Economic pressures and sanctions, jihadist activity and rising tensions around the world will spur cyber-activity in 2018 – with Russia and China leading the way in capabilities, which could cause potentially catastrophic attacks.

Flashpoint’s latest Business Risk Intelligence (BRI) Decision Report found that the top trends and indicators for cyber-risk decision makers to watch in 2018 include tensions in East Asia over the North Korean nuclear program, the impact of official US policy changes on the Iranian nuclear accord, US- and European Union-led economic sanctions on Russia, US recognition of Jerusalem as the capital of Israel and other nation-states’ adoption of the Russian model of engaging in cyber-influence operations. Meanwhile, the power struggle between Saudi Arabia and Iran for influence in the Middle East fuels ongoing conflict within the region, as does the continued instability and violence in Syria.  

“Few would say that 2017 was an uneventful year in the realm of global geopolitics, and this year is already shaping up to be fraught with similar volatility,” said Jon Condra, director of Asia Pacific Research at Flashpoint, in a blog. “As such, organizations seeking to proactively combat relevant threats and address enterprise-wide risk must regard geopolitical context as a core component of their intelligence programs.”

Russia and China are the two nation-states with the most concerning capabilities, the report said. Both are considered to possess the highest levels of technical sophistication, reserved for only a select set of countries. The actors can engage in full-spectrum operations, utilizing the breadth of capabilities available in cyber-operations in concert with other elements of state power, including conventional military force and foreign intelligence services with global reach. The capabilities they have are thus alarmingly advanced, according to Flashpoint: "Kinetic and cyber-attacks conducted by the threat actor(s) have the potential to cause complete paralysis and/or destruction of critical systems and infrastructure. Such attacks have the capacity to result in significant destruction of property and/or loss of life. Under such circumstances, regular business operations and/or government functions cease and data confidentiality, integrity, and availability are completely compromised for extended periods," the report noted.

 source: cnet.com

For all the controversial issues US lawmakers have debated lately, there was one bill that made it through both houses of Congress and on to President Donald Trump with little fanfare.

There was so little fuss around its passing, you might be surprised to hear the law renews two government surveillance programs that less than five years ago caused public outcry and panic.

They're the US National Security Agency's Prism and Upstream programs, both of which former NSA contractor Edward Snowden revealed to journalists in 2013. The law that authorizes those programs were set to expire Friday, but Congress renewed them with little difficulty.

Did privacy advocates put up a fight? Yes. But what debate there was focused on reforming a narrow aspect of the programs, and that effort made too few inroads in Congress to get results.

It almost seems like mass global surveillance of the internet isn't controversial in the US anymore.

So here's what got renewed: The Prism and Upstream programs exist to collect online communications of foreigners outside the US. Prism takes the communications directly from internet services like email providers and video chat programs, and Upstream taps into the infrastructure of the internet to pull in the communications while they're in transit.

The programs collect the communications of Americans "incidentally," such as when Americans communicate with targeted foreigners overseas. For technical reasons, the NSA also scoops up Americans' internet traffic that can't be separated from the bits and bytes that contain the communications of intended spy targets. 

The programs are authorized by Section 702 of the FISA Amendments Act, and the NSA gets approval to conduct this surveillance from a warrant through the Foreign Intelligence Surveillance Act court. The deliberations are secret.

Last week, the House of Representatives considered an amendment to the bill that would have required that the FBI get a warrant to query the NSA's database of communications collected under Section 702. The amendment failed, and the House approved renewal. On Thursday, the Senate also approved the bill.

Sen. Richard Burr, a Republican from North Carolina, said the programs are some of the most vital tools in the NSA's arsenal for fighting foreign terrorism.

Trump hasn't said whether he'll sign the bill -- his public statements have focused on the looming government shutdown. What's more, he's at loggerheads with the FBI as it investigates possible ties between his election campaign and a Russian effort to influence the 2016 election. However, he's made no indication he intends to diminish the NSA's spy powers.

The bill does require the FBI to get a warrant to look at Americans' data in the NSA's database if the investigation isn't related to national security.

The public cared

When the programs first became public, outcry wasn't focused solely on the information of Americans, said Timothy Edgar, a fellow at the Watson Institute for Public Affairs at Brown University. Edgar worked on privacy issues at the ACLU until taking a job with the Office of the Director of National Intelligence. His role was to make sure the government's spy programs complied with US laws, and that's what he was doing when Snowden leaked information on Prism and Upstream.

 source: darkreading.com

While the attack surface has increased exponentially because of the cloud and everything-as-a-service providers, there are still ways in which host companies can harden supply chain security.

Today's cybersecurity landscape has changed dramatically due to digitalization and interconnectivity. While the benefits of each push businesses toward adoption, security risks associated with interconnectivity between networks and systems raise major concerns. Everything-as-a-service removes traditional security borders and opens the door to new cyber attacks that organizations might not be prepared to recognize or even deal with.

Moving resources into the hands of the final consumer now involves creating systems that handle, distribute, and process goods using a complex network of suppliers and services. These supply chains are what cybercriminals try to exploit, as third-party suppliers usually have some level of access to their customer's network. This, coupled with an advancing software stack that's integrated with critical internal infrastructures, increases the attack surface that threat actors can exploit to breach perimeter defenses.

Trust Is Often Exploited
The relationship between humans and technology is far from perfect. Cloud technologies can themselves be unpredictable in that they may interact with each other in unforeseen ways. When you add the human factor, which is inherently unpredictable, it raises security concerns that can be impossible to predict.

The cloud has become an integral part of digital businesses, but the lack of proper authorization, accountability, and authentication in the cloud enables security threats that we've come to know as supply chain attacks. This increased adoption of cloud services must push organizations to constantly reassess external audit programs and due diligence processes. This practice of regular re-evaluation must go through constant iterations to identify potential security blind spots while decreasing incident response times.