Advancing threats, tissue paper defenses/defenselessness, and "back to basics" before advanced defense.

Wrt topic of 'back to basics' and avoiding shiny object syndrome/techno babble that the powerpoint parrots and buzzword bandits out there love to dwell on to obfuscate and confuse, I'm copying this email to y'all as a FYI as follows:

The sad state of cyber and how ill prepared almost every company has become and irrelevant past defensive measures have become in light of:

1) Advanced threats - newer variants of ransomeware targeting six and sevem figure ransomes or even higher, DDoS/XDoS terabit infrastructure, and AI penetration attacks which conventional defenses are blind to or which they cannot handle.

Ransomeware - Wannacry and notPetya cost Maersk $300MM in recovery repair but with permanent data and systems losses.

At least three firms were hit in late 2018 with Ryuk/Hermes/Phobos resulting in crippling corporate and production side shutdowns in North American facilities resulting in seven figure direct losses, seven figure recovery expenditures, and on top of all that, seven figure ransomes paid when recovery failed.

Norsk Hydro who to date, has spent $50MM and counting in recovery attempt with months to go yet in recovery and repair

City of Baltimore is begging for $18MM to aid in recovery and/or ransome payments.

Stealing data has given way to data denial and data systems sabotage which despite all the money and effort spent to date, is a growing threat that very few are prepared to deal with, recover from, or properly defend against.

DDoS/XDoS - Terabit scale test attacks which are precursors of 10, 24, or 100+ TBPS which will cripple any network, any system, or any cloud.

The cloud model whether hybrid or multi-cloud is and will be extremely vulnerable to massive infrastructure attacks resulting in regional and rolling blackouts.

AI penetration attacks - "Researchers bypass Cylance’s AI-based AV solution by masking malware with video game code" or how to beat/defeat 'AI' systems,,, or any other 'idiot savant/ML/deep learning systems'

This technique has been around for a while,, stuff/append string and 'AI's ' don't see the malware. "The solution, CylancePROTECT, from Cylance and its parent company BlackBerry, failed to detect almost 90 percent of the 384 malware programs that researchers amended with the gaming code"

Automation in bypass exploit of defenses by using AI 'seed' and dictionary password spray attacks patiently over time to gain access to almost any systems or networks or clouds inspite/irregardless of two factor/multi-factor/universal authentication means or measures.

In summary, current conventions and measures instead of being interlocked and mutually self-reinforcing 'defense-in-depth' might as well be tissue paper and gossamer thin as far as real defensive capabilities. False defenses or having the surface appearance and veneer of security, but none of the realty.

Being able to deal with ransomeware, DDoS, AI automation effectively starts with getting back to basics, building a solid and realistic foundation before moving up to advanced defense.

2) Advanced defense - we pioneered cyber mines and cyber minefields, cyber wolfpack doctrine and defenses, CRYSTAL TERRACE and GLASS MOUNTAIN systems architectures, deployments, and defenses to deal with advanced as well as current threats and threat conditions to handle present known and future unknown threats to the highest degree possible including known weaknesses , vulns, exploit pathways as well as unknown and future zerodays, attacks, and malware.

Cyber mines and cyber minefields can be passive, active, semi-active, AI enabled, or etc...

Cyber wolfpacks can be offensive or defensive groups of AI systems-hunan teams designed to swarm designated targets, groups, verticals, etc...

CRYSTAL TERRACE includes ICS3 arcitectures, PACER3/4/5 resiliency and recovery, counter measures ans counter counter measures, etc...

GLASS MOUNTAIN is ,,,,,,, ;) :D

It isn't cheap or quick or easy, but it may be worth the 'life' of any corporation or entity looking to survive.

Warm Regards,

Yon