The US government--along with private organizations regardless of size or industry--has been a prime target this year for cyber attacks and cyber espionage. As a dominant economic, political, and military force in the world, US federal agencies are under constant siege from both cybercriminals and nation-state adversaries. This week, we launched a new subsidiary—Cybereason Government, Inc.—to help them defend against these attacks.
I started out conducting offensive nation-state cyber operations—with a 100% success rate for penetrating targets. I know how nation-state adversaries work and how to stop them. That is why we are able to gain an advantage over the adversary.
We are in the middle of a Cyber Cold War and the stakes continue to escalate while the line between cybercrime and cyber espionage continues to blur. The attack on Colonial Pipeline was from cybercriminals—a ransomware gang—not a nation-state, but it had a serious impact on the critical infrastructure of the United States. The same thing is true of the JBS attack that occurred soon after that. Government agencies are also attacked directly--like the US State Department breach reported in August. We’ve also seen nation-states attack private companies, like the hack of Sony by North Korea a few years ago.
The US government has defense for air, land, sea, and even outer space. But the biggest threat may actually come from the internet. If adversaries can access classified information and military intelligence, or infiltrate critical infrastructure to shut down energy production, cause chaos in transportation and logistics, or compromise the water supply, they can inflict significant damage without ever firing a single bullet or missile.
It is crucial for government agencies to have the tools to effectively defend their networks and data. Earlier this year, President Biden issued an Executive Order that directs all federal agencies to deploy an endpoint detection and response (EDR) solution.
This is an important step in the right direction. It will push US government agencies to modernize and improve their cybersecurity with tools that provide greater visibility of malicious activity and better capabilities to respond to threats.
We created Cybereason Government, Inc. so we can work with US agencies to meet this challenge. We understand the risks they face, and we know how to detect and defend against those risks. I would say the same thing to defenders working in US government agencies that I do to defenders in the private sector—you have to defend against all attacks, no matter who the adversary is or how sophisticated the attack is.
I do what I do every day to empower defenders—to stand side-by-side with them and work together to defeat the adversary. Cybereason Government, Inc. enables us to empower defenders in the US government and Cybereason EDR provides the visibility, detection, context, and response necessary to do that.
About the Author
Lior Div, CEO and co-founder of Cybereason, began his career and later served as a Commander in the famed Unit 8200. His team conducted nation-state offensive operations with a 100% success rate for penetration of targets. He is a renowned expert in hacking operations, forensics, reverse engineering, malware analysis, cryptography and evasion. Lior has a very unique perspective on the most advanced attack techniques and how to leverage that knowledge to gain an advantage over the adversary. This perspective was key to developing an operation-centric approach to defending against the most advanced attacks and represents the direction security operations must take to ensure a future-ready defense posture.