The U.S. Army is working to both leverage the advantages of cloud migration and simultaneously ensure data security, taking on what could be characterized as a paradox.
Cloud migration, which is expanding throughout the service at lightning speed, naturally brings a host of previously unprecedented advantages such as more ubiquitous data access, broader information sharing and what could be called a nearly instant ability to pull down the data needed to make time-sensitive combat decisions. For instance, multiple nodes across a dispersed attack formation could simultaneously access vital intelligence stored on a centralized server. The cloud advantage is often described as “centralized” information with “decentralized” networking, execution and information transmission.
“Munitions are sensors, air vehicles are sensors… I just see a plethora of sensors. It all comes down to the data. When you talk about the cloud, it is about having someplace for that data to go where it is successful. All that data has to be available and then it is all about having the ability to get the right data out of the cloud to the right shooter through the right C2 [Command and Control] node, so that then you don’t have these massive bandwidth requirements on every platform everywhere,” General John Murray, Commander, Army Futures Command, told The National Interest in an interview.
PENTAGON APPROACHES MASSIVE NEW AI, MACHINE LEARNING BREAKTHROUGH
Murray, and his counterpart Bruce Jette, Assistant Secretary of the Army (Acquisition, Logistics & Technology), are working to accelerate cloud migration while also offsetting additional security risks potentially introduced by the process. In addition to massively expediting crucial warzone networking, the cloud can also present vulnerabilities by virtue of there being widespread access for potential intruders should they be able to breach a single point of entry. Part of the answer or approach to this challenge, intended to maximize cloud benefit while reducing risk, is to implement data-transfer organization and scaling.
“If you think about what a cloud is, it is a server with hard drives that can run programs remotely or transfer data via some network. I don’t always want to download all the data, but only the most appropriate information,” Jette told The National Interest in an interview.
Jette explained the dual-pronged approach in terms of transferring data from the “foxhole to the Pentagon” in a survivable way, an effort which benefits from efficiently structuring the data. Part of this emphasis is informed and strengthened by fast-growing applications of AI and computer automation which can instantly gather, discern and organize which data might be most in need for a particular combat scenario. Advanced, high-speed algorithms with instant or near real-time access to vast pools of data can bounce requests or new information against seemingly limitless amounts of information, quickly perform the needed analytics and prioritize the data needed for a specific scenario. This not only streamlines communication but also prevents larger pools of data from being more vulnerable to enemy penetration.
NEW SMALL US AIR FORCE SATELLITES COULD COUNTER CHINESE SPACE WEAPONS
For example, a small, dismounted infantry unit on the move might have occasion to immediately access combat-critical intelligence data stored on a far-away computer system; perhaps there are documents pertaining to enemy weapons, movements or historic tendencies potentially of great value to attacking forces. Cloud connectivity can massively impact the tactical equation in circumstances like this, all while reducing the need for a large, forward-positioned hardware footprint.
“By properly scaling where you retain data and how much you replicate and update the protocols you can mitigate a lot of the risk issues that are there today,” Jette said.
Also, as part of this complete equation, there are instances wherein cloud utilization can add additional security benefits through software updates and increased virtualization. By moving beyond a more singular focus on perimeter security or hardware, cybersecurity initiatives can have a wide reach across the cloud through virtualized improvements. In essence, software upgrades can impact an entire network versus a more narrowly-configured application.
Jette, who oversees somewhere between 600 and 800 acquisition programs, addressed the now long-standing ASA ALT (Assistant Secretary of the Army Acquisition, Logistics and Technology) effort to engineer cyber resiliency into technical systems early in the developmental process; the intention of the initiative is to anticipate threats, harden weapons functionality and ensure prototypes are engineered to meet the requirements threshold they will ultimately need to reach prior to combat.
CLICK HERE TO GET THE FOX NEWS APP
“On the cybersecurity side we have an extensive effort in firewalls, layered defenses, layered detection defenses encryption in transit and at rest so cybersecurity is preeminent in our application of these types of systems,” he said.
Russian hackers are trying to take advantage of the millions of employees working from home because of shelter-in-place orders.
Security firm Symantec said this week that it had discovered and then notified businesses that the Russian hacking group Evil Corp has been targeting remote employees with so-called ransomware attacks.
