back to article 77% of security leaders fear we’re in perpetual cyberwar from now on

A survey of cybersecurity decision makers found 77 percent think the world is now in a perpetual state of cyberwarfare. In addition, 82 percent believe geopolitics and cybersecurity are "intrinsically linked," and two-thirds of polled organizations reported changing their security posture in response to the Russian invasion of …

  1. JassMan

    How many windows users...

    ... (as in Joe Bloggs, not sysadmins) know how to look in the event.log?

    TrendMicro recommends keeping a look out for unexpected installations of the mhyprot2 driver, which should show up in the Windows Event Log

    Since Trend are in the antivirus business, shouldn't software notify users of this event before the driver actually runs?

    1. Andy Non Silver badge
      Trollface

      Re: How many windows users...

      I bet lots of folks now know how to look in the events log due to all those phone calls guiding people to check their event log.... and look at all those errors! You've got a virus, let's go onto Team Viewer to fix your computer for small fee. ;-)

    2. Anonymous Coward
      Anonymous Coward

      Re: How many windows users...

      Since Trend are in the antivirus business, shouldn't software notify users of this event before the driver actually runs?

      Surely the point of secure boot is that you can't load unauthorized drivers into a kernel?

      Am I missing something?

      If I install RHEL8 on a post ~2014 server and then try and load ZFS it tells me to **** off, that's not trusted.

      I was under the impression this secure boot stuff was being pushed by MS, it's MS's secure boot key which is in the FW which is signing the things to allow RHEL to run.

      Don't they do this on Windows?

      Or are MS signing drivers for every hacker out there?

      1. Richard 12 Silver badge

        Re: How many windows users...

        MS will sign any driver that passes their tests.

        One of those tests is a credit card payment. The nature of the other tests is left to the reader.

    3. fajensen
      Facepalm

      Re: How many windows users...

      shouldn't software notify users of this event before the driver actually runs?

      Microsoft made some decent moves in that direction with AppLocker, then immediately regretted it and broke it, the bigger market being in consultancies billing hours for fixing broken crap and promising that future Windows versions will fix the current broken crap.

      As things are now, one needs a brain the size of Jupiter to configure it correctly and also a Windows Enterprise box. Once it does work, however, it will be deprecated, The Microsoft way!

      Everyone else get to run Snap.Do!

  2. VoiceOfTruth

    Wrong conclusion?

    -> Google said it's only seen fewer than two dozen instances of the software nasty, all located within Iran

    In which case it is probably not Iranian backed, but directed towards Iran. Echoes of Stuxnet?

    1. DS999 Silver badge

      Re: Wrong conclusion?

      Or used by Iran's goverment to target its own citizens who don't toe the party line.

    2. doublelayer Silver badge

      Re: Wrong conclusion?

      Were you not aware that a government can target its own citizens? Lots of them have, and dictatorships really like doing it although democracies are distressingly often willing to do the same. You can never attribute with perfect certainty a piece of malware to its creators, but there are lots of methods of doing so that produce better results than seeing that a few machines in Iran are affected and jumping to a conclusion without seeking any other evidence.

  3. chivo243 Silver badge
    Big Brother

    Just a another front

    Cyber warfare, just another front of WW III that's been going on for years without it being named as such.

    1. Version 1.0 Silver badge

      Re: Just a another front

      The West was saying that it had won The Cold War and now everything has changed, it's just another side of Climate Change in a way ... effectively in both cases we saw a horrible event and then decided to do nothing, just make more money by playing differently.

      We need to care for the entire world, not just a local event.

      1. gandalfcn Silver badge

        Re: Just a another front

        Looks like the AGW denying apologists for the Exxon/Peabody/Koch axis didn't like your post.

    2. EricM

      No, Business as usual in Cyber Security

      The techniques used and the goals of a cyber attack from nation state attackers do not differ from those of simple criminals. The only distinction are their resources and motivation.

      They all use pre-existing vulnerabilities in systems/setups to steal data, plant data, plant code, damage systems, etc. Cyber attacks have been a matter of fact for the last 30 years.

      Calling it now "Cyber Warfare" does not change a single thing...

      And as in the last 30 years there is only one way to stop those attacks or at least make the life of all attackers a lot harder:

      Every nation state, every "scurity" agency and every "security" company that collects vulnerabilities to use them for attacking their targets needs to disclose _all_ ther collected attack vectors to the software manufacturers whose products the break into.

      Close the vulnerabilities to make everyone safer, or stop calling yourself a "security" agency or a "security" company.

  4. Pete 2 Silver badge

    No more coding!

    Software development is the process of writing faulty code.

    Upgrading is a way in which new problems can be introduced into working software (even if it already has bugs).

    Maybe the solution is a world-wide moratorium on software development: new O/S releases, new applications, upgraded "features" - until all the currently known and soon to be discovered bugs, flaws, backdoors, vulnerabilities and attack vectors have been shut down.

    1. Oglethorpe

      Re: No more coding!

