Cybertech Global TLV: cyberverse, APIs, and Russian-backed attacks
Top cybersecurity executives take the center stage at Cybertech Global TLV, each offering their own unique perspective and expertise
Top cybersecurity executives take the center stage at Cybertech Global TLV, each offering their own unique perspective
“Cybersecurity used to be simple, we fixed things by firewalls and installed anti-viruses, but the world has changed – and pretty fast, at warp speed,” said Haim Pinto, CTO Business Architecture, Cisco Israel.
“We had to weave in automation, because today if we ask a company to do everything manually – you will kill the product. However – we can’t secure every piece of the puzzle. You will find us using dozens of different security products.”
“Cisco built the internet, today we are enabling the cloud. Connectivity to the cloud is water to the planet. If I cut your connectivity – what use does the cloud have for you? We want to power the cyberserve, and if you’re going into the next generation of social media, you will be part of that cyberverse,” concluded Pinto.
Karl Mattson, CISO, NoName Security, USA, discussed API security breaches. “API is the unsung hero of the technology world, a centerpiece of our digital life today. APIs are everywhere, and the attackers notice,” he said.
“Almost every day today we see large, reputable, secured organizations being breached,” added Mattson, and said that a survey NoName commissioned “revealed that almost every API we inspected revealed flaws.”
Mattson explains that mitigating API attacks starts with a sound source code, making sure that the parameters are secure. Next, “we need to check how APIs are tested, what its operating environment is – there are operational controls that are breached even when the source code is perfectly designed. And last, there is the defense layer. “The good news is that the next API security breach is preventable,” he concluded.
Lior Div, Founder and CEO of Cybereason, joined Cybertech via video conference, and – in utmost relevance to today’s geopolitical situation – discussed “seeing through the fog of cyberwar.”
Zooming in on Russia, Div noted its three Mos in the cyber world: nation-state attacks, mostly used for espionage or data disruption; influence campaigns; and state-ignored attacks, such as those committed until recently by REVil.
Div provided an extensive review of Russian cyber aggression, going back to 1996, when Moonlight Maze was first discovered, through APT28 and APR29 discovered in 2014; 2017’s NotPetya; SolarWinds in late 2020; and current attacks in Ukraine.
“The capabilities of state-ignored groups, prominent in Russia right now, are growing, said Div. “We call it the ransomware cartel – using ransomware in order to collect massive amounts of data. And we believe that those groups are also focusing on the US as a target in order to influence its economy.”