Cyber Security Archives

In a shock move, U.S. Defense Secretary Pete Hegseth has ordered Cyber Command to stop all cyber operations against Russia.

The Shift in Policy

On February 28^th 2025, Secretary of Defense Pete Hegseth issued a directive ordering US Cyber Command to immediately call off all offensive cyber operations which target Russia. This order was communicated directly to Cyber Command’s leader, Gen. Timothy Haugh, who then instructed his teams to stand down. It was a decision which reportedly took many within the Department of Defense by surprise. Many ongoing cyber operations against Russian state-sponsored hacking groups had been in progress for some time, so the increased risk of cyberattacks was a major concern.

Established in 2010, Cyber Command has played a key role in US cybersecurity strategy for 15 years. From protecting cyberspace through to disrupting Russian cyber threats and state-backed hacking campaigns, Cyber Command has played a major role in preventing attacks which have targeted government infrastructures and private companies. It’s important to note, however, that while Cyber Command’s operations against Russia have been put on hold, other US intelligence agencies are still permitted to monitor and collect information on Russian activities online.

Why Were US Cyber Operations Stopped?

Hegseth’s directive has caused equal measures of concern and intrigue. It was a move which no one saw coming and the objectives remain unconfirmed. The main reason behind the decision appears to be a shift in foreign policy by the new administration. President Donald Trump has long been open about his desire to build diplomatic bridges with Russia, which have been tense since Moscow’s 2022 invasion of Ukraine. Trump has promised his electorate he will put a swift end to the war in Ukraine but appears to be taking the side of Russia by blaming the conflict on Ukraine.

Many suspect that, by ending cyber operations against Russia, the US administration aims to demonstrate an end to hostilities between the two nations, with the Kremlin benefitting significantly from this act of goodwill. Nonetheless, many critics are arguing that this move weakens the defenses of the US and encourages Russia to continue its cyberattacks without consequence.

Is US Cybersecurity Now at Risk?

The ramifications of this controversial decision have the potential to be far-reaching. National security has long relied on cyber strategies and operations to protect US interests. Russian cyberattacks have been plentiful in recent years, with 2024 seeing Russian hackers striking critical US infrastructures. Accordingly, the ongoing presence of Cyber Command has been crucial in countering Russian attacks in the digital landscape. Experts fear that suspending these activities could have several consequences:

Increased Russian Cyber Threats: Initiating offensive cyber operations helps to neutralize Russian hacking groups by disrupting their networks and exposing their tools. With these interventions now halted, hacking groups will be able to relax and operate more freely.
Weakened Infrastructure Defenses: Almost all major infrastructures within the US rely on digital access, putting them at risk of external threats. Therefore, with their cyber defenses weakened, power grids, financial institutions, and government agencies are all at an enhanced risk of foreign attacks.
Impact on Ukraine and NATO Allies: The US has, until now, been providing valuable cyber assistance to Ukraine and its NATO allies. This has helped them defend against Russian cyberattacks and minimize damage. But this policy change will undoubtedly reduce support, leaving allies more exposed to cyberattacks.
Potential Future Implications: By relaxing cybersecurity efforts against Russia, the US could easily be seen as going light on Russia’s aggressive cyber activity. Russia, meanwhile, could perceives this as a sign of US weakness and take advantage by increasing their cyber activities against the US government.

What Has the Reaction from the Digital Community Been?

Understandably, this news story has caused major debate amongst politicians, journalists and commentators in the digital community. Strong opinions have been voiced, and the internet has been ablaze with polarizing comments.

Lawmakers from Congress have criticized the decision and compared it to removing the military’s ability to defend itself against aggressive action in war. At the same time, cybersecurity experts have condemned the move and pointed at the obvious fact that Russia now has free rein to target critical infrastructure in the US. Commentators on Reddit have been much harsher, with conspiracy theories swirling that Russian executives have infiltrated the Trump administration.

The Immediate Future of US Cybersecurity and Russia

For now, Cyber Command is following orders and has ceased its offensive operations. However, it remains unclear whether this is a temporary move or part of a long-term strategy. If Russian cyber activity increases significantly, surely there will be a change in policy. Only time will tell.