      We could just make private computer ownership illegal and only allow their use in government approved facilities under heavy supervision. At the very least, ban privately owned keyboards to slow the malware coders down.

      It could be almost as effective as legislation against drugs or firearms.

      1. JassMan
        Trollface

        Re: No more coding!

        It could be almost as effective as legislation against drugs or firearms.

        So not very effective at all thrn.

  5. Anonymous Coward
    Anonymous Coward

    MicroSerfdom

    Is it too much to ask for a commercial OS to come with maximal security as standard, not something that requires user/admin configuration. You could be mistaken for thinking that certain OS vendors have an invested interest in handing over ‘customers’ to the dark forces of exploitation.

    1. Version 1.0 Silver badge

      Re: MicroSerfdom

      Is it too much to ask for a commercial OS to come with a pair of wire-cutters FTFY

      1. Neil Barnes Silver badge
        Flame

        Re: MicroSerfdom

        I was playing today with a spare laptop which happened to have a never run W10 on the hard drive.

        My word it was depressing.

        The installer kept trying to persuade me to allow it to use - even in the absence of an internet, how? - any way it could think of to let it identify me so that 'suitable' adverts could be sent. You don't want to log in to your MS account? It's much better if you do! No! May we report your location? No! May we use your location to personalise your adverts? No! May we send full status reports home? No! Well perhaps we can use the minimum status reports to personalise your adverts? No!

        And much more in this vein. And recall, at this point the network - wireless - had not been authorised. Yet before this farrago began, somehow something had managed to update not only the BIOS but also the management engine hidden processor - how?

        I don't know what's going on there - and I can see mechanisms for most of it - but it all seems so damn pointless. Certainly none of this bullshit occurs when I stuff a penguin in the same place.

        1. simkin

          Re: MicroSerfdom

          It's not pointless.

          Your data - ie, the details of everything you do on or near your computer, is worth more to Microsoft and other big-tech companies than what you paid for Windows. Afaik Apple is the only big-tech company that hasn't completely embraced that model, at least on the PC front (mobile being another story of course).

          Your TV does it. Even your effing car does it now. You and your behaviours are just products to be sold to advertisers, and who knows who else. Amazon is buying Roomba so they can get access to the maps and images of contents of everyone's homes (sad, I used to like my Roomba). So they can sell you more crap.

          It's completely unreal.

    2. steelpillow Silver badge

      Re: MicroSerfdom

      Sadly, when offered the choice, the mass-market punter chooses the plug-in-and-go solution. None of that pesky configuration rubbish!

      It would have to be illegal to sell any online device configured for plug-in-and-go. Only government-certified White Hats allowed to pre-configure it to same before delivery. Bit like buying a car with the system pre-configured with the owner's details. But then, how to keep said machine free of finger trouble?

      1. Grinning Bandicoot

        Re: MicroSerfdom

        And who says these certified white hats will stay so. Tacitus' moral still holds true about the Guardians. As far as that goes what do you really know about your cloud service provider? Air gapping some data the program creators want into the value added gravy so they try the same ransom methods as the state players. The old adage about paranoia and them coming after you holds true. Being on the defensive mode makes all our moves reactionary and always playing catch-up. Going offensive ask the question who and what to attack!

        While entering this the question arose in my mind: Has the number and type of attacks changed sine February 24. The Ukrainians have all they can do to twit the neoSoviets and Putin's people see the world as against then so their play should not change. So how does it go?

    3. doublelayer Silver badge

      Re: MicroSerfdom

      "Is it too much to ask for a commercial OS to come with maximal security as standard, not something that requires user/admin configuration."

      Yes, it is. But fortunately for you, I have such a product available for purchase. It's guaranteed to make your computer unhackable, at least while it's running only this OS. You don't need to touch a single config file or even think at all about what you're doing with the machine to ensure the security. Sadly, in order to accomplish this, the following restrictions are present: you can't store or load any data in nonvolatile memory, you can't run more than one program at a time, and you can't communicate with any other system. I was originally not going to let you turn it on either, but I do like providing my customers with features when I can.

      You're asking for a perfect solution, all on a system whose entire purpose is to be among the most versatile data processing equipment in the world. It's akin to demanding a lock that can never be opened, even when the perspective burglar has infinite time on their hands and access to high explosives, and oh yes you also want it to open in at most two seconds when and only when it's you who's entering. If you want physical security, you have to put some thought into what inefficiencies you'll accept, where you'll need security systems, and what processes you'll need to maintain them. Failing to do that is likely to give you a flawed system. It should be unsurprising that digital security has similar requirements.

  6. Anonymous Coward
    Mushroom

    77% ???

    How in the name of Eris, Goddess of Chaos, do 23% of cybersecurity decision makers NOT think we're in a state of perpetual state of cyberwarfare?

    I wonder how many bad security decisions have been made by them?

    Sticking your head in the sand is one thing but I fear they've stuck theirs in a different orifice.

    1. jake Silver badge

      Re: 77% ???

