NIST’s Draft Publication on Ransomware (SP-1800-25)

This past week the National Institute of Standards and Technology (NIST) published two draft publications to provide guidance on protecting against organization information technology assets against the increasing problem of ransomware. Since last summer there has been a large increase in the amount of ransomware that has successfully disrupted the operations of multiple local governments and agencies in Texas, the Port Neches-Groves Independent School District, and the City of New Orleans, Louisiana. Additionally, SR2 Solutions has had reports of multiple ransomware attacks and attempted attacks against small and medium companies in the private sector in the Southeast Texas region. This post will focus specifically on SP-1800-25 “Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events”

read more

Cyber Strikes Against Iran, What We’ve Seen Before, What We Might See Going Forward

The world has seen a steady increase in tensions between the US and one of its oldest adversaries, Iran. Most recently we have seen on June 13th commercial vessels attacked in the Strait of Hormuz, a vital shipping lane for oil from the Middle East to the rest of the world economy. These attacks are believed to have been the work of the Islamic Revolutionary Guard Corps (IRGC). Additionally, on June 20th, we have seen a US RQ-4A Global Hawk unmanned drone shot down by Iranian forces. The US says that the drone was over international waters and that the destruction of the drone was unwarranted, while the Iranian government claims that it was over their airspace and was an unwarranted incursion into their territory. The US promised retaliation for the strike. On June 21st, an airstrike was launched by the US against Iran that was abruptly halted 10 minutes prior to the strike by President Trump. The President’s reasoning for canceling the strike was based on an estimate of ~150 casualties as a result of the airstrike which he believed to not be proportionate to the downing of the unmanned Global Hawk drone. And this is where this entire situation becomes interesting from a cyber security and critical infrastructure perspective.

read more

Theoretical Cyber Attack On The Chemical Sector and Recommendations

This paper was prepared for PSAA 652 – Protection of the Nation’s Critical Infrastructure at the Bush School of Government and Public Service at Texas A&M University. It was intended to have us as student develop a plausible scenario that would affect a portion of the country’s critical infrastructure. In this particular case I looked at the effects of a cyber attack on the chemical sector.

read more

Cyber Attacks on the US, Their Effects, and Looking Ahead

This paper was prepared for PSAA 656 – Fundamentals of Homeland Security at the Bush School of Government and Public Service at Texas A&M University. This paper was intended to give an overview of current policy around Cyber Security as it relates to the discipline of Homeland Security in the United States as well as review the potential threats to cyber security including actual events that have occurred within the US as of 2017.

read more

The Effects of Publicly Available Strong Encryption Technology on Intelligence Operations

This paper was prepared for PSAA 655 – Domestic Intelligence Operations at the Bush School of Government and Public Service at Texas A&M University. For this paper, we as students were expected to research an important topic related to intelligence operations and look at how certain policy decision affect the intelligence cycle. In this particular case I disucssed the public availability of strong data encryption.

read more

Cyberwar Strategies

This paper was prepared for PSAA 608 – Domestic Intelligence Operations at the Bush School of Government and Public Service at Texas A&M University. For this paper, we as students were expected research possible defensive and offensive strategies to be used in cyber warfare.

read more