institute for critical infrastructure technology

There’s Proof That North Korea Launched the WannaCry Attack? Not So Fast! – A Warning Against Premature, Inconclusive, and Distracting Attribution

By James Scott, Sr. Fellow, ICIT Last week, ICIT urged responsible news outlets to focus on meaningful aspects of the May 12, 2017 WannaCry attack on over 230,000 systems in over 150 countries, such as the desperate need for security-by-design in software and technology, the perpetual failure of organizations across the globe to secure their .. read more

ICIT Analysis: America Exposed – Who’s Watching You Through your Computer’s Camera?

Virtually every computer, smartphone, and internet-enabled mobile device has a camera and microphone that can be used by malicious threat actors to surveil and spy on the user. Using malware such as NanoCore RAT and Nuclear RAT 2.0, Cyber Criminals, Script Kiddies, and Nation State APTs can compromise devices and remotely monitor the activities of .. read more

WannaCry Ransomware & The Perils of Shoddy Attribution: It’s the Russians! No Wait, It’s the North Koreans!

By James Scott, Sr. Fellow, ICIT Baseless Attribution Discussions Distract From Meaningful Dialogue It’s the Russians! No, wait, it’s the North Koreans! No, wait it’s…cyber mercenaries posing as PLA hackers moonlighting as cyber mercenaries for the North Korean nation-state? It’s interesting to watch faux experts take such authoritative positions in sinking sand arguments with virtually .. read more

Recommendations for Preventing Ransomware Exploitation

By James Scott, Senior Fellow, Institute for Critical Infrastructure Technology Ever since the WannaCryptor ransomware attack, also known as WannaCry or Wcrypt, began wreaking havoc around the globe, ICIT has received a flood of inquiries from policymakers, governments, and the private sector on how organizations can defend themselves.  ICIT is pleased to provide the following .. read more

ICIT Analysis: The Cyber Shield Act

Industry experts and federal agencies such as NSA, NASA and NIST have repeatedly pushed for the implementation and standardization of the bare essentials of Information Security, such as security-by-design, cyber-hygiene training, and layered defenses, to be recognized as crucial topics on the Hill.  The Cyber Shield Act is an excellent idea for improving informed consumer .. read more

ICIT Analysis:  Sowing the Seeds of U.S. Cyber Talent

K-12 students are the most prevalent and the most invaluable resource the U.S. can utilize in the development of a skilled and formidable cyber-workforce. As the United States grapples with a projected shortage of 1.5 million cybersecurity professionals by 2020, the “digital generation” provides a unique opportunity to address the cyber-talent shortage. In this analysis, .. read more

ICIT Analysis – S.J. Res. 34 – Introduction of Privatized Censorship

With S.J.Res.34, every citizen will have massive amounts of their data exposed when their ISP or a nebulous third-party intentionally or inadvertently fails to adequately secure the information. By drastically expanding that collection, storage, and exchange of data with a few short lines of legislation, Congress has jeopardized the security and privacy of every citizen, every .. read more

The Know Your Enemies 3.0 Advanced Persistent Threat Advisory is Finally Here!

We Connect the Dots between Nation State, Cyber Mercenary, Cyber Caliphate and Cyber Criminal Advanced Persistent Threats by James Scott, Sr. Fellow, ICIT Allegations of cyber-incidents, IP theft, and cyber-attack have significant tangible results and seismic geopolitical implications. Most compromised organizations do not detect breaches until eight months after the initial incident; consequently, typical attribution .. read more

On March 28th, 2017, posted in: Latest Posts by Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

ICIT Analysis: How to Crush the Health Sector’s Ransomware Pandemic

The health sector is the most vulnerable, most targeted, and resoundingly least equipped to defend against hackers who are pummeling healthcare organizations with ransomware attacks.   This ransomware epidemic will only become more severe and costly as the infection volume in 2017 will trump infections in 2016. In this post, entitled “How to Crush the .. read more

