Category Archives: Defense,

Cyber Threats are Clear and Present

Posted on by

Cybersecurity threats, malware and ransomware are clear and present danger threats to American businesses and way of life.

This week, Americans wake-up to dire warnings from the federal government in Washington to growing cyber threats and malware from Russia. The federal government warns American citizens, organizations and businesses to enhance their cyber vigilance and security in preparation of cyber attacks originating from Russia targeting critical information and infrastructure.

The latest cybersecurity threats are taking advantage of pandemic induced work-from-home environments, remote access tools, and new cloud services. According to CISA, these evolving cybersecurity threats include:

  • Malware — malicious software variants—such as worms, viruses, Trojans, and spyware—that provide unauthorized access or cause damage to a computer. Malware attacks are increasingly “fileless” and designed to get around familiar detection methods, such as antivirus tools, that scan for malicious file attachments.
  • Ransomware — a type of malware that locks down files, data or systems, and threatens to erase or destroy the data – or make private or sensitive data to the public – unless a ransom is paid to the cybercriminals who launched the attack. Recent ransomware attacks have targeted state and local governments, which are easier to breach than organizations and under pressure to pay ransoms in order to restore applications and web sites on which citizens rely.
  • Phishing / social engineering — a form of social engineering that tricks users into providing their own sensitive information. In phishing scams, emails or text messages appear to be from a known individual or legitimate company asking for sensitive information, such as credit card data or login information. The FBI has noted about a surge in pandemic-related phishing, tied to the growth of remote work.
  • Insider threats — Current or former employees, business partners, contractors, or anyone who has had access to systems or networks in the past can be considered an insider threat if they abuse their access permissions. Insider threats can be invisible to traditional security solutions like firewalls and intrusion detection systems, which focus on external threats.
  • Distributed denial-of-service (DDoS) attacks — attempts to crash a server, website or network by overloading it with traffic, usually from multiple coordinated systems. DDoS attacks overwhelm enterprise networks via the simple network management protocol (SNMP), used for modems, printers, switches, routers, and servers.
  • Advanced persistent threats (APTs) — an intruder or group of intruders infiltrate a system and remain undetected for an extended period. The intruder leaves networks and systems intact so that the intruder can spy on business activity and steal sensitive data while avoiding the activation of defensive countermeasures. The recent Solar Winds breach of United States government systems is an example of an APT.
  • Man-in-the-middle attacks — an eavesdropping attack, where a cybercriminal intercepts and relays messages between two parties in order to steal data. For example, on an unsecure Wi-Fi network, an attacker can intercept data being passed between guest’s device and the network.

A majority of Americans have moved their financial and daily lives online, and thus are more susceptible than ever to of cyber crime, malware and ransomware attacks.

As you might image, today’s world is more interconnected than ever before. Yet, for all its advantages, increased connectivity brings increased risk of theft, fraud, and abuse.

As Americans become more reliant on modern technology, we also become more vulnerable to cyberattacks and cybercrimes.

Every organization—large and small—must be prepared to respond to cybercrime and disruptive cyber incidents, explains the Cybersecurity and Infrastructure Security Agency (CISA). CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.

CISA recommends all individuals and organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets, like a “zero trust strategy”.

A zero trust strategy assumes compromise and sets up controls to validate every user, device and connection into the business for authenticity and purpose. To be successful executing a zero trust strategy, organizations need a way to combine security information in order to generate the context (device security, location, etc.) that informs and enforces validation controls.

References:

  1. https://www.ibm.com/topics/cybersecurity
  2. https://www.cisa.gov/shields-up

Keep Yourself Cyber Safe

Posted on by

Every American can take simple steps to improve their cybersecurity and protect themselves while online.

As the nation’s cyber defense agency, Cybersecurity and Infrastructure Security Agency (CISA) stands ready to help individuals and organizations prepare for, respond to, and mitigate the impact of cyberattacks and cybercrime.

Currently, CISA recommends all individuals, organizations and businesses —regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical information and assets.

Every American can take several simple steps to improve their cybersecurity and protect themselves while online. In fact there are 5 things you can do to keep yourself cyber safe. CISA urges everyone to practice the following: 

  • Implement multi-factor authentication (MFA) on your accounts. A password isn’t enough to keep you safe online. By implementing a second layer of identification, like a confirmation text message or email, a code from an authentication app, a fingerprint or Face ID, or best yet, a FIDO key,  you’re giving your bank, email provider, or any other site you’re logging into the confidence that it really is you. Multi-factor authentication can make you 99% less likely to get hacked. So enable multi-factor authentication on your email, social media, online shopping, financial services accounts. And don’t forget your gaming and streaming entertainment services!   
  • Update your software. In fact, turn on automatic updates.   Bad actors will exploit flaws in the system. Update the operating system on your mobile phones, tablets, and laptops.  And update your applications – especially the web browsers – on all your devices too.   Leverage automatic updates for all devices, applications, and operating systems. 
  • Think before you click. More than 90% of successful cyber-attacks start with a phishing email.  A phishing scheme is when a link or webpage looks legitimate, but it’s a trick designed by bad actors to have you reveal your passwords, social security number, credit card numbers, or other sensitive information. Once they have that information, they can use it on legitimate sites. And they may try to get you to run malicious software, also known as malware.  If it’s a link you don’t recognize, trust your instincts, and think before you click. 
  • Use strong passwords, and ideally a password manager to generate and store unique passwords.  Our world is increasingly digital and increasingly interconnected. So, while we must protect ourselves, it’s going to take all of us to really protect the systems we all rely on. 
  • Halt bad practices. Take immediate steps to: (1) replace end-of-life software products that no longer receive software updates; (2) replace any system or products that rely on known/default/unchangeable passwords; and (3) adopt MFA for remote or administrative access to important systems, resources, or databases.

