"Community-Centric Leadership. This event was curated by and for the Boston Leadership Board, a group of local leaders committed to the idea that national security and critical infrastructure resiliency is strengthened through peer-to-peer knowledge sharing, diversity, and leadership development. Their collective insights and recommendations influence every aspect of this program including speakers, topics, and technology partner participation."
"DSI’s 2nd Annual Zero Trust Government Symposium will convene to bring together leaders, experts and implementors across the USG and DOD to highlight the current status of Zero Trust implementation efforts. Broadly, zero trust refers to a cybersecurity concept and framework that requires non-stop monitoring and constant authentication to secure critical national security information — and assumes all networks are compromised from the get-go. Federal IT leaders are under mounting pressure to meet a suite of mandated ZT cybersecurity standards and objectives by September 2024.
It has recently been revealed that sensitive personal and financial information belonging to UK military personnel has been compromised in a significant state-sponsored data breach. The defense secretary, Grant Schapps, is expected to make a statement in the House of Commons detailing exactly what happened. According to reports, on the morning of May 7 the hackers successfully targeted a third-party payroll provider, with mainly names and bank details exposed.
A Russian national has recently pleaded guilty to his role in a major money laundering conspiracy tied to the infamous BTC-e cryptocurrency exchange. According to the Department of Justice (DoJ), Alexander Vinnik, 44, was one of the operators of the exchange from its launch in 2011 to when law enforcers shut it down in 2017. The DoJ noted that during that time, it processed over $9bn-worth of transactions and served over one million users worldwide, many of whom were cybercriminals looking to clean the proceeds of their illegal activity.
The FBI, UK National Crime Agency, and Europol have recently unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor revealed for the first time. According to the Department of Justice (DoJ), the LockBit ransomware operator known as "LockBitSupp" has been confirmed to be a Russian national named Dmitry Yuryevich Khoroshev, who reportedly earned $100 million as part of the gang's activities.
In the wake of a scathing US government report that condemned Microsoft's weak cybersecurity practices and lax corporate culture, security chief Charlie Bell has announced that he is pledging significant reforms and a strategic shift to prioritize security above all other product features. Bell announced plans to add Deputy CISOs into each product team and link a portion of senior leaders' paychecks to progress on security milestones and goals.
The City of Wichita, Kansas, recently announced that it has shut down its computer network after falling victim to a ransomware attack. The incident occurred on May 5, when malware encrypted data on certain systems, prompting Wichita to turn off some of its systems as a containment measure, which affected certain online services. The city says it is unclear whether personal information was compromised in the attack, but Wichita said details on the matter will be provided as the investigation into the incident advances.
As part of the Intelligence Advanced Research Project Activity (IARPA) program called "Reimagining Security with Cyberpsychology-Informed Network Defense" (ReSCIND), researchers at George Mason University (GMU) will build defensive tools that first identify hackers' human flaws and then use them to defend against an attack. IARPA has turned its attention to exploiting the human factor, the weakest link in cyberattacks. Under the new IARPA program, researchers hope to gain further insight into hackers' cognitive vulnerabilities and decision-making biases to stop future attacks.
Toronto Metropolitan University (TMU) is leading a research project to identify quantum threats to smart grid cybersecurity and develop mitigation solutions to protect critical energy infrastructure. Quantum computers put utility infrastructure protected by current cybersecurity standards at risk for severe attacks that could result in total disruption. The project will identify vulnerabilities in generic power system models and show how an attack can disrupt the smart grid.
Nalini Joshi, a mathematics professor at the University of Sydney, highlights the development of new mathematical schemes to protect data against potential attacks from quantum computers. Powerful quantum computers will use the properties of the quantum world to decipher secrets exponentially faster than ordinary computers. While it remains unknown when quantum computers will be powerful enough to break today's encryption systems, many people and organizations are already concerned about "Harvest Now, Decrypt Later" (HNDL) attacks.