Cybersecurity in Non-Profit and Non-Governmental Organizations

Non-Profit and Non-Government Organizations (NGOs) rely greatly on the use of information technology for both their operations and innovative strategic program initiatives.  In a sense, they are no different than any small, medium or large-scale enterprise with regard to computing.  Keeping information confidential and free from integrity and privacy challenges as well as ensuring their .. read more

ICIT Analysis: Signature Based Malware Detection is Dead

Signature and behavioral based anti-malware are no match for next generation adversaries who utilize mutating hashes, sophisticated obfuscation mechanisms, self-propagating malware, and intelligent malware components. In this analysis, entitled “Signature Based Malware Detection is Dead,” the Institute for Critical Infrastructure Technology provides a thought-provoking analysis of the necessity for critical infrastructure sectors to adopt advanced .. read more

Congressman Jim Langevin Receives the ICIT Transcend Award

Washington D.C. January 25, 2017 – The Institute for Critical Infrastructure Technology (ICIT), America’s Cybersecurity Think Tank™, presented Congressman Jim Langevin, from Rhode Island’s 2nd congressional district, with its Transcend Award at the Congressman’s office in the Rayburn House Office Building. The Transcend Award is an honor given each year to a distinguished member of .. read more

ICIT Publication: Dragnet Surveillance Nation: How Data Brokers Sold Out America

With recent accusations of fake news and the weaponization of information as a mechanism of steering public perceptions dominating headlines around the world, have you ever considered the reality that private dragnet surveillance via social media properties, ISPs, search engines, health sector organizations etc., heavily contribute to the problems of adversarial intervention and streamlined distribution .. read more

The Cybersecurity Show Must Go On: Surpassing Security Theatre and Minimal Compliance Regulations

The United States Cybersecurity culture is heavily rooted in practices of Security Theater, where an organization that suffers a data breach can invest in countermeasures that provide a feeling or sense of security without actually improving the cybersecurity threat posture of the organization. In this publication, entitled “The Cybersecurity Show Must Go On:  Surpassing Security .. read more

“Fake News” Is “Old News” for Nation State and Mercenary APTs

By James Scott, Senior Fellow ICIT Regardless of your partisan persuasion, your opinion of mainstream media or your opinion of the ‘alt-right,’ one thing is for certain, ‘fake news’ is ‘old news’ when it comes to the weaponization of information by nation states and cyber mercenaries. Cyber adversaries tailor spear phishing and malvertising lures to .. read more

It’s the Russians! … or Is it? Cold War Rhetoric in the Digital Age

by James Scott, Sr. Fellow, ICIT Introduction Malicious actors can easily position their breach to be attributed to Russia.  It’s common knowledge among even script kiddies that all one needs to do is compromise a system geolocated in Russia (ideally in a government office) and use it as a beachhead for attack so that indicators .. read more

ICIT Analysis: Identity and Access Management Solutions: Automating Cybersecurity While Embedding Pervasive and Ubiquitous Cyber-Hygiene-by-Design

Identity and Access Management (IAM) solutions are a critical component of organizational cyber-hygiene and cybersecurity initiatives because IAM solutions automate cyber-hygiene best practices, reduce user fatigue, provide access controls, establish user accountability, institute system auditability, and enable users to mitigate cyberattacks. In this analysis, entitled “Identity and Access Management Solutions: Automating Cybersecurity While Embedding Pervasive .. read more

ICIT Publication – Rise of the Machines: The Dyn Attack Was Just a Practice Run

As the adversarial threat landscape continues to hyper-evolve, America’s treasure troves of public and private data, IP, and critical infrastructure continues to be pilfered, annihilated, and disrupted.  The Mirai IoT botnet has inspired a renaissance in adversarial interest in DDoS botnet innovation based on the lack of fundamental security-by-design in the Internet and in IoT .. read more

Overcoming Event Fatigue: ICIT Programs Offer a Platform for True Thought Leader Collaboration

by James Scott (Sr. Fellow, ICIT) & Parham Eftekhari (Sr. Fellow, ICIT) The rapid outbreak of cyber threats over the past few years has resulted in an abundance of events that promote faux experts and ineffective silver bullet solutions, often hosted by organizations who are more focused on luring in massive crowds of attendees and .. read more