For more ways to secure and optimize your business technology, contact your local IT professionals.

How to Complete a Business IT Vulnerability Assessment

Cyber Security, Data Security, email security, IT Vulnerability Assessment, Ophtek, procedureCyber Security, Data Security, email security, IT Vulnerability Assessment, Ophtek, procecure, vulnerabilityOphtek, LLC

Jun 2023

No IT infrastructure is 100% secure, but you can maximize your defenses and reduce your risk. All you need to do is complete an IT vulnerability assessment.

It’s important to understand exactly what your cybersecurity procedures can and can’t protect against. After all, assuming that your security measures are perfect is a sure-fire way to become complacent. And if there’s one thing that threatens the safety of your IT systems, it’s complacency. Therefore, it’s essential you understand why you need to complete an IT vulnerability assessment. And, more importantly, that you know how to complete one.

Understanding the Purpose of a Vulnerability Assessment

A vulnerability assessment looks at your IT infrastructure and reviews each and every security procedure, as well as highlighting any potential weaknesses. This pre-emptive approach is critical for reducing risk and protecting your systems. Its main objective is to evaluate your existing procedures and deliver suggestions for future improvements.

Preparing an Assessment

There are several steps when it comes to preparing an IT vulnerability assessment, and these include:

Identifying assets: if you’re evaluating the security procedures which protect your IT equipment, you need to start by identifying the assets which comprise your infrastructure. This means you will have a foundation to start your assessment from. So, for example, if you know that you have 20 laptops within your organization, you will need to evaluate all of these for upgrades, existing infections etc.
Determining the scope: it’s important for your vulnerability assessment to have a focus, so make sure you establish this early on. It may be that you simply want to carry out an assessment on your internal email systems, or it could be a more in-depth look at all your internet safety measures. Either way, with this scope established, you can conduct a targeted assessment with clearer objectives.
Select your tools: completing a vulnerability assessment requires numerous tools such as human labor, software, and new IT equipment. Accordingly, you need to make sure this is all available and can be budgeted for. This will allow you to complete a comprehensive assessment to the required standard and leave no shortfall e.g. IT systems which need to be upgraded will require funds to be available.

Analyzing Your Assessment

Once all your preparation is in place, you can complete your assessment as per your plan and guidelines. You then need to analyze the results of your assessment. As previously stated, no IT system is 100% secure, and your assessment will likely raise several concerns and vulnerabilities. Therefore, you will need to categorize these vulnerabilities both by area and severity e.g. weak firewall defenses (major) and staff writing passwords down (medium). This will allow you to begin planning a mitigation strategy to nullify these threats.

Implementing a Mitigation Strategy

With the information gleaned from your vulnerability assessment, it’s vital that you begin communicating this with the stakeholders within your organization. Ensure that your IT staff, department managers and executives are all aware of the vulnerabilities. Most importantly, also communicate how these will be mitigated, this will keep everyone on the same page and generate discussion on any potential implementation problems.

Finally, you need to put your mitigation strategy into place. These steps will vary, depending on your vulnerabilities, but common examples include additional training sessions for employees, updating software and upgrading legacy equipment. Whatever the plan, speed is of the essence to prevent these vulnerabilities turning into a catastrophe.

For more ways to secure and optimize your business technology, contact your local IT professionals.

President Biden Launches New National Cybersecurity Strategy

Cyber Security, Internet, Joe Biden, National Cybersecurity Strategy, Ophtek, SafetyCybersecurity, internet, National Cybersecurity Strategy, Ophtek, safetyOphtek, LLC

May 2023

At the start of March 2023, a new National Cybersecurity Strategy was launched by the Biden administration. And it promises big things.

The previous National Cybersecurity Strategy was released by the Trump administration in 2018. However, since then, the world and the internet has changed significantly. An updated strategy makes sense. But what exactly does it seek to change about the way in which we access and navigate our way through the internet? Well, for one thing, it starts by stating that the Biden administration will be investing $65 million in order to provide every American with access to high-speed internet.

