Press

Sizing Up the Role of Deception Technology

Chris Kubic, former CISO at the National Security Agency, describes how deception technology can change the defensive landscape. “Where deception comes into play is for the unknown threats, the things that are either an attack you haven’t seen before or the attacker evolved their technique,” he says.

Agencies Scrambling to Get a Grip After Solarwinds Hack

It’s hard to tell, but it’s likely a mad scramble going on among federal information security officers as the extent of the SolarWinds hacking becomes more visible. For some likely scenarios, we turned to the former National Security Agency chief security officer, now with Fidelis Cybersecurity, Chris Kubic.

How the Russian hacking group Cozy Bear, suspected in the SolarWinds breach, plays the long game

As U.S. government agencies and thousands of companies around the world assess whether they’ve been compromised in the SolarWinds breach, cybersecurity experts are concerned that the full reach of the suspected hackers may only be just coming to light.

People familiar with the matter have told outlets including The Washington Post that the culprit is one of the most persistent and savvy hacking groups on the planet: the Russian government-backed APT29, also known as Cozy Bear. Cyber threat intelligence firms have been more cautious in assigning blame, even as they acknowledge significant similarities.

Former NSA security chief details what’s happening inside DoD to respond to SolarWinds hack

The number of government agencies affected by the supply chain attack on SolarWinds network monitoring software grows daily, ratcheting up alarm among private and public sector security pros. Former NSA Chief Security Officer Chris Kubic, now CSO at Fidelis, spoke with SC Media about what’s happening behind the scenes in the CIO and CISO offices of the Pentagon, military services and government agencies, as they scramble to respond to the attack believed to be the work of Russia’s APT29, or Cozy Bear.

‘It’s going to take a lot of digging’: The Pentagon’s long search to see if anyone’s hiding in its networks

The military and intelligence community is scrambling to conduct a daunting hunt across disconnected networks to assess potential damage from an extensive federal cybersecurity breach by suspected Russian hackers.

As it searches for lurkers, one complicating factor is that the cybersecurity arm of the Department of Homeland Security warned Thursday that hackers used other means to access government and business networks beyond a software platform from contractor SolarWinds, used by the Pentagon, the military and intelligence offices.

Massive hack of US government launches search for answers as Russia named top suspect

The US government’s ability to carry out its investigation is uneven and may vary by agency, said Chris Kubic, chief information security officer at Fidelis Cybersecurity and a former top cybersecurity official at the National Security Agency.

“If they don’t have the right tools in place, if they aren’t collecting the application logs, the system logs that allow them to do the analysis, it can be difficult for them to determine what was exposed,” Kubic said.