weaknesses using Microsoft Defender for
Endpoint.
Tomi Engdahl says:
Actions Enterprises Can Take to Combat Common Fraud Types
https://www.securityweek.com/actions-enterprises-can-take-combat-common-fraud-types
Fraud is a very general term that is used quite commonly in a variety of contexts. Although many of us have heard the term repeatedly, fewer of us have likely ever stopped to think about what fraud really is and what it means.
Fraud can mean many things, and it can mean different things to different people. Because of that, when trying to gain an initial understanding around the subject of fraud, I find it helpful to learn by looking into specific types of fraud. In this piece, I’d like to examine three types of fraud:
● Account Takeover (ATO)
● Account Opening (AO) – sometimes called Fraudulent Applications (FRAP)
● Payment
Beyond just an initial understanding of each of these types of fraud, I’d also like to examine what enterprises can do to mitigate risk and limit losses for each type.
Tomi Engdahl says:
CISO Conversations: Princeton, Cal State and Ohio State CISOs Talk Higher Ed Cybersecurity
https://www.securityweek.com/ciso-conversations-princeton-cal-state-and-ohio-state-cisos-talk-higher-ed-cybersecurity
Princeton, Cal State and Ohio State CISOs Discuss Cybersecurity and Their Roles in the Higher Education Sector
The higher education sector is like no other vertical among the critical industries. Each institution resembles a municipality, comprising retail, healthcare, physical security, fire station and police force – and perhaps 10,000 new potential student hackers every year.
It requires a special quality of CISO, and in this installment of SecurityWeek’s CISO Conversations series, we talk to three of the best: David Sherry (Princeton University), Ed Hudson (California State University) and Helen Patton (Ohio State University).
Tomi Engdahl says:
How DNS-over-HTTPS (DoH) has Changed the Threat Landscape For Companies
https://quointelligence.eu/2021/02/dns-over-https-doh/
DNS-over-HTTPS (DoH) protocol is now offered and in some instances standard, in major Internet browsers. DoH provides the benefit of communicating DNS information over a secure HTTPS connection in an encrypted manner. The protocol offers increased privacy for home-users but presents new challenges for enterprise networks and new opportunities for malicious actors. In order to prevent evolving threats from malware authors, organizations should stay updated and follow the latest security recommendations.
Pros this protocol offers to organizations:
Improving privacy and confidentiality by preventing data interception.
Preventing Man-in-the-Middle (MitM) attacks.
Enhancing security of information in transit.
Cons this protocol offers to organizations:
Interfering with national surveillance laws in several countries.
Potential information leakage when attempting to resolve internal DNS records.
Losing visibility into DNS traffic.
Losing control of DNS data.
Tomi Engdahl says:
This should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
https://www.extremetech.com/computing/317512-microsoft-pluton-chip-will-bring-xbox-like-security-to-windows-pcs?utm_campaign=trueAnthem%3A+Manual&utm_medium=trueAnthem&utm_source=facebook
Microsoft hopes to improve PC platform security, and it’s turning to CPU manufacturers to help it do that. The Windows maker has a new security chip design called Microsoft Pluton, and it’s probably coming to your next PC whether you want it or not. Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.
Microsoft says it started working on Pluton to address the troubling trend of CPU-based attacks like Spectre and Meltdown. Currently, many Windows PCs have a Trusted Platform Module (TPM), which is a separate chip someplace on the motherboard that the CPU uses to secure hardware and cryptographic keys. However, you can purchase expensive circumvention kits that physically tap the signal between the CPU and TPM to extract privileged data. Hypothetically, Pluton should block such attack vectors because it’s part of the CPU.
Devices running on CPUs with the Pluton module should be much harder to hack in the same way the Xbox One was harder to hack than previous versions of the console. That’s actually where Microsoft took its inspiration. The Xbox has an integrated security module that makes it harder to play pirated games. There are plenty of arguments against that sort of heavy-handed DRM, but Microsoft’s engineers learned a great deal about security strategies from the Xbox. Bringing that know-how to the PC could solve a lot of problems… and maybe introduce a few new ones.
Not everyone is over the moon about Pluton, which uses the same API as the standard TPM. It would be possible to use Pluton to run a digital rights management (DRM) scheme that is much harder to crack. Microsoft says that’s not its goal, but there’s nothing stopping someone from doing that. The integration of Pluton with CPU hardware also gives Microsoft some level of access to your hardware, even if you don’t use Windows. Microsoft already uses Pluton in its Linux-based Azure Sphere devices
Tomi Engdahl says:
Changing winds of cybersecurity for ICSs
https://www.controleng.com/articles/changing-winds-of-cybersecurity-for-icss/?oly_enc_id=0462E3054934E2U
The SolarWinds attack is the latest reminder the cybersecurity landscape is changing, and manufacturers need to protect industrial control systems (ICSs). See three ways a software bill of materials can help cybersecurity.
The SolarWinds attack has been in the news a lot lately due to the widespread scope of the attack, which went beyond one company or one specific target industry. The SolarWinds attack affected more than four-fifths of the Fortune 500 companies and hit virtually every major sector in the U.S. government and military.
This was more than a one-off cyberattack, and it’s only going to increase, according to Eric Byres, CEO for aDolus, in his presentation: “After the SolarWinds attack: What the SolarWinds fiasco tells us about the changing security landscape” at the ARC Advisory Group Forum, which was presented remotely via Zoom.
Nation-state-backed, multi-stage attack
The actors behind the SolarWinds attack, Byres said, were very professional and very well-organized in their attack. It was likely financed and backed by a nation-state, and they played the long game, initiating a multi-stage attack that lasted more than 18 months.
SolarWinds attack hit 100 companies and took months of planning, says White House
https://www.zdnet.com/article/solarwinds-attack-hit-100-companies-and-took-months-of-planning-says-white-house/
The White House warns SolarWinds attack was more than espionage because the private sector targets could lead to follow-up attacks.
Tomi Engdahl says:
Microsoft president Brad Smith told 60 Minutes last week that it was “probably fair to say that this is the largest and most sophisticated attack the world has ever seen.”
Microsoft: SolarWinds attack took more than 1,000 engineers to create
https://www.zdnet.com/article/microsoft-solarwinds-attack-took-more-than-1000-engineers-to-create/
Microsoft reckons that the huge attack on security vendors and more took the combined power of at least 1,000 engineers to create.
Tomi Engdahl says:
https://www.securityweek.com/elevate-value-threat-intelligence-soc
Tomi Engdahl says:
Apple Platform Security Guide Gets Biggest Update to Date
https://www.securityweek.com/apple-platform-security-guide-gets-biggest-update-date
Apple on Thursday published the latest edition of its Platform Security Guide, which provides detailed technical information on the security technologies and features implemented in its products.
Apple started releasing security guides for its iOS operating system in 2015 and since 2019 has been publishing platform security guides that encompass information on iOS, macOS and hardware.
https://github.com/0xmachos/Apple-Platform-Security-Guides
Tomi Engdahl says:
0xmachos /
iOS-Security-Guides
https://github.com/0xmachos/iOS-Security-Guides
Tomi Engdahl says:
https://cybernews.com/editorial/the-worlds-most-dangerous-state-sponsored-hacker-groups/