In a typical ransomware attack, criminals send victims an email—often created to look like it’s from a colleague—that contains a link to a malicious site. When users access the fraudulent site, criminals can then take over their computers and demand payment—typically in cryptocurrency like Bitcoin—to regain control of their devices.
In the case of Evil Corp’s ransomware attack, Symantec said the hackers wanted to “cripple” a company’s “IT infrastructure by encrypting most of their computers and servers in order to demand a multimillion-dollar ransom.”
Symantec said that 31 U.S.-based organizations were compromised in the latest series of attacks, “eight of which are Fortune 500 companies.” The security firm did not reveal the names of the impacted organizations nor whether they paid any ransoms. The security firm said that while the hackers “breached the networks of targeted organizations,” the criminals were only “in the process of laying the groundwork for staging ransomware attacks,” implying that they didn’t complete their intended extortion plans.
This recent hacking attempt used a specific type of ransomware known as WastedLocker, which Symantec said was developed by Evil Corp. Two of Evil Corp’s alleged members have been previously charged by the U.S. Department of Justice for a separate “decade-long cybercrime spree” affecting unspecified banks and financial firms, Symantec said.
Eric Chien, Symantec’s technical director, said in an interview with the New York Times, that hackers were able to launch ransomware attacks on workers via malware that “was deployed on common websites and even one news site,” without describing those compromised websites containing the malicious code. From those compromised websites, users inadvertently downloaded a bogus software update that installs the malware onto their computers.
That malware inspects people’s computers to see if they have installed a corporate virtual private network, or VPN, that businesses typically require their remote employees to use in order to access sensitive corporate data. The malware learns the name of the employee’s company from the VPN and is then able to infect people’s computers once those workers visit another website.
“Once the machine is reconnected to the corporate network, the code is deployed, in hopes of gaining access to corporate systems,” the Times said.
Cybercrimes are on the rise with hackers and scammers chomping at the bit for a shot at your system. There’s one tool that should be on all computers.
IBM Security, Packet Clearing House and The Global Cyber Alliance have a free service to protect you from accessing sketchy websites that spread malware, steal personal information and engage in fraudulent activity. Tap or click here to use this free security tool on your Windows or Mac computers.
But hackers may have already compromised your network. Tap or click here for a free test to see if your router has been hacked.
1. Keep everything up to date
Security threats are continually evolving, which is why you need to keep your browser updated. Updates help protect you from the latest spreading viruses and attacks. Tap or click here to find out if you are using the latest version of your browser.
Even more important, update your operating system regularly. Windows releases frequent (though sometimes buggy) updates and missing any can mean severe consequences for your security. The same goes for Macs.
Most Windows PCs download and install updates automatically by default. If you haven’t changed your automatic update settings, you might not need to change a thing. If you’ve turned automatic updates off, you can update manually.
Apple’s macOS receives its updates through the Mac App Store. Open the App Store app, click Updates. Tap Update to download and install.
Even if cybercriminals can see your network, a firewall helps to prevent them from getting inside and doing any damage. Make sure your firewall is on.
For Windows, open Settings > Update & Security. Choose Windows Security from the left-hand menu. Choose Firewall & Network Protection to open the firewall menu.
Your system will tell you whether your firewall is on or not. If it’s off, you can toggle it on or reset the settings to default by clicking on Restore firewalls to default.
For Mac, open System Preferences, then click Security and Privacy. Click the Lock Icon to make changes and enter your admin username and password. Then select Turn on Firewall.
One more important step
Tap or click here to test that your firewall is actually working. These port scans will make sure you’re keeping bad actors out of your system.
Most browser extensions are safe-to-use tools that enhance your internet experience, but some are malicious. Regularly comb through your list of extensions and remove any you don’t recognize or don’t use anymore.
In Chrome: Visit the Chrome Web Store menu to see a list of all your currently installed extensions. Remove them by clicking Remove from Chrome. Click the Library tab and delete the extension from there as well.
In Firefox: Click on the three-line menu button and click Add-ons, followed by Extensions. Scroll through the list of extensions and click the three-dot icon next to the extensions you want to remove. Select Remove to delete them from your browser.
In Safari: Choose Safari > Preferences, then click Extensions. To turn off an extension, deselect its checkbox. To uninstall an extension, select the extension and click the Uninstall button.
