Cyber threats | Business Upturn

Iranian hackers target 2024 US Elections

Eesha Chakraborty — Fri, 23 Feb 2024 17:24:08 +0000

The 2024 US elections, already brimming with political tension, face a potential cyber threat from Iran, according to a recent report by cybersecurity firm CrowdStrike. With a history of interference in US political events, Iran’s state-sponsored hackers are suspected to be planning similar disruptive tactics in the upcoming elections.

CrowdStrike, renowned for its expertise in combating cyber threats, specifically points towards the Islamic Republic’s history of meddling in US political affairs. The report meticulously details past instances, including the late 2020 Information Operations campaign, where Iranian actors unleashed a multifaceted attack. This involved sending intimidating emails to voters, impersonating a far-right US group and swaying their votes. Additionally, they disseminated fabricated videos alleging ballot tampering, aiming to sow distrust in the electoral system.

The report further predicts that these tactics, along with Distributed Denial-of-Service (DDoS) attacks and website defacements, are likely to resurface in 2024. These malicious activities have historically targeted state and local government entities, aiming to disrupt election infrastructure and sow chaos.

Furthermore, the report highlights a concerning trend observed in the latter half of 2023. “Iran-nexus adversaries” and Middle Eastern hacktivists were observed aligning their cyber operations with the kinetic operations stemming from the Israel-Hamas conflict. This suggests a potential escalation of cyber activities in the wake of geopolitical tensions, raising concerns about the 2024 US elections being collateral damage.

CrowdStrike’s warning echoes similar concerns voiced by Microsoft earlier this month. The tech giant identified Russia, Iran, and China as potential actors aiming to influence the upcoming elections in the United States and other countries.

Biden administration takes aim at port cybersecurity

Eesha Chakraborty — Wed, 21 Feb 2024 15:29:43 +0000

Underscoring the critical role of secure and resilient ports in sustaining American prosperity, the Biden-Harris administration announced a comprehensive set of actions addressing vulnerabilities and strengthening the nation’s maritime infrastructure. Recognizing the increasing risks posed by cyber threats and foreign dependence on key technologies, the plan focuses on two fundamental pillars: enhancing cybersecurity measures and revitalizing domestic manufacturing capabilities.

The centerpiece of the initiative is a new Executive Order empowering the Department of Homeland Security (DHS) to establish mandatory cybersecurity standards for U.S. ports. This crucial step aims to fortify digital networks and systems against unauthorized access and malicious attacks. The U.S. Coast Guard, playing a pivotal role in safeguarding maritime security, will gain the authority to directly respond to cyber threats. This includes requiring vessels and waterfront facilities to address vulnerabilities that could endanger lives and critical infrastructure. Additionally, mandatory reporting of cyber incidents and active threats will create a robust system for early detection and mitigation.

Addressing a specific concern regarding Chinese-made ship-to-shore cranes at strategic ports, the initiative introduces a Maritime Security Directive. This directive mandates owners and operators of such cranes to take action to mitigate identified cyber risks. The move reflects the administration’s proactive approach towards countering potential foreign adversaries and securing vulnerable systems within the maritime infrastructure.

Further bolstering cyber resilience, the U.S. Coast Guard has issued a Notice of Proposed Rulemaking on Cybersecurity in the Marine Transportation System (MTS). This proposed rule seeks to establish minimum cybersecurity requirements across the MTS, aligning with international and industry standards to effectively manage cyber threats. This initiative builds upon previous efforts by the Department of Homeland Security and reflects the administration’s commitment to leveraging regulatory frameworks for safeguarding critical infrastructure.

Recognizing the interconnectedness of cybersecurity and domestic manufacturing capabilities, the plan prioritizes the revitalization of the U.S. crane industry. Through the Investing in America Agenda, the administration pledges over $20 billion in investments over the next five years to upgrade port infrastructure. This funding, coupled with strategic partnerships, has already attracted companies like PACECO Corp., a U.S.-based subsidiary of a Japanese firm, to onshore crane production in America. This shift signifies a significant milestone in reversing decades of decline in domestic manufacturing and creating job opportunities within the maritime sector.

The comprehensive plan announced by the Biden-Harris administration represents a multi-pronged approach towards achieving two interconnected goals: safeguarding the nation’s ports from cyber threats and revitalizing domestic manufacturing capabilities. By empowering relevant agencies, establishing robust cybersecurity standards, and fostering domestic production, the initiative aims to ensure the long-term resilience and competitiveness of the American maritime industry.

India ranks 80th in local cyber threats despite booming $6 billion cybersecurity market

Eesha Chakraborty — Wed, 21 Feb 2024 15:29:37 +0000

A recent report has shed light on India’s cybersecurity landscape, revealing a concerning trend of local cyber threats targeting internet users. The report, which focused on threats found directly on users’ devices or removable media, placed India at the 80th position globally. This means that a significant portion of Indian internet users faced local threats in 2023, with nearly 34% encountering such malicious programs. These threats can take various forms, including malware hidden within complex installers or encrypted files.

Despite the prevalence of local threats, India’s cybersecurity market is booming, reaching a staggering USD 6.06 billion in 2023. However, experts warn that sophisticated external cyber threats pose a major challenge for businesses. In response, nearly two-thirds of Indian enterprises are planning to outsource key security tasks to managed security service providers in the next three years. Establishing and maintaining trust in the digital realm becomes increasingly difficult when sophisticated attacks threaten to breach data and disrupt operations.

Recognizing this challenge, a significant trend is emerging within Indian enterprises. Nearly two-thirds, or 67%, are considering outsourcing key security tasks to managed service providers (MSSPs) in the coming years. This shift signifies a growing understanding of the complexities involved in managing cybersecurity, and the potential benefits of leveraging specialized expertise. By partnering with MSSPs, organizations can gain access to advanced security solutions and skilled personnel, allowing them to focus on their core business functions with greater peace of mind.

Furthermore, the adoption of artificial intelligence (AI) and digital payments in India adds another layer of complexity to the cybersecurity landscape. As Jaydeep Singh, General Manager for South Asia at Kaspersky, aptly points out, “With the rise of AI use and the consistent digital payment adoption here, it has become imperative for organisations to continuously improve their cybersecurity posture to protect their assets and maintain stakeholder trust.” The integration of AI and digital payments necessitates robust security measures to safeguard sensitive data and prevent financial losses.

While the market is flourishing and awareness is increasing, the persistent threat of local and external cyber attacks necessitates continuous vigilance and improvement.