In terms of cybersecurity, however, the 2023 strategy tackles a much broader range of problems

The Ins and Outs of the 2023 National Cybersecurity Strategy

The paper which outlines the 2023 National Cybersecurity Strategy is 35 pages long. It’s also a complex read. But this doesn’t mean the main takeaways are exclusive to high-level IT experts. This is why we’ve decided to help you by breaking down the five pillars that the paper covers:

One of the major priorities of the 2023 strategy is to secure our critical infrastructures. This means that essential systems and networks – such as energy grids and water supply systems – are at risk from cyberattacks. And, just imagine, if a group of threat actors disrupted power supplies, it would result in a major catastrophe. Therefore, the Biden administration is aiming to foster collaboration between government agencies and other stakeholders to identify and protect against any vulnerabilities.

Strengthening our cyber defenses and disrupting threat actors has been identified as a major area for the 2023 strategy to cover. This involves developing strong cybersecurity policies, ones which can quickly detect and respond to cyber-attacks. Once developed, these policies need to be implemented as seamlessly as possible to protect our networks. Naturally, investment in technology and skilled staff will feature heavily in the success of this second pillar.

The third pillar of the new National Cybersecurity Strategy seeks to make market forces drive security and resilience. This means that companies which own personal data will be expected to develop more secure storage systems, and existing laws will be updated to protect users against the risk of software vulnerabilities. The aim of this pillar is to ensure that developers need to foster higher standards of care. The result will be a safer digital landscape.

Investment is crucial in any area seeking to make improvements, and the internet always needs improvements. Accordingly, the Biden administration is seeking to improve three key areas: computing technology, clean energy technology and biotechnology/biomanufacturing. This pillar is also concerned with strengthening the US cyber workforce through enhanced education and digital awareness.

The final pillar in the 2023 strategy focusses on the importance of international partnerships to pursue shared goals. After all, the US alone cannot stop the rise of cybercrime. Common threats need to be addressed by sharing resources and pooling knowledge. The end objective is to deliver higher levels of assurance that digital systems and platforms are safe and secure.

The latest National Cybersecurity Strategy continues the excellent foundations put in place over the last two decades. It’s a responsible step for the Biden administration to take and, at the very least, will provide peace of mind that the internet remains, on the whole, safe to use.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Wiper Malware is Quickly Becoming a Major Threat

Backup, Cyber Security, email security, Ophtek, segmenting network, Wiper Malwarebackup, Cyber Security, email security, Ophtek, segmenting network, wiper malwareOphtek, LLC

Apr 2023

The world of malware evolves rapidly, sometimes from one day to another, but one of the most recent surges in popularity has been found in wiper malware.

You may not be familiar with wiper malware, but it’s a form of attack which has been steadily generating headlines over the last year. And the most recent data from FortiGuard Labs shows there was a 53% in wiper malware activity between Q3 to Q4 in 2022. Any increase in malware activity should be a concern, but anything which is over 50% represents a significant threat. This threat becomes magnified further when you consider the impact of wiper malware. Accordingly, there’s never been a more pressing time to learn about wiper malware.

What is Wiper Malware?

Wiper malware gets its name from its purpose of completely erasing all data from hard drives. Although it may seem similar to ransomware, wiper malware typically demands a fee in exchange for data recovery, but in reality, there is no chance of retrieving the data from the attackers. This type of cyber-attack is highly destructive and can cause harm not only to security but also to IT infrastructures.

Why is Wiper Malware Surging?

The initial surge in wiper malware, first observed in the first half of 2022, was attributed to the war in Ukraine. Most of this activity was the result of advanced persistent threat (APT) hacking groups from Russia supporting their governments campaign in Ukraine. And, as this conflict is still ongoing, the wiper malware threat has remained.

However, Fortinet has observed that the range of threat actors implementing wiper malware has now widened. So, as well as APT groups, wiper malware is also being unleashed by threat actors seeking financial gain and hacktivists looking to push political agendas. The research conducted by Fortinet also indicates that this surge currently shows no signs of slowing down, so it’s a threat which appears here to stay.