Americans should prepared themselves to respond to cybercrime and to disruptive cyber activity. CISA encourages everyone to put their “Shields Up” and take proactive steps to protect against active and future cyber threats. 

References:

  1. https://www.cisa.gov/shields-up
  2. https://www.cisa.gov/free-cybersecurity-services-and-tools

Taxes: Income and Property

Posted on by

“In this world, nothing is certain except death and taxes.” Ben Franklin

After-tax income inequality has grown over the long term. Between 1979 and 2018, the share of aggregate after-tax income of the top 1% of households grew significantly from 7.4% to 13.6%. In contrast, the shares for the bottom 90 percent of households declined. Tax Policy CenterWealth inequality has also widened. The average white household had $402,000 in unrealized capital gains in 2019, compared with $94,000 for Black households and $130,000 for Hispanic or Latino households. These disparities have generally widened over time. Tax Policy Center

Virtually all families hold some amount of financial assets, broadly defined as brokerage, checking, savings and retirement accounts to name a few. While 98% of families held checking or savings accounts in 2019, only 50% of families held retirement accounts and 15% owned stocks. Tax Policy Center

Salaries and wages are the largest sources of income for most households. In 2018, they comprised 68% of total adjusted gross income across all individual income tax returns, but only 17% for those with incomes over $10 million. Tax Policy Center

Income from capital gains made up about 8% of aggregate adjusted gross income (AGI) in 2018, but this varied by income level. For those with AGI over $10 million, capital gains accounted for nearly half of their income. Tax Policy Center

In 2019, the median net worth for those with college degrees was four times higher than for those with high school diplomas and nearly 15 times higher than for those without high school diplomas. Tax Policy Center

Overall, the share of US families with education loan debt went from 9% in 1989 to 21% in 2019. About 30% of Black families had education loan debt in 2019, compared with 20% of White families and 14% of Latino families. Tax Policy Center

Federal taxes are moderately progressive overall. In 2018, the top 1% had 16.6% of total income before taxes and 13.6% after taxes. Contrastingly, the lowest quintile had 3.8% before taxes and 7.1% after taxes. Tax Policy Center

In fiscal year 2019, state and local governments raised $577 billion in property taxes. As a share of general revenue, New Hampshire relied the most on property tax revenue (36%) whereas Alabama and New Mexico relied the least (7%). Tax Policy Center

State and local taxes as a share of income ranged from 7% in Tennessee to 15% in North Dakota in 2019. This does not measure comparative tax burdens on states’ residents because it includes taxes on business activities borne by residents of other states. Tax Policy Center

Total tax revenue (including federal, state, and local taxes) as a share of GDP was 24.5% for the US in 2019. Tax Policy Center

Wealthier Americans may be more stressed regarding inflation, economic uncertainty and market volatility, but lower-income Americans have much more to fear from rising prices and are experiencing greater daily impact to their wallets. They tend to have less financial cushion to handle higher prices for food, gas, and other necessities, according to the Tax Policy Center.

The above financial inequality and tax snippets are interesting facts/information garnered from the nonprofit Tax Policy Center.

References:

  1. https://www.taxpolicycenter.org/fiscal-fact/top-1-income
  2. https://www.axios.com/wealth-inflation-fears-money-financial-assets-52779e2d-8940-4b87-85cd-29c65744fb29.html

Defense Secretary Lloyd Austin III

Posted on by

Austin has broken racial barriers throughout his four decades in the U.S. Army.

Newly confirmed Defense Secretary Lloyd Austin III took office Friday as the first Black defense chief. Retired Army General Austin, 67, is a 1975 graduate of the U.S. Military Academy at West Point. He helped lead the invasion into Iraq in 2003, and eight years later was the top U.S. commander there, overseeing the full American troop withdrawal.

General Austin was only the sixth African-American four-star general in Army history. Austin gained confirmation after clearing a legal hurdle prohibiting anyone from serving as defense chief until they have been out of the military for seven years. Austin retired less than five years ago, but the House and Senate quickly approved the needed waiver, and President Joe Biden signed it Friday.

President Biden said he chose retired Gen. Lloyd Austin III for defense secretary because of his experience and integrity, calling the retired soldier “the definition of a patriot.”

The top Democrat on the Senate Armed Services Committee said that Austin is an “exceptionally qualified leader” who pledged to uphold civilian control of the military during his confirmation hearing.

The retired four-star Army general told senators that the Pentagon’s job is to “keep America safe from our enemies. But in the wake of the deadly insurrection at the U.S. Capitol, where retired and current military members were among the rioters touting far-right conspiracies, we can’t do that if some of those enemies lie within our own ranks.”

He said that military leaders must set the right example to discourage and eliminate extremist behavior. They must get to know their troops, and look for signs of extremism or other problems, he said.

But Austin — the first Black man to serve as head of U.S. Central Command and the first to be the Army’s vice chief of staff — also knows that much of the solution must come from within the military services and lower-ranking commanders. They must ensure their troops are trained and aware of the prohibitions.

“Most of us were embarrassed that we didn’t know what to look for and we didn’t really understand that by being engaged more with your people on these types of issues can pay big dividends,” he said, recalling the 82nd Airborne problems. “I don’t think that you can ever take your hand off the steering wheel here.”

Austin describes himself as the son of a postal worker and a homemaker from Thomasville, Georgia, who will speak his mind to Congress and to President Biden.

References:

  1. https://www.militarytimes.com/news/your-military/2021/01/24/for-1st-black-pentagon-chief-racism-challenge-is-personal/
  2. https://www.militarytimes.com/news/pentagon-congress/2020/12/08/biden-heres-why-i-chose-lloyd-austin-for-defense-secretary/