Newsletter (April 19th, 2021)

Friends:

Welcome to the inaugural issue of my newsletter.  My hope is to share my thoughts on current events in the area of cybersecurity. 

If you have spoken to me, you know that I feel that cybersecurity is a global issue with local implications.  There is plenty of happening in the international arena.  Russia conducted a major hack in November of federal systems including the Department of Defense.  Russia is not the only near-peer power that is conducting hacks.  China also has proved to be a bad actor in this field.  China hacked Microsoft exchange server which had an impact on small businesses. Interestingly enough, China used data scraped from social media sites to gather information to aid them in the hacking.  However, the Biden administration has not been silent on this issue.  The administration has now slapped Russia and China with sanctions.  Most importantly, the administration has appointed key cybersecurity personnel including a national director of cybersecurity.  Of particular interest is that this position was recommended in the Solarium Report last year, a bipartisan commission that recommended ways to improve our cyber-resiliency.

Meanwhile, on the home front, Molson Coors suffered a cyber-attack that disrupted operations.  Not sure if this qualifies as an attack on critical infrastructure but this guy probably thinks so.   I also often said that it is not enough for a business organization to secure; its subcontractors need to be secure as well.  For this reason, this lack of awareness of cybersecurity in the construction industry is disturbing.

Takeaways:

  • The cyber domain is a war zone with other countries actively attacking the United States.
  • The administration is responding.
  • Be careful what you post on social media; it can provide hackers with information to enable their attacks.
  • Every industry is a target.
  • Make sure your contractors are secure.

Have a great week!

Joe