Black Hat Def-Con cybersecurity conference to bring top experts together in Las Vegas next week
Jana Katsuyama from KTVU reports.
OAKLAND, California. – Some of the country’s leading cybersecurity experts are preparing to meet at a hybrid conference in Las Vegas and online next week. The Black Hat 2021 event features cybersecurity training and briefing sessions, just a week after the Biden administration announced new steps to protect U.S. infrastructure from cyberattacks.
The US does not have comprehensive cybersecurity requirements for most industries. The threat of attack has been highlighted in recent incidents. In June, meat processing company JBS reportedly paid a ransom of $ 11 million after an attack. In May, the Colonial Pipeline, which supplies about 45% of the fuel on the east coast, reportedly paid more than $ 4 million in ransom after a cyber attack. Even federal agencies like the U.S. Treasury Department and the U.S. Department of Commerce have been targeted by hackers.
“It sounds really tempting to say that no one should pay the ransom, but the reality now is that these actors are on things like health law enforcement, local governments and these are things you just can’t live without,” said Craig Williams, Cisco director of Talos Outreach Security.
Williams says that in many cases, hackers could exploit simple weaknesses in government or corporate systems.
“You will see an attacker, especially the advanced one, using only as much force as is absolutely necessary,” Williams said because of priority or timing not being patched. “
However, some attacks are more sophisticated.
“A zero-day exploit is what we would call it. It would be an exploit for a vulnerability unknown to the vendor Williams: “You can have a security device that offers protection that can cover it, you can have endpoint protection that looks for exploit patterns that can protect against it, but this is the heaviest and most expensive hammer for our opponents, and so it is one they don’t use unless they have to. “
The Biden government this week announced new measures to set up voluntary public-private partnerships to protect core sectors from hacker attacks, including threats from China and Russia that could escalate into war.
Williams says such collaborations are becoming more and more necessary.
“When we find these threat actors that no one else knows about. We want to make sure that everyone can block them because if we can get everyone to block these servers and all of them not pay the actors, that will help drive those actors out. ”Of this business and other areas where they do the Don’t harm customers, “Williams said.
Williams said Cisco and other companies have set up incident response services to help businesses cope with the growing problem of ransomware attacks.
The Biden government says its goal this year is to expand public-private partnerships beyond electricity utilities and gas pipelines to other sectors to create a more unified national cybersecurity response.
DECLARATION BY THE NATIONAL SECURITY AGENCY ON CYBERSECURITY PARTNERSHIPS:
https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2713108/defeating-malicious-cyber-actors-requires-partnerships/
BLACK HAT USA 2021
https://www.blackhat.com/us-21/
