Click here to download

What is Cyberterrorism?

NATO defines cyberterrorism as “a cyberattack using or exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or intimidate a society into an ideological goal.” The simplest form of cyberterrorism entails attacks that deny service and disrupt daily life for users of cyberspace.

Within the realm of cyberterrorism, however, there are three technical levels of attacks: an attack on the gateway of an organization (through internet sites or denial of service), the defacement of an organization’s information systems and most severely, attacks on an organization’s core operational systems. Common targets for cyberterrorism attacks include banks, cell phone service providers, stock companies and cable companies.

Current Cybersecurity Policy and Discussion

Experts suggest government and private sector cooperation is the first step in creating a unified front against cyberwarfare. While the private sector is perhaps the most significant player in cyberspace, owning the majority of R&D spending over the last two decades, the government continues to push for stronger cybersecurity policies. President Biden has honed in on the discussion, releasing an executive order to improve the nation’s cybersecurity in May. Lawmakers from both sides of the aisle likewise collaborated to produce legislation that addresses cybercrime after attacks on Colonial Pipeline and JBS USA in May 2021.

The proposed policy works as follows: federal agencies, contractors and infrastructure owners would report cyber incidents within 24 hours to the Cybersecurity and Infrastructure Agency (CISA). CISA would then create a reporting system, submitting a report for Congress on said incidents.

The International Cybercrime Prevention Act, originally proposed in 2018, was also recently reintroduced by Senators Lindsey Graham, Sheldon Whitehouse, Richard Blumenthal and Thom Tillis. The bill would tighten consequences for hacking critical infrastructure organizations (e.g. hospitals, banks, etc.) alongside allowing law enforcement to go after botnet groups. President Biden and his cabinet continue to work on passing mandatory cyber legislation for critical infrastructure groups today.

Companies Working Against Cyberterrorism

1. McAfee Security Services: McAfee is an industry leader in device-to-cloud security solutions. Its products “protect data, defend against threats and provide actionable insights through an open platform and the largest threat telemetry network.” Its Endpoint Security is a stand alone, modern product integrated with advanced technologies that include machine learning and endpoint detection and response (EDR). McAfee Labs detects 8,600 cyber threats every minute and the Global Threat Intelligence team processes 2.3 queries every year, indicating that they are at the forefront of preventing cyberterrorism.

2. Microsoft: With the goal of maintaining global trust in technology, Microsoft is involved with both the technical and political aspects of cybersecurity—its R&D efforts focus on four broad areas: policy and resilience, security and assurance, Digital Geneva Convention and cybercrime legislation. Its current portfolio of technology is heavily based on cloud security, ensuring seamless integration with the Azure platform. Armed with incident response consultants, developers and legal counsel, Microsoft provides a well-rounded perspective on terrorism in the digital age.

3. Radware: Radware is a publicly traded company whose solutions allow over 12,500 clients to protect information systems against adapting cyber threats. According to Forrester, “Radware knows DDos attacks better than anyone.” Its advanced technology awarded them the highest possible scores across 18 different categories including detection and attack mitigation, public cloud protection, security operation centers (SOCs) and response automation.

4. FireEye Mandiant: Mandiant’s solutions provide innovative solutions and expertise to create an all-encompassing portfolio of SAAS, consulting and managed security solutions. The threat intelligence module, in particular, provides organizations of all sizes to see the latest security issues. By pulling from over 1 million unique malware samples every day, Mandiant products allow individuals and organizations to discover malware and other indicators of compromise (IOCs) early.

5. Cylance: Cylance (recently acquired by Blackberry) is a predictive security platform powered by AI that is continuously learning. By being compatible with personal laptops and smartphones, Cylance is a product that earns trust across endpoints and consistently validates that trust throughout any event. The key pillars of Cylance include the elimination of cyber threats, full control and visibility, improved endpoint performance and costs and decreased operational costs.

