A Ransomware Win and Sharing the Mic Brighten the Cybersecurity Narrative [Weekly Cybersecurity Brief]

Ransomware and lack in diversity are two issues that, as we have covered before, plague the cybersecurity industry. However, a few events this past week demonstrated that there may be a positive path forward in addressing these concerns.

The New York Times recently published a story about a ransomware silver lining in the efforts of New Zealand-based cybersecurity firm Emsisoft. While tracking the actions of cyber-criminal group BlackMatter, formerly known as DarkSide, Emsisoft was able to detect a flaw in the group’s code. By taking advantage of the mistake, Emsisoft could decrypt files and return access to targets of BlackMatter’s ransomware attacks. Although this was a unique win against ransomware, which is projected to cost $20 billion worth of losses this year, it was not a completely isolated incident. As The New York Times reported, this case follows a few victories including the Justice Department’s recovery of $2.3 million of the $4.4 million in cryptocurrency that Colonial Pipeline paid BlackMatter. It also reflects the power in an allied approach to cybersecurity as Emsisoft worked with CISA and other agencies to help as many victims as possible.

In addition to benefitting from a private and public sector partnership, we also know that the cybersecurity industry is at its best when it is led by diverse, multi-perspective teams. Last Friday’s “Share the Mic” campaign was a testament to that. Utilizing the hashtag, #ShareTheMicInCyber, a number of high-profile cybersecurity professionals participated in the campaign in which they gave over their Twitter accounts to Black cybersecurity officials and experts for the day. Participants included Rob Joyce, the director of Cybersecurity at the National Security Agency (NSA), who gave control of his Twitter account to Talya Parker, the founder and director of Black Girls in Cyber and a privacy engineer at Google, and Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), who shared her account with Ayan Islam, the Critical Infrastructure portfolio lead at CISA’s Cybersecurity Division, Vulnerability Management, Insights Branch. As Islam told The Hill, ““Participating in #ShareTheMicInCyber is special to me since I have a chance to give back and share my unorthodox path into cybersecurity…As I progress in the field, I notice it requires diverse technical and non-technical perspectives for a more secure and resilient critical infrastructure.”

In another initiative to expand access to the cybersecurity field, CISA announced that it has awarded $2 million to NPower and CyberWarrior, two organizations training underserved communities like veterans, military spouses, women and people of color in cybersecurity. “CISA is dedicated to recruiting and training individuals from all areas and all backgrounds with the aptitude and attitude to succeed in this exciting field. It’s not just the right thing to do; it’s the smart thing to do — for the mission and the country,” CISA Director Jen Easterly stated in a press release for the program. Through the award, CISA will work with the organizations over the course of a three-year period to further develop their educational efforts and opportunities like apprenticeships. 

Key Takeaways:

“A Rare Win in the Cat-and-Mouse Game of Ransomware” – Nicole Perlroth, The New York Times

https://www.nytimes.com/2021/10/24/technology/ransomware-emsisoft-blackmatter.html

  • New Zealand-based cybersecurity firm Emsisoft was able to track the actions of cyber-criminal group BlackMatter, formerly known as DarkSide, and detect a flaw in the group’s code.
  • By taking advantage of the mistake, Emsisoft could decrypt files and return access to targets of BlackMatter’s ransomware attacks.
  • This victory against ransomware reflects the power in an allied approach to cybersecurity as Emsisoft worked with CISA and other agencies to help as many victims as possible.

“Top officials turn over Twitter accounts to ‘share the mic’ with Black cybersecurity experts” – Maggie Miller, The Hill

https://thehill.com/policy/cybersecurity/578100-top-officials-turn-over-twitter-accounts-to-share-the-mic-with-black

  • The #ShareTheMicInCyber campaign took place last Friday.
  • A number of high-profile cybersecurity professionals participated in the campaign in which they gave over their Twitter accounts to Black cybersecurity officials and experts for the day.
  • Participants included Rob Joyce, the director of Cybersecurity at the National Security Agency (NSA), who gave control of his Twitter account to Talya Parker, the founder and director of Black Girls in Cyber and a privacy engineer at Google, and Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), who shared her account with Ayan Islam, the Critical Infrastructure portfolio lead at CISA’s Cybersecurity Division, Vulnerability Management, Insights Branch.

“CISA awards $2 million to cybersecurity programs for rural, diverse communities” – Jonathan Greig, ZDNet

https://www.zdnet.com/article/cisa-awards-2-million-to-cybersecurity-programs-for-rural-diverse-communities/

  • CISA announced that it has awarded $2 million to NPower and CyberWarrior, two organizations training underserved communities like veterans, military spouses, women and people of color in cybersecurity.
  • “CISA is dedicated to recruiting and training individuals from all areas and all backgrounds with the aptitude and attitude to succeed in this exciting field. It’s not just the right thing to do; it’s the smart thing to do — for the mission and the country,” CISA Director Jen Easterly stated in a press release for the program. 
  • Through the award, CISA will work with the organizations over the course of a three-year period to further develop their educational efforts such as apprenticeship opportunities.  
Share
Share on facebook
Share on twitter
Share on linkedin
Share on email

You Might Also Like...