The Painfully Vulnerable Election System and Rampant Security Theater

by James Scott, Sr. Fellow, ICIT and Drew Spaniel, Fellow, ICIT ‘Clunky as Heck’ and Security via Obscurity Create Only an Illusion of Secure Elections “Election Officials, consider your voting machines, networks and tabulators infected until you’ve forensically proven otherwise.”  James Scott, Senior Fellow, ICIT The first step to correcting the plague of cyber-kinetic vulnerabilities .. read more

DYN Attacks Exploit Old and Well Known Vulnerabilities

by James Scott, Sr. Fellow, ICIT and Drew Spaniel, Researcher, ICIT Throughout the morning, DYN has released statements indicating that the issue has been resolved only to have the servers crash within the following hour. Without inside information, two hypotheticals exist to explain the heat map and the disruption. First, it is possible that DYN .. read more

The Categorical Threat Landscape to Consider When Reading NASS’ Open Letter to Congress

Authored By: James Scott, Sr. Fellow, ICIT & Drew Spaniel, Researcher, ICIT On September 26, 2016, the National Association of Secretaries of State (NASS) released an Open Letter to Congress that urged for the informed communication of facts about the security of election systems with the American public. This communique builds upon the NASS letter .. read more

ICIT Analysis: Hacking Elections is Easy! Part 2: Psst! Wanna Buy a National Voter Database? Hacking E-Voting Systems Was Just the Beginning

The United States election process has been at risk since the widespread adoption of electronic voting (e-voting) systems in 2002-2006. Despite the fact that researchers have spent the past decade demonstrating that Direct Recording Electronic (DRE) and optical scanning systems from every manufacturer are vulnerable along numerous attack vectors, our Nation is still plagued with .. read more

ICIT Brief – Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims

Despite being the most at-risk and perpetually breached critical infrastructure sector in the Nation, virtually all health sector organizations refuse to evolve their layered security to combat a hyper evolving threat landscape. As a result, when a healthcare system is breached and patient records are stolen, the entire brutal impact of the incident that resulted from .. read more

ICIT Analysis: Hacking Elections is Easy! Part One: Tactics, Techniques, and Procedures

True democracy relies on the reliability of the democratic process. The “Help America Vote Act”, passed in 2002, ushered in an era of uncertainty by proliferating the use of electronic voting systems vulnerable to cyber, technical and physical attack. More often than not, electronic voting systems are nothing but bare-bone, decade old computer systems that .. read more

ICIT Brief – China’s Espionage Dynasty: Economic Death by a Thousand Cuts

The criminal culture of theft that has been injected into virtually every line of China’s 13th Five-Year Plan is unprecedented. From state sponsored smash and grab hacking and techno-pilfering, to corporate espionage and targeted theft of IP, never before in recorded history has IP transfer occurred at such a rapid velocity. In this report, entitled .. read more

ICIT Report: Utilizing the NSA’s CSfC Process- Protecting National Security Systems with Commercial Layered Solutions

The acceleration of State Sponsored and Mercenary APT cyber-attacks, each of which possess new and more innovative layering of stealth and sophistication, has triggered a much needed response by the National Security Agency’s (NSA) Information Assurance Directorate (IAD). A more expedient path to technology approval has been introduced for qualified organizations. As a result, the .. read more

ICIT Report: CISO Solution Fatigue – Overcoming the Challenges of Cybersecurity Solution Overload

Due to the plague of APTs, malware, ransomware and other malicious initiatives by invisible adversaries, few C-level executive positions are as critical as the CISO. A well informed CISO can improve the engagement of the C-Suite and improve the cyber posture of the organization. However, due to a variety of factors, CISOs combat information overload and vendor .. read more

ICIT Analysis: The Wound Collectors – Profiling the Self Radicalized Lone-Wolf Terrorist

Acts of domestic terrorism in the West are escalating at an alarming rate. Lone wolf attacks and attackers have sparked public, political and law enforcement curiosity due to the, seemingly, random and independent action of a self-radicalized extremist with modest or no ties directly to the group in which they proclaim the action to be .. read more

