Bravatek Solutions Inc (BVTK)

[USMCMAC8808]

We just got a bunch of new Tweets today! Here ya go:
ALL THE NEW TWEETS:
"CrucialTrak's IT integration services now on SEWP contract vehicle through BVTK..."

"FYI...The Imperative of Critical Infrastructure Protection - Cyber and Physical by Chuck Brooks https://www.linkedin.com/pulse/imperative-critical-infrastructure-protection-cyber-chuck-brooks … by @ChuckDBrooks"

"BVTK's telecom alliance partners bringing "home the bacon" in short order because of BVTK's involvement..."

"FINS--as usually--were worked on all weekend...Look for 8-K earlier, rather than later, this week..."

"FYI. BVTK's new alliance with CrucialTrak, its knowledge of critical infrastructure protection and its Ecrypt One product positions it well."

"How likely is a ‘digital Pearl Harbor’ attack on critical infrastructure?

Taylor Armerding
3 days ago

It’s coming on two decades now since the first warnings that US critical infrastructure is vulnerable to a catastrophic cyberattack. According to some experts, it is perhaps more vulnerable now than ever – the threats are worse and the security is no better.

But how likely is such an attack? There is still plenty of debate about that.

Richard A Clarke, who in 2000 was the US’s top counter-terrorism and cybersecurity chief, gets credit for coining the term “digital Pearl Harbor”. He said at the time that it was “improbable,” but added that “statistically improbable events can occur”.

There have been similar warnings since from top government officials – former defense secretary Leon Panetta paraphrased Clarke in 2012, warning of a “cyber Pearl Harbor” – a major cyberattack on industrial control systems (ICS) that could disable the nation’s power grid, transportation system, financial industry and government for months or longer.

Of course, nothing even close to that catastrophic level has happened – yet. And there are a number of experts who say such doomsday language is gross hyperbole, peddling nothing but FUD (fear, uncertainty and doubt). Marcus Sachs, CSO of the North American Electric Reliability Corporation (NERC), said at the 2015 RSA conference that squirrels and natural disasters were a more realistic threat of taking down the grid than a cyber attack.

But a couple of experts in ICS – the equipment used to operate the grid and other critical infrastructure – say they are increasingly troubled that security has not really improved since the warnings began.

Sophos Home

Stop ransomware with our free personal security software

Learn More
Galina Antova, co-founder and chief business development officer at Claroty, recently referred in a blog to “The Lost Decade of Information Security”, saying:

“We are no better off today in terms of cybersecurity readiness than we were 10 years ago. The threat landscape is clearly growing more active and dangerous by the day. The theoretical is becoming reality and, unfortunately, we aren’t prepared to counter the threat just over the horizon.
She has some company in the person of Joe Weiss, managing partner at Applied Control Solutions, who has said for years that ICS security is dangerously lax. Writing on his “Unfettered” blog last week, Weiss said there is essentially no security in ICS process sensors, the tools to detect anomalies in the operation of ICSs – which means an attacker could get control of them relatively easily and create major physical damage."

"FYI...WHAT ARE THE NEW CYBERSECURITY STAKES – WHAT ARE THE VULNERABILITIES AND RISKS?
We live in world of algorithms; x’s and o’s. Our digital world is ripe for access and compromise by those who want do harm from just a laptop and server. A myriad of recent breaches have demonstrated that as consumers we are becoming more and more dependent upon digital commerce. Our banking accounts, credit cards, and financial daily activities are interconnected. We are all increasingly vulnerable from hackers, phishers, and malware proliferating across all commercial verticals.

In the past year, the employment of ransomware has become a method of cyber-attack choice by hackers. This is because many networks (especially hospitals, utilities, universities, and small businesses) are comprised of different systems, devices and often lack required patching and updating necessary to thwart attacks. The recent Wannacry, and Petya attacks were certainly wake up calls to the disruptive implications of ransomware. We can expect to see more such attacks because of the ease of infection and because the vulnerabilities to networks still remain.

Ransomware is not a new threat, it has been around for at least 15 years, but it has become a trending one. Experts estimate that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code. Success for hackers does not always depend on using the newest and most sophisticated malware. It is relatively easy for a hacker to do. In most cases, they rely on the most opportune target of vulnerability, especially with the ease of online attacks.

More ominous are the Distributed Denial of Service attacks (DDoS). Tech Target provides a succinct definition of A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems. The connectivity of the Internet of Things (IoT) and its billions of connected devices is conducive for DDoS activities. In 2016 a DDoS attacks were launched against a Domain Name System (DNS) called Dyn. The attack directed a variety of IoT connected devices to overload and take out internet platforms and services.

Consider the dire and eye opening facts: Hackers attack every 39 seconds and around one billion accounts and records were compromised worldwide last year. There are estimates that global Cybercrime damage costs will reach $6 trillion annually by 2021. Cybercrime is growing exponentially and so are the risks.

WHAT ARE THE CYBERSECURITY CHALLENGES AND HOW DO WE PROTECT OURSELVES?
McKinsey & Company and the World Economic Forum published a joint paper a couple of years back projecting that ineffective cybersecurity will result in a cost to the global economy of three trillion dollars by 2020. That estimate may be even greater now that IoT has expanded so rapidly along with the attack surfaces constituted by so many billions of connected devices to the internet. A Gartner report predicts more than 20 billion connected things to the internet by 2020 that can be hacked or compromised. Clearly, it is almost an insurmountable task to monitor and protect IoT. It is also very difficult challenge to keep up with the increasing sophistication of the socially engineered threats and threat actors.

A security strategy to meet these growing cyber-threat challenges needs to be both comprehensive and adaptive. It involves people, processes, and technologies. Defined by the most basic elements in informed risk management, cybersecurity is composed of:

Layered vigilance (intelligence, surveillance);
Readiness (operational capabilities, visual command center, interdiction technologies);
Resilience (coordinated response, mitigation and recovery).
The specifics of a security approach may vary according to circumstances, but the mesh that connects the elements is situational awareness combined with systematic abilities for critical communications in cases of emergency. These guidelines are represented in the NIST mantra: “Identify, Protect, Detect, Respond, Recover”."

"FYI:White House Issues New Memo on R&D Budget Priorities for Fiscal 2019
Jane Edwards August 21, 2017 Civilian Agencies, Latest News 404 Views

The White House has released a new memorandum to provide federal agencies information on the administration’s priority areas in research and development and guide them as they create and submit their fiscal 2019 budget requests to the Office of Management and Budget.

The memo published Thursday directs agencies to invest in R&D efforts that seek to advance U.S. military superiority such as the development of missile defense platforms, hypersonic weapons, strategic deterrent and computing capabilities as well as space-based and autonomous systems.

OMB Director Mick Mulvaney co-wrote the document with Michael Kratsios, deputy assistant to the president at the Office of Science and Technology Policy.

The memo asks agencies to support R&D work on cybersecurity platforms that aim to protect the country’s critical infrastructure from cyber attacks as well as law enforcement and border surveillance systems designed to facilitate detection of illegal activities.

Agencies should continue to advance research in biometrics, machine learning, autonomous systems, quantum computing and other emerging technologies that would help advance the economy, according to the memo.

The document also states R&D practices the Trump administration wants agencies to prioritize such as increasing government accountability, supporting early-stage applied research and advancing interagency coordination programs.

The administration also wants agencies to integrate science, technology, engineering and math education into their workforce training initiatives and support the modernization of the country’s research infrastructure."