Tip in a Tip: When it comes to browsers, some are better than others. Tap or click here for a comparison of Chrome, Safari, Firefox, Edge and Tor.
Windows users should check the hosts file to see if attackers have made any unusual configurations. This file can override your DNS and redirect URLs to different locations, like malicious websites.
Type the Window Key + R on your keyboard and paste C:WindowsSystem32driversetchosts into it.
In the pop-up menu that appears, select Notepad to open the file. Scroll through and note any unusual or garbled looking text. Copy the data contained here into another text document as a backup, and delete the unusual entries. Click File, then Save to make the changes.
Network intruders can slow down your internet speed and interfere with your data. It’s worth knowing who else might be logged in and using it.
To see all the devices connected to your network, open your router’s settings menu. To do this, type your IP address into the address bar of your web browser. You can usually find this address on the sticker attached to the bottom of your router, but most use the default address of 192.168.1.1.
Then, log in with your username and password. This is the default username and password for your router or a unique login you created when you set it up. If you’re unsure what your login is, you can call your ISP for assistance.
When you’re logged into your router settings, look for an option that looks like “Attached Devices, “Connected Devices” or “Client List.” It shows you all the devices using your connection.
Scroll through the list and note anything that you don’t recognize. Usually, you can kick them off from this menu as well.
SAVE SOME CASH: You’re probably paying more than you need to for internet. Tap or click here for seven smart ways to lower your monthly bill.
By default, your router broadcasts its network name (SSID) for you and your guests to find easily. This also means anyone looking for your network can attempt to join. You can stop it from broadcasting its connection, so only people who know your router’s exact name can attempt to join.
To do this, log into your router’s settings and locate the menu for wireless settings. Look for the broadcasting option for your SSID, which is most often enabled by default. Toggle that option off.
Make sure you write down your SSID before disabling the broadcast. Otherwise, you might find yourself locked out of your network.
With a little work, you can make your network a whole lot safer. My advice? Take some time to secure your connection. Your future self will thank you.
What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch The Kim Komando Show on your phone, tablet, television or computer. Or tap or click here for Kim’s free podcasts.
Copyright 2020, WestStar Multimedia Entertainment. All rights reserved.
Learn about all the latest technology on the Kim Komando Show, the nation’s largest weekend radio talk show. Kim takes calls and dispenses advice on today’s digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, free newsletters and more, visit her website at Komando.com.
Cybercriminals could trace your device or access sensitive personal data through contact-tracing apps built for the coronavirus pandemic, a new report says.
In a report released Thursday, cybersecurity firm Check Point noted that U.S. developers are working on contact tracing apps that measure Bluetooth signal strength to detect the distance between device users. The basic idea is, if two devices are close enough, within 6 feet, an infected user could potentially transmit the virus. If somebody is infected, other app users would be notified and could self-quarantine and get tested.
GPS can also be used to determine location. This approach allows health authorities to analyze the geography of the infection spread and take preventative measures. MIT’s SafePaths app, for example, uses GPS technology.
IRS WARNS ON CONTINUING COVID-19 SCAMS, AS $30B IN STIMULUS PAYMENTS COULD BE STOLEN
Checkpoint researchers laid out a number of concerns about the apps, including issues with the following:
“The jury is still out on how safe contact tracing apps are. After initial review, we have some serious concerns,” Jonathan Shimonovich, Manager of Mobile Research at Check Point, said in a statement.
“Contact tracing apps must maintain a delicate balance between privacy and security, since poor implementation of security standards may put users’ data at risk,” he added.
YOU MIGHT WANT TO CHANGE YOUR PASSWORD AFTER THIS SHOCKING STUDY
Google and Apple made news in April when they announced a framework based on Bluetooth for registration of contact events. Each device generates keys to send to nearby devices and the devices store the contact IDs locally.
According to the framework, if a user decides to report a positive diagnosis of COVID-19 to their app, they will be added to the positive diagnosis list – managed by a public health authority – so that other users who came into range of the infected person’s Bluetooth “beacons” can be alerted.
Check Point has offered some pointers on how you can protect yourself from exposing your data:
CLICK HERE TO GET THE FOX NEWS APP