Cyberwarfare: The Technology Attack

Posted by:

DEFENDEDGE

|

On:

|

Cyberwarfare: The Technology Attack

What is Cyberwarfare? There is still widespread debate around the true definition of “cyberwarfare.’ Some experts define it as an “extension of policy by actions taken in cyberspace by state actors that constitute a serious threat to another state’s security.” Others in the field believe that cyberwarfare is the “use of technological force within networks in which information is stored, shared or communicated online”. The commonality among most definitions of the term is that warfare has already spread from traditional terrestrial domains into cyberspace.

The global influence of nations is traditionally derived from their economic wealth and the mechanisms by which they control that wealth. So it stands to reason that this would be a huge target for state-sponsored cyberwarfare. The United States Treasury and Commerce Departments endured just such an attack over recent months. This became public on December 14th, 2020.The US government acknowledged that Russia likely conducted a cyberespionage campaign which penetrated government agencies byinjecting malicious code into popular software updates.. The hack allowed remote access into unclassified government networks and allowed the hackers to steal information and exploit access. The hackers were given a “Gods-Eye View” of these networks, one of them being the US Treasury.

Wouldn’t the hackers’ location have been a “red flag” for cybersecurity experts within the US government as well as contractors who are paid to secure government networks? Assuming that the US Treasury has contacts and vendors around the world, wouldn’t there have been a “whitelist” of locations so that if a group of users appeared out of the ordinary, network monitors would have been notified? This question is pertinent for a government agency just as it is for every company, large or small.

So what’s the solution? What technology could have helped prevent these attacks?

The solution is DefendEdge’s SiON software. SiON is an artificial intelligence-powered platform for detecting and stopping insider threats. A hacker that signs in from a location atypical from the actual owner of the credentials? SiON would have flagged and acted upon this anomalous behavior immediately; SiON is able to pinpoint the exact location of every login. Are credentials already compromised? With endpoint security integration, any compromised device would have been shut-off immediately and credentials would be immediately disabled. SiON is a platform designed to give a bird’s-eye view of everything that is going on across your company’s network at the tip of your fingers. It continuously monitors attacks to your network, monitors infections that are currently lingering on your employees’ computers, and gives you the ability to act fast and stop attacks before they gain access to your network.