The United States Cybersecurity and Infrastructure Security Agency (CISA) has published the results of the Risk and Vulnerability Assessments (RVAs) it conducted in FY2020, revealing some of the security weaknesses that impact government and critical infrastructure organizations.
Designed to assess the effectiveness of Federal Civilian Executive Branch (FCEB), Critical Infrastructure (CI), and State, Local, Tribal, and Territorial (SLTT) stakeholders in identifying and resolving network vulnerabilities, the RVAs revealed that phishing links were the most successful technique for initial access.
CISA conducted a total of 37 RVAs, leveraging the MITRE ATT&CK framework to provide a better understanding of risks and help organizations remediate weaknesses that threat actors might abuse in live attacks to compromise network security controls.
In a report published last week, CISA details an attack path comprising six successive steps:
- initial access
- command and control (C&C)
- lateral movement
- privilege escalation
- collection
- exfiltration.
“This path is not all-encompassing of the potential steps used by malicious actors and not all attack paths follow this model. However, these steps serve to highlight some of the more successful attack strategies used during RVAs and the impacts these strategies have had on a target network,” CISA says.
In its assessments, CISA successfully used phishing links for initial access in 49% of the attacks, web protocols were employed for command and control in 42% of RVAs, while pass the hash was used for lateral movement in roughly 30% of attacks (followed by RDP in 25% of incidents). In 37.5% of “attacks,” valid accounts were used for privilege escalation.
Data was mainly collected from the local system (in 32% of attacks), and was exfiltrated using the C&C channel (in 68% of cases). Other attack techniques that were successful in many cases included phishing attachments, exploitation of web-facing applications, credential dumping, account discovery, WMI, Mshta, and the use of archives for data exfiltration.
CISA’s FY20 RVA report also includes recommendations that organizations can use to improve their overall security posture, such as application whitelisting, disabling macros, identifying and addressing vulnerabilities in public-facing and internal applications, implementing strong email security, reviewing user and application privilege levels, using proxies, monitoring network traffic, disabling unused remote services, keeping software updated at all times, and preventing the storing of credentials in applications.
To us at BLAKFX, our primary reason we came into existence was to ensure national security and defense. We realized that the era of perimeter data security tools has long been over and that the threat of espionage and sabotage is too critical.
Our Motto: In Math We Trust
The bottom-line is that the military and the federal government are working to improve an outdated methodology that still dominates most data security products i.e. that we must build a perimeter to defend against data theft. This is old thinking and as demonstrated, hackers can breach just about any perimeter and now can use those same products to compromise their clients. American National Security cannot rely on an outdated data security protocol.
What is needed is a better approach to data security. Perimeter products that try to keep hackers out will all eventually be breached. Fanaticism on identification through bio-metrics, password managers or 2FA are only as secure as the person entrusted to follow the protocol. As we all have learned, the human error component can always be breached. In the near future, when quantum computing becomes more mainstream, products that rely on TLS-based encryption will be instantly obsolete.
The only solution is for data security products that actually protect the data itself.
The Helix22 data security SDK protects all data at rest, in use and in transit. Review Helix22 API, examples and documentation on our GIT
BLAKFX Military advisor, Major General (Ret) Stephen T Sargeant
CEO of Marvin Test Solutions
BLAKFX delivers all this security assurance very confidently due to our genius engineering team spearheaded by Robert Statica and Alex Maslov who have invented a new model for data security that required an innovative look at the problem.
The new era of data security is one that requires new solutions. The era of perimeter defenses is over as it is proving impossible to keep hackers from breaching the perimeter and accessing data. Further E2E encryption based on old models of RSA cryptography will be obsolete when quantum computing becomes mainstream.
Helix22 delivers perfect security assurance due to our genius engineering team that has invented a new model for data security that required an innovative look at the problem. The approach we took was to protect the data itself. Almost all other data security products try to build a perimeter or being fanatic on user credentials. However, once the product is breached or a password is stolen, even if it is 2FA or encrypted, your firms data is in the clear.
You see, the Helix22 cryptography is embedded with the data itself through our inventive and patented process of DNA BindingTM. Therefore, even if credentials are stolen the data cannot be exfiltrated. This means that all data is 100% protected regardless of the type of attack.
Another substantial advantage of Helix22, is that it protects all data whether at rest, in use or in transit. All communication apps for example, only encrypt data while in transit. Therefore, that encryption become useless for internal IT security or Artificial Intelligence or Machine Learning experimentation. All data generated during these massive computing exercises is equally protected in real time. Plus, the latency period for the Helix22 is exponentially less than any other security product, so it actually contributes to faster processing times.
In this protocol, we are truly a “zero-knowledge” server so your private communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique user-to-user encryption (U2U) world, there is no opportunity ever for any data leak.
The Helix22 data security SDK accomplishes the following:
- Protects all your firms data at rest, in use and in transit
- Renders ransomware threats obsolete
- Eliminates human error
- Eliminates all malicious or interior attacks
- Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
- Reduces latency
- Installs with 5 lines of code
- Runs on any platform, network, device and in any programming language
- Provides perfect future/forward secrecy
- Delivers “zero-knowledge” encryption
- Compatible with all cloud, 3rd party and vendor services
- Ensures privacy and security for blockchain and all cryptocurrency transactions
- Is quantum ready – so there’s no need to upgrade when the time comes
- Requires no employee training
- Exceeds all gov’t and banking standards
- Meets all international compliance regulations
D2D encryption
We can make this claim as the tech engineers at BLAKFX invented and patented a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device encryption (D2D) world, there is zero opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another with immediate privacy. There is no requirement to update software.
BLAKFX is Based on Success
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Founder – Robert Statica PhD Founder – Kara Coppa Founder – Alex Maslov MS, MBA
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