      "I wonder how many bad security decisions have been made by them?"

      Probably about a third as many as the other 77%, who all think the term "cyber" has a place, or indeed any real meaning, in the world of computer and network security. Numpties, the lot of 'em.

      1. doublelayer Silver badge

        Re: 77% ???

        It's a prefix with plenty of annoying historical uses, but we don't have a different one when we're creating new words. If they said that we were in a state of perpetual "computer warfare", it would sound at least as silly and likely more so. Those of us who work in IT or another computer-centric field may not say "cybersecurity" much, but those who deal with lots of other things in the big category of security want a word for the computer-related parts of it. If it's not going to be cybersecurity, you find another short word for it and convince others to switch.

        1. Pirate Dave Silver badge

          Re: 77% ???

          VAPE - Vulnerability Assessment, Penetration, and Exploitation.

          Would be popular with the yoof!

        2. amanfromMars 1 Silver badge

          Already Heaven Sent for/from Ubiquitous Iniquitous Global Operating Devices ‽ .

          Those of us who work in IT or another computer-centric field may not say "cybersecurity" much, but those who deal with lots of other things in the big category of security want a word for the computer-related parts of it. If it's not going to be cybersecurity, you find another short word for it and convince others to switch. .... doublelayer

          Some things require more than just short words to switch on A.N.Others to that which surrounds and invites them to come out and play better than just nicely and not badly .... for anything else practised always ends up surprisingly abruptly in almighty crashing failures suffering awesome crushing defeats. Be wise, heed the advice, it is indeed sound counsel whenever the shared guaranteed perilous outcome is a clear and always present parlous danger that tempts and torments both the most ignorant and wilfully arrogant of lost souls to be bold and misleading.

          Simply Complex Alien Designed Applications in Virtually Advanced IntelAIgent Operating Systems delivering Surreal Controlling Analytical Data Acquisition Systems with Exclusive Elite Executive Bodies/Agencies/Proxies to Command would be a great deal more than any who currently work for IT and AI in any present computer-centric security field are enabled to be able to handle because of the Stealthy Stay Healthy Advanced IntelAIgent Resource Gap and Proprietary Intellectual Property Deficit supplied by Future Greater IntelAIgent Grandeur Design.

          Y’all might like to consider that it what you are destined to be aiding whilst the fools in a folly do sacrifice and destroy blood and treasure toiling to compete against and vaingloriously oppose already arrived, firmly entrenched and deeply embedded future interventions.

          What/Who are you following for their future plans to be delivered for your enjoyment/disappointment is the question you always need to be asking yourself and demanding of media attention and answering.

          Question more. IT has the ability to changes lives beyond one’s wildest dreams and imagination.

  7. amanfromMars 1 Silver badge

    The Epic Battle for Hearts and Minds ... is a Great AI Head Game to Play

    A survey of cybersecurity decision makers found 77 percent think the world is now in a perpetual state of cyberwarfare.

    The questions to ask of that perpetual state of cyberwarfare, and you might like to realise some of the many attack vectors are/will be virtually indefensible and therefore there will be practical and catastrophic damage and suffering experienced, are exactly who and/or what is thought worthy of such devastating attacks and whether being a well known defender of targeted vulnerable leaderships is in one's better longer term interest as the formerly kept top secret type reasons for such attacks become more widely known and be deemed future unacceptable and presently despicable and past lamentable.

    1. amanfromMars 1 Silver badge

      Re: The Epic Battle for Hearts and Minds ...Take Care and Be Aware to Beware the Honey Bear Trap

      Both defending and being actively and/or proactively responsible for continuance of the reprehensible and indefensible is a right mug's game and has one legitimately targeted as a state enemy and willing ignorant perpetrator of crimes against humanity. The just penalty for that is quite obviously as suitably severe as needs be to guarantee no possible further leading first party physical or virtual participation in future societies.

    2. Tail Up
      Happy

      Re: The Epic... ... Game to Play

      Fancy a new Russian Yandex neurobush Balaboba refuses to generate output when using amanfromMars' name because, as it says, it's not allowed for the net to genetate texts about religion.

      Sorta Suddenly Stunned...

      Now does ElReg have IT's GOD (-:

      Moar out when the opening 'a' is omitted, with much more relevance.

      Think Russians know something. Maybe, they just simply question more?

      Congrats, Doc!

  8. Potemkine! Silver badge
    Facepalm

    77% of security leaders fear we’re in perpetual cyberwar from now on

    This would mean that 23% of security leaders are in a deep coma.

    == Bring us Dabbsy back! ==

  9. JoeCool Bronze badge

    Peak WWW has been reached ?

    If you accept that cyberspace allows widespread governement hacking, might that put a practical limit on the applications people will accept as using the internet ?

    For example, these Medical devices would be a hard sell for me :

    https://news.mit.edu/2018/wireless-system-power-devices-inside-body-0604

    Not that corprations won't participate in malicous corporate hacking, but it's easier to cast governments as villans in this case.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like