6. CrowdStrike: CrowdsStrike actively trains organizations to react and remediate security breaches whilst providing cloud-based endpoint protection. With a single, cloud native agent, CrowdStrike’s Falcon platform provides next generation antivirus, EDR and managed threat hunting. CrowdStrike Incident Response Strategic Advisory Services, likewise, are designed to help companies effectively respond to major security breaches by offering a variety of services to help clients better understand the scope of their current security configuration.

7. Accenture: There are three main pillars to Accenture’s security platform: cyber defense, applied security and managed security. Accenture’s unique cyber fusion centers use managed security services, advanced analytics platform and intelligence security automation to help organizations “out-innovate” attackers on a daily basis. With two U.S based locations in Houstin and Washington D.C as well as a global cyber fusion center, Accenture boasts a collective of glocal security experts, experienced data scientists and academic researchers all working together to prevent cyberterrorism.

8. Cynet: Cynet is the world’s first autonomous breach protection platform. The Cynet XDR prevention and detection services possess comprehensive coverage against all attacks that involve endpoints, users and networks. By combining Next-Generation Antivirus, Endpoint Detection and Response, Network Analytics and Deception and User Behavioral Analytics, Cyber is able to detect multifaceted, advanced threats that could only be found by comprehensive analysis of endpoints, user activity and network activity.

9. Tanium: 50% of the Fortune 500, 8 of the Top 10 U.S financial institutions and 5 U.S military branches rely on Tanium for endpoint security. A modern approach that has adapted to recent work from the home environments, Tanium is “optimized for the distributed world.” With three pillars of real-time visibility, comprehensive control and rapid response, Tanium has already taken steps to address issues from President Biden’s Executive Order to improve U.S cybersecurity. In fact, U.S Secretary of Defense Ash Carter joined Tanium’s Board of Directors in April.

10. VMware Carbon Black: VMWare Carbon Black is an advanced cybersecurity platform backed by behavioral analytics. As a cloud-native endpoint and container protection platform that uses intelligence and behavioral insights to minimize emerging threats, it is capable of analyzing more than 1 trillion threats daily. By proactively analyzing an attacker’s behavior patterns, Carbon Black is a solution that enables defenders to strengthen its intrinsic security—and it’s trusted by over 16,000 companies worldwide.

11. MalwareBytes: MalwareBytes is a SAAS company that protects all types of devices from threats to complicated traditional antivirus solutions. Worms, rogues, dialers, trojans, spyware and bots are just a few instances of threats that MalwareBytes can detect. Along with detection, the software can clean malware infections, scan viruses and remain non-instructive on a user’s system. Many people have described it as one of the most comprehensive antivirus platforms currently on the market.

12. Fortinet: Fortinent is a longtime standing player in the cybersecurity market. With rapidly growing revenue, its unified threat management platform is frequently listed in Gartner and Forrester. Recent updates to the product include expanding cloud security offerings to Google Cloud as well as the acquisition of the Security Orchestration, Automation and Response (SOAR) platform from CyberSponse. Its steady positive reputation allows for the company to grow and continue to retain customers.

13. Palo Alto Networks: Palo Alto Networks offers a variety of cybersecurity products and services—one of its leading products, Cortex, was recognized as a leader in Endpoint Security Software by Forrester. Its automation of security operations provides comprehensive coverage of digital networks and its consulting and threat intelligence branch, Unit 42, provides security assessments, incident response services and foremost cybersecurity research. A fast growing company expected to increase revenue by over 20% within F22, Palo Alto Networks is continuing to develop its cloud and AI platform (Strata), having already secured partnerships with a variety of U.S government agencies.

14. Proofpoint: Proofpoont holds the perspective that many cyber attacks target people, not systems—its approach, consequently, is user-oriented. By focusing on email, social media accounts and mobile devices, Proofpoint protects brand reputation, people and most importantly, data. Its current clients include F500 companies, global banks, retailers, pharmaceutical companies and top research universities.