American ISIS: Analysis of the Orlando Jihadist & Lone-wolf Attacks

ISIS lone wolves are being activated in towns and cities globally for the most potent cyber-physical combination of guerrilla attack ever to be introduced in modern warfare. This new enemy, fueled by extremist ideology, defies traditional profiling attributes such as race, sex, age, education, and nationality and can more easily evade detection by law enforcement. This .. read more

ICIT Brief – The Anatomy of Cyber-Jihad: Cyberspace is the New Great Equalizer

Until now it has been fairly easy to categorize malicious cyber-actors as State Sponsored APT, Hacktivist, Mercenary and Script Kiddie. However, a new threat actor has emerged who uses technological means to bring terror and chaos to our nation and its allies: the Cyber-Jihadist. Cyber-Jihad has quickly arrived on the scene and will only continue .. read more

NIST SP 800-160: For the Rest of Us – An ICIT Summary

NIST Special Publication 800-160: Systems Security Engineering: Consideration for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems, offers useful strategies that can raise the bar for cyber defense and can be implemented quickly to drastically minimize traditionally vulnerable attack surfaces laid siege by state sponsored APTs, hacktivists, sophisticated mercenaries and cyber jihad hackers. This condensed .. read more

ICIT Brief: Combatting the Ransomware Blitzkrieg with Endpoint Security

Ransomware, the weaponization of encryption, has struck fear and confusion into the hearts of PC users and critical infrastructure communities alike. While it is impossible for organizations to prevent malware from infecting their networks, those who deploy a multi-layered security strategy and teach proper cybersecurity hygiene to their employees have a strong chance of defending against these .. read more

ICIT Bulletin: America is Under Siege: Now is the Time for NASA to Unleash Gryphon-X

Despite maintaining one of the greatest treasure troves of intellectual capital on the planet, NASA, like virtually all federal agencies, is plagued by bureaucracy and competing interagency political agendas which creates a culture that stifles innovation. While adversaries run rampant in the critical infrastructures of our Nation, nextgen cybersecurity proposals aimed at protecting our networks, .. read more

ICIT Bulletin: Cerber and KeRanger

Cerber and KeRanger are two of the latest Ransomware debacles to catastrophically affect the ill prepared. Once again we are confronted with the reality of our Nation’s lack of cybersecurity hygiene and the need for a more security-centric  culture among technology users. This ICIT Bulletin entitled, “Cerber & KeRanger: The Latest Weaponized Encryption” consolidates an explanation .. read more

The ICIT Ransomware Report: 2016 Will Be the Year Ransomware Holds America Hostage

Institute note: during our non-public soft distribution, we discovered that an incorrect, pre-edited version of this document was distributed. We have since corrected this error.  Our Ransomware Report is available for download below. 2016 is the year ransomware will wreak havoc on America’s critical infrastructure community. The resurgence of these attacks is driven by a growing attack surface .. read more

ICIT Fellow Meetings: Change Agents & Operational Innovation

            ICIT’s 2016 monthly Fellow meetings have drawn executives from DHS, DoD, NASA, FDIC, HHS, FCC, and Interior as the Institute shepherds the community through a cybersecurity-centric renaissance and fosters strategic collaboration with industry and academic leaders.  These thought leadership forums have  inspired attendees to move their organization’s cybersecurity strategies forward with innovative .. read more

ICIT Brief: Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient .. read more

ICIT Senate Briefing: Hacking Hospitals

            On November 19, the Institute for Critical Infrastructure Technology conducted a briefing at the U.S. Senate entitled “Hacking Hospitals” to address the growing threats facing healthcare organizations. During this briefing, senior Senate staffers and attendees from agencies including the Departments of Veterans Affairs, State, Homeland Security, Health and Human .. read more

ICIT Fellows convene to discuss NextGen cybersecurity with NASA Ames, Army Cyber Institute, Blackberry

At the closed door October 2015 Institute for Critical Infrastructure Technology Fellows Meeting, Fellows and government leaders convened to discuss the top threats facing critical infrastructure sectors and the technologies and strategies which can mitigate risk.  The top challenges identified include an expanding attack surface driven by IoT and increases in mobile devices, better organized .. read more

