In this three-part series, Blumira VP of Operations Patrick Garrity interviews Dr. Chase Cunningham, information security analyst, advisor and author of Cyber Warfare: Truth, Tactics and Strategies – strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare.
His book provides insights into the true history of cyber warfare, and the strategies, tactics, and cybersecurity tools that can be used to better defend yourself and your organization against cyber threat.
Some of the key features include:
Listen to the full interview here:
In part 1, they discuss:
Here’s a few summarized excerpts of their questions and answers:
What is your background that has built the foundation and inspired you to write this book?
Coming out of the military, I gained the perspective of cyberspace as a battlefield environment. It’s also the only battlefield in history where everybody is always in that battle space, whether they know it or agree with it or not. That’s just the reality. There’s no other place in history that you could be literally transiting a live-fire environment with every nation and every user on the planet walking around.
It sounds like you have an interesting perspective in that you have both the military background and a sense of tactics and scenarios used there, as well as the security background to tie those things together.
People think there’s a delineation in cyberspace between humans, companies, and bad and good guys. But there’s not. We’re all just shoved in here, in this big electron and we have to deal with the fact that that’s what’s going on.
The book was written pre-COVID, but what’s interesting is, there’s a lot of relevant topics in the current environment. What I found interesting are your topics on security risks and challenges with working from home, as well as conversations on Twitter and social media.
The point that folks should take away is – every one of us is engaged, and the fact that we’re working from home means that we have to become part of that enterprise security portfolio.
What keeps me up at night, more so than regular old hacking and exploitation – is that it’s more powerful and prolific to influence human beings with fake information on Twitter and LinkedIn and social media than it is to try and hack machines one by one. That’s what’s going on in the world and the U.S. right now.
What are some of the bigger risks associated with the accelerated adoption of work from home and BYOD (bring your own device)?
As of March 13th, the world was told to go work from home. You’ve got people that haven’t used their home computers and laptops for forever, and that couldn’t physically go to the office to get their corporate machines, that are turning them on and connecting into enterprise networks. And some of those folks are running Windows NT, Windows 98 systems, and they’ve been unpatched for a decade, and they’re plugging them in because they have to do business. That is a massive issue with vulnerabilities and patching.
In your book, you talk about the risk of remote command and control fleet vehicles. These are real risks. With so many different companies building autonomous vehicles, I think the reality is, there are going to be flaws. There’s likely to be security issues and forms of compromise.
If every car on the road was autonomous, then I think it’s ok, because then the machines are actually responsible for the majority of what’s going on. But because the majority of it out there is humans, and humans do dumb things, and the machines just do what machines do – it becomes problematic to rely on a machine to beat out human stupidity; which we all know – usually stupid wins over intelligence any day of the week.
And the other issue that you run into is the speed of development; the speed of production to push those things out – if you get any one thing wrong, or one thing misconfigured amid millions of lines of code, you can have a flaw that you don’t know about until later.
If you look at certain chapters in my book on it, I talk specifically about how it didn’t happen right away, but it took very specific scenarios with certain things that the machines weren’t prepared for, for things to go wrong. And when you’re dealing with things like flying and driving and boats and submarines – stuff happens. Machines are better at doing X because of Y to get to Z.
Stay tuned for part 2 and 3 of the interview, coming soon!