15. KnowBe4: KnowBe4, a Unicorn, improves security awareness and minimizes phishing attacks to help companies manage the rise of social engineering. As the world’s largest Security Awareness Training and Simulated Phishing Platform with 40,000 subscribers, KnowBe4 is a technology platform where companies can learn more about cybersecurity from expert hacker Kevin Mitnick. Its preventative technologies allow companies to test its users and networks to identify both potential social engineering and ransomware attacks.

Notable Figures in Cyberterrorism

1. Brian Krebs: Brian Krebs is a globally recognized cybersecurity figure. An investigative and author, he wrote “Spam Nation: The Inside Story of Organized Cybercrime —from Global Epidemic to Your Front Door,” a New York Times bestseller. He now focuses on his security blog “Krebs on Security” and his Twitter account, amassing a following of more than 300k.

2. Eugene Kaspersky: Eugene Kaspersky is the CEO of the Moscow-based Kaspersky Lab, boasting over 4000 employees. His cybersecurity career originated after his personal laptop was infected with the “Cascade” virus in 1989. Now, his cybersecurity technologies impact over 400 million users.

3. Kevin Mitnick: Most known for his arrest in 1995 for his complex man-in-the-middle computer crimes, Mitnick now runs Mitnick Security Consulting and is involved at the executive level at KnowBe4. Many consider him a catalyst in the cybersecurity industry; he is also a published author and sought-after speaker.

4. Eva Galperin: Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation, though she also serves as a technical advisor at the Freedom for Press Foundation and is consistently recognized for her extensive research on malware and nation-state spyware. Her current projects focus on techniques to detect cellphone surveillance on LTE networks.

5. Adam K. Levin: An industry expert on privacy, identity theft and finance, Adam Levin co-founded Credit.com and CyberScout, a security insurance company. He is also an author—publishing “Swiped: How to Protect Yourself in a World of Scammers, Phishers and Identity Thieves,” and more. Levin is outspoken in his hopes to continue to educate law enforcement officers on identity theft and privacy and has been featured on ABC News, The Huffington Post, Yahoo! and the Today Show.

6. Shira Rubinoff: Rubinoff is a cybersecurity expert, blockchain advisor and well-known keynote speaker. With two cybersecurity product companies under her name and a leader of many women-in-technology efforts, she now sits on as the President of the NYC technology incubator, Prime Tech Partners, as well as the social media firm, SecureMySocial. Further, she serves on the executive board for the blockchain company Mainframe, alongside the AI companies TrueConnect & Pypesteam.

7. Bruce Schneier: Schneier is a cryptographic, private specialist and writer, having been dubbed “security guru” by The Economist. “Crypto-Gram,” his newsletter and “Schneier on Security,” his blog, are read by over 200,000 people. Schneier is a frequent lecturer at the Harvard Kennedy School and is a board member at the Electronic Frontier Foundation.

8. Dmitri Alperovitch: Alperovitch is the Co-Founder and former CTO of CrowdStrike. Now on the board of over a half dozen security companies, he also has over two dozen patents pending on his technologies. In 2011, he published Operation Shady RAT, a report on Chinese instructions into at least 72 worldwide organizations including the United Nations and the International Olympic Committee.

9. Mikko Hypponen: Hyppon has worked at F-Secure, a cyber solutions company since 1991. His research has been published in the New York Times, Wire and Scientific American. A lecturer at Stanford University, Cambridge and Oxford, he has also been recognized by the PC World Magazine as one of the 50 Most Important People as well as the FP Global 100 Thinkers List.

10. Edna Conway: Edna Conway is the Chief Security & Resiliency Officer at Microsoft Azure, responsible for the governance of cloud infrastructure at Microsoft. Recognized both domestically and globally, she was recently appointed to the Executive Committee of the US DHS Task Force on ICT Supply Chain Risk Management. She is also a member of the Fortune Most Powerful Women community anda recipient of CSO of the Year. Before joining Microsoft, she served as Cisco’s Chief Security Officer.

Do you have information to share with Identity Review? Email us at press@identityreview.com.