How Do You Combat Wiper Malware?

You may not feel as though your organization is a typical target for wiper malware, but this could quickly change due to the increased adoption of wiper malware. Therefore, you need to make sure you’re prepared for this type of attack:

Act promptly: In the event of a wiper malware attack, it’s crucial to begin segmenting your network to minimize the malware’s spread. This approach may not protect all your data, but it can help salvage significant portions. Additionally, keep a constant eye on your network for any unusual activities to prompt you into launching contingency efforts in such situations.

Ensure Careful Backups: one of the best ways to reduce the impact of a wiper malware attack is by taking proper backup measures. As malware can easily spread through networks, it’s essential to keep backups on isolated networks. Furthermore, it’s important to have multiple backups stored on different mediums to safeguard your data.

Beware of Email Threats: Malware distribution through email is a common method, and it’s easy to become a victim of such attacks. Even a momentary lapse in attention, such as not verifying a link correctly, can lead to an infection. Therefore, always hover over links to confirm their destination and, if in doubt, seek assistance from an IT professional.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Cybersecurity Threats to Look Out For in 2023

Artificial Intelligence, Cyber Security, IOT, Ophtek, Ransomware, social engineeringartificial intelligence, Cyber Security, IoT, Ophtek, ransomware, social engineeringOphtek, LLC

Jan 2023

With the end of 2022 fast approaching, it’s time to start looking ahead to the potential security threats that hackers are planning for 2023. 2022 has been another year packed full of ransomware, deceptive malware and unbelievable software vulnerabilities, so it should come as no surprise that more of the same lies ahead. However, threat actors are constantly evolving their techniques and strategies to stay one step ahead of your defenses. Accordingly, you need to make sure you’re keeping pace with their advances and, where possible, putting solutions in place ahead of any attacks being launched.

Preparing for cybersecurity threats in 2023 is vital if you want to keep your IT infrastructure safe for the next 12 months, so let’s look at what we’re likely to be fighting against.

What’s in Store for 2023?

There will be many threats during 2023 to look out for, but the 5 biggest cybersecurity threats you need to be aware of are:

Ransomware will push onwards and upwards: one of the biggest threats to cybersecurity over the last 10 years has been ransomware, and it’s a trend which will continue in 2023. In particular, it’s believed ransomware will move its focus towards cloud providers rather than single organizations, a move which will allow threat actors to target multiple organizations based within one platform. Additionally, due to the speed with which it can be completed, it’s likely ransomware will concentrate on file corruption as opposed to full encryption.

Artificial intelligence will become more important: whilst the potential for AI to help organizations is immense, it also has the capability to fuel cyberattacks. Polymorphic code, for example, uses AI to rapidly change its code, a skill which makes it perfect for malware to avoid being detected. AI learning is also likely to be used to help threat actors to sniff out software vulnerabilities, an opportunity which will allow hackers to focus their real-time activities elsewhere.

Internet of Things attacks to increase: the Internet of Things (IoT) is only going to get bigger during 2023 and, given the historical security issues with IoT devices, this is going to create a small-scale nightmare for your network. As a result, more emphasis is going to be needed when working with IoT devices due to the increased surface area for hackers to target e.g. regular updates and inventory checks. Supply chains to be targeted more and more: supply chain attacks are very dangerous, and 2023 is likely to see a further increase in the number of attacks launched. Much like IoT attacks, supply chain attacks open a large surface area to threat actors, a point underlined by the SolarWinds attack which exposed hundreds of organizations to a single attack. Therefore, it will be crucial that software and hardware being released is thoroughly checked by its manufacturers to avoid any security disasters.

Social engineering to start working with deepfakes: the danger of deepfakes has been well documented in the last five years, but it’s possible these are now going to be integrated into social engineering scams. Deepfakes are all about deception and, at their best, they are highly convincing. Consequently, they are perfect for adding legitimacy to emails and videos which, for example, may be pushing for you to take a call-to-action which is a smokescreen for downloading malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

1 2 3 … 8 Next »

Category Archives: Cyber Security