‘The door is being opened from the inside’ | #government | #hacking | #cyberattack


Karim Hijazi, CEO of Prevailion, joins Yahoo Finance to discuss the outlook on cyberattacks in the U.S. and Biden administration blaming hackers tied to China for Microsoft cyberattack spree.

Video Transcript

ALEXIS CHRISTOFOROUS: The Biden administration publicly blamed hackers affiliated with China’s main intelligence service for a far-reaching cyber attack on Microsoft email this year. It’s part of a global effort to condemn Beijing’s malicious cyber activities. Here to talk about it now is Karim Hijazi, CEO of Prevailion. Karim, good to see you again. Were you surprised that the US came out publicly today and called out China for that Microsoft cyber hacking?

KARIM HIJAZI: Good to see you, too, Alexis. Not really, not surprised, only because of the fact that we’ve sort of known about this on an industry side and private sector side for a little while. What is interesting is that it’s a grand gesture from a comment standpoint because we’ve heard a lot of talk from Biden to Putin and Russia, not quite as much on the cyber side from the US government to China. So that was somewhat of a interesting shift in narrative or additional additive to the narrative, I should probably say.

ALEXIS CHRISTOFOROUS: And I guess, what was alarming to me or perhaps surprising to me was that the Biden administration came out and actually said they believe the government is working with criminal hackers to get this done. What was your thinking there?

KARIM HIJAZI: Yeah, we concur. We think that ultimately, a lot of these attacks are being facilitated, whether it be whatever nation state actor we’re talking about through what we call proxy militia, which is more of a real, you know, military terminology, where you’re using kind of an in-country– or not in this case in the US, but some sort of criminal gang that can facilitate the means and the ends to this government group that essentially wants it. So, not surprised about it.

It does provide some sort of plausible deniability for the government directly to say, well, it’s not us, even though they’re facilitating and endorsing these types of activities. We see this a lot because it’s easy to use a group that you could essentially create as a fall guy if things go terribly wrong, rather than having the government do it themselves. The question really ultimately is just how entrenched are they. Are they deploying resources and capabilities, or are they just bankrolling them, or are they simply giving them a nod and a thumbs up to go ahead and do it? All that’s yet to be determined.

With Russia, it’s a little more explicit because the capabilities are indicative of who’s doing it. With China, they’re just not quite as sophisticated as the Russians, so it’s a little bit harder to anticipate who’s really doing it. Is it a criminal group on their own or one endorsed by the government?

ALEXIS CHRISTOFOROUS: Right, I guess to qualify what I said, I wasn’t surprised that the Chinese government was working with criminal hackers. I was a little surprised that the Biden administration came out publicly and said it. So if what I’m hearing is that the Russian and Chinese governments have been working together on these cyber attacks, they’re essentially our adversaries working together against us in this area. What can we do to protect ourselves? I know the Biden administration has come out and said they have this task force to take on the cyber attackers. But to me, a lot of that has just been lip service so far.

KARIM HIJAZI: Yeah, it’s a very challenging situation. And it’s something that I’ve said several times broadly and specifically, which is that the cooperation between private and public sector is absolutely critical because private sector has a unique view on the problem. Speaking for myself and other organizations similar to ours, we have unique visibility and intelligence on what’s going on that would dramatically help organizations preemptively limit their exposure that way, right?

So I think that what’s unfortunate that’s happening is still a segregation a little bit between government and private sector in such a way that the intelligence is not shared effectively. Some of the more sophisticated talent in private sector is not being leveraged in the way that it could.

More specifically speaking, it does come down to organizations being preemptively aware of the supply chain issue, that’s the number one vector of attack that seems to be manifesting. So in other words, companies that have organizations they work with closely that have a trusted relationship and likely a fair bit of connectivity, if that partner is infected, that infection can make its way into them. So that keen awareness of what your periphery looks like is extremely important.

ALEXIS CHRISTOFOROUS: I’m curious if your company Prevailion, is working with the US government, or have you attempted to work with the US government, given all of the intelligence that you have on cyber attacks? And what has their answer been?

KARIM HIJAZI: So we do. Unfortunately, can’t get into too many specifics in what capacity, but absolutely the intel that we provide has been quite startling in terms of the proliferation and scope of the compromise that’s already in place because one of the things that was misunderstood earlier on in the situation, all going back to SolarWinds, was, oh, we’re vulnerable. We need to block and stop these hackers from getting in through these vulnerabilities. As long as we patch, we should be fine.

Unfortunately, in the last six months or seven months and continuing to go forward, people are realizing the narrative is not that we’re actually vulnerable. We’re past that. There’s actually latent implants, otherwise known as malware, that is already in these environments that are facilitating these types of attacks. So the door is being open from the inside– and it comes back to your original question– by one nation state actor either by way of a proxy or not. And then they’re facilitating that access to other nation states or other criminal groups that are our adversaries. So this cooperation is something that we entirely agree with and know this is actually happening.

ALEXIS CHRISTOFOROUS: All right, Karim Hijazi, CEO of Prevailion, thanks for being with us.



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty three + = thirty one