ICIT Fellow Meeting: NextGen Cybersecurity w/NASA Ames CIO; Army Cyber Institute

NextGen Cybersecurity to Defend the Nation’s Critical Infrastructures  Today’s most sophisticated security minds understand that their defenses will be breached.  Evolving security strategies are now focused on technologies which detect threats and unauthorized access while creating a series of obstacles to slow down the attackers ability to exfiltrate data in order to give network administrators time to stop the attack. .. read more

Congresswomen Lee (TX) and Chu (CA) speak at “Town Hall” on Minority Representation in Cybersecurity

            As part of Cybersecurity Awareness month, the Institute for Critical Infrastructure Technology hosted a Town Hall on Minority Representation in Cybersecurity, a meeting sponsored by Congresswoman Sheila Jackson Lee (TX).  Congresswoman Lee was joined by Congresswoman Linda T. Sánchez, Chair of the Congressional Hispanic Caucus and Congresswoman and Judy Chu, .. read more

Cybersecurity Awareness Month “Town Hall” on Minority Representation in the Cybersecurity Workforce

We are honored to announce that Congresswoman Sheila Jackson Lee (TX), joined by Congresswoman Linda T. Sanchez and Congresswoman Judy Chu, is hosting ICIT and its partners the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the Department of Homeland Security for a “Town Hall” forum at the U.S. House of Representatives to address the .. read more

ICIT Congressional Brief: Car Hacking, IoT & Smart City Security Demonstration & Reception

ICIT, sponsored by Congresswoman Sheila Jackson Lee (TX) and in collaboration with ICIT Fellow IOActive, will hold an event at the U.S. House of Representatives to address the growing threat of remote attacks against moving vehicles and the privacy of consumer data captured by automotive systems, in addition to Smartcity security and the general need .. read more

ICIT Fellow Fall Kick-off Cocktail Reception

To celebrate a successful summer and kick-off our fall initiatives, ICIT is hosting an invitation-only cocktail reception for its Fellows and select Government leaders.  This gathering is an opportunity for Fellows and government stakeholders to discuss ICIT’s recent briefings in a casual environment while reinforcing the strong relationships which are crucial to our community’s success. Attendance is .. read more

On August 27th, 2015, posted in: by Tags: ,

ICIT Talking Points: “Is the OPM Data Breach the Tip of the Iceberg?” – for the House Committee on Science, Space and Technology

Throughout June 2015, the United States Office of Personnel Management failed to adequately answer inquiries from the American people, Congress, and Federal agencies, concerning the two breaches of its systems that have left the granular personal information of 22.1 million United States Citizens in the hands of an unidentified adversary.  After review of the July .. read more

Legislative Brief “Moving Forward: How Victims Can Regain Control & Mitigate Threats in the Wake of the OPM Breach”

In June 2015, the Nation learned that the personnel records of 21.5 million United States citizens had been exfiltrated by an unknown adversary from the Office of Personnel Management, one of the largest known breaches in the history of the U.S. Government.  The immediate public outcry included congressional hearings attributing the breach to OPM administrators and .. read more

Preparing the Battlefield: The Coming Espionage Culture Post OPM Breach

As part of its continued analysis of the OPM breach, ICIT’s most recent brief entitled “Preparing the Battlefield: The Coming Espionage Culture Post OPM Breach” discusses the significant impact the breach will have on America’s national security.  The large number of victims, many of whom hold security clearances, combined with the personal nature of the information stolen gives .. read more

ICIT Brief: OPM Demonstrates that Antiquated Security Practices Harm National Security

The Institute for Critical Infrastructure Technology has published its official analysis of the Office of Personnel Management breach, Handing Over the Keys to the Castle: OPM Demonstrates that Antiquated Security Practices Harm National Security.  This research brief provides insights on several of the most important aspects of the breach, some of which are not being .. read more

Securing Federal Data Post OPM: Lunch & Learn Summary + Slides

                This week the Institute for Critical Infrastructure Technology held a Lunch and Learn called “Securing Data for Today’s Federal Agency” which focused on the increasingly daunting task of protecting federal data in an age of information sharing and increased threats both inside and outside an agency.  An .. read more

NIST Issues Revisions to ICS Security Guide; ICIT launches Initiative to Support

The National Institute of Standards and Technology (NIST) issued its second revision to its Guide to Industrial Control Systems (ICS) Security, a major source of guidance for critical infrastructure sectors which own and operate computer controlled industrial equipment. Many of the changes are driven by the internet connectivity of ICS machines and devices, or “Internet of Things”, .. read more

OPM Data Breach Interview: Federal News Radio Interviews Dan Waddell, Institute for Critical Infrastructure Technology Fellow

  The OPM Data Breach that has affected millions of current and former federal employees wasn’t about acquiring bank records or credit card information. Instead, signs point to cyber espionage. Dan Waddell, ICIT Fellow and director of government affairs at (ISC)2 joined Emily Kopp on the Federal Drive to discuss the magnitude of the breach. Click HERE .. read more

Legislative Brief: “Preventative Measures- Ensuring Information Security Prior to mHealth Development”

The Institute for Critical Infrastructure Technology  issued its latest legislative briefing titled “Preventative Measures- Ensuring Information Security Prior to mHealth Development”.  The brief is an analysis of the proliferation of mobile technologies in the healthcare ecosystem, addressing the benefits mobility brings to patients and health providers as well as data privacy risks that exist if these technologies are .. read more

ICIT Speaks at U.S. Senate “Health Sector Fly-In” on Cybersecurity

          The Institute for Critical Infrastructure Technology co-hosted and spoke at the inaugural Health Sector Fly-In Tuesday June 2, 2015, which was held at the United States Senate  and sponsored by Senator Lamar Alexander (TN).  As a member of the Healthcare and Public Health (HPH), Sector Coordinating Council (SCC) and the SCC Cyber .. read more

ICIT Fellows Talk on the Convergence of Physical and Cyber Security at the British Embassy

          Members of the Institute for Critical Infrastructure Technology spoke on the convergence of physical and cyber security at the British Embassy June 2, 2015, at a meeting attended by representatives from the United States government, the British government, and critical infrastructure sectors including Energy and Finance. The event featured a presentation by Danyetta Magana .. read more

Analysis of H.R. 1560 Title I (Protecting Cyber Networks Act) and Title II (National Cybersecurity Protection Advancement Act)

The Institute for Critical Infrastructure Technology (ICIT) today issued a briefing to members of the U.S. House of Representatives, U.S. Senate, Federal Agencies and other Critical Infrastructure Sector Leaders titled “Progress as Two Steps Forward and One Step Back: Analysis of H.R. 1560 Title I and Title II (H.R. 1731).”   The briefing is a detailed .. read more

ICIT Fellows Meet with Congressmen Van Hollen and Mooney to Deliver Threat Information Sharing Brief

                ICIT met separately with Congressmen Alex Mooney (WV) and Congressmen Chris Van Hollen (MD) (respectively) to hand deliver copies of ICIT’s Threat Information sharing brief late last week. The brief was also sent to members of the Congressional Cybersecurity Caucus in anticipation of this week’s votes on .. read more

ICIT Briefs Congress on HR691 Telehealth Modernization Act of 2015

ICIT briefed members of the Rural Health Caucus on HR691  –  Telehealth Modernization Act of 2015, where Fellows provided expertise on rural health, telemedicine, and privacy issues surrounding telehealth initiatives.  ICIT Fellows advised for strong security and access management, interoperability between EHRs, patient access to data, and the securing of data pathways themselves. Click here .. read more

ICIT Fellows Brief Congressional and Senate Members on H.R.3696 Cybersecurity and Critical Infrastructure Protection Act of 2014

Week of March 2, 2015:  ICIT presented to members of the Congressional Cybersecurity Caucus and a member of Senate on H.R. 3696: Cybersecurity and Critical Infrastructure Protection Act, in order to discuss certain aspects of the bill which it believes will be included in 2015 legislation. These meetings gleaned important findings and requests for additional briefings .. read more