CrowdStrike-linked outage a “dress rehearsal” for what China may have planned for U.S. critical infrastructure.
By Andy Jenkinson – Guest Contributor | Group CEO Cybersec Innovation Partners via GEÓ
CISA director Ms. Jen Easterly calls CrowdStrike-linked outage a “dress rehearsal” for what China may have planned for U.S. critical infrastructure.
In Psychology this is often known as Projection which is a defence mechanism that people subconsciously employ in order to cope with difficult feelings, emotions, or even failure.
Psychology Projection involves displacing negative qualities about oneself onto a different individual, institution, or in this case, a country. Let’s blame China, North Korea, Iran, or Russia…
Make no mistake, CrowdStrike’s catastrophic bungle certainly sets the scene for further ‘incidents.’ However, there are several major issues that the forced outage on the 19 July caused not least of which is the Windows Server Update Services (WSUS) which are reliant upon DNS servers which are exposed and Insecure.
To understand why DNS has been ignored for decades, despite being critical to security and one of the oldest Internet Protocols having been issued RFC 882 and 883 in Nov 1983, we need to look at how DNS has been exploited for Surveillance by the Intelligence Community.
Paradoxically, DNS was NOT TAUGHT in any depth via Academia and through Cyber Certifications for several decades. It still isn’t. Teaching and securing DNS would enable robust resilience and security and the prevention of Surveillance.
Fast forward a generation plus and adversaries learnt the same tactics of the IC Agencies. Over the last decade adversaries have been exploiting DNS increasingly including the SolarWinds attack and exploiting DNS to plant Malware into software upgrades. Think about that for a minute and re-read.
CISA’s Emergency Directive (M-19-01) was finally issued in January 2019 following numerous Federal Agencies suffering DNS attacks. Prior to this, the IC Agencies were happy to ignore DNS for fear of exposing its exploitation.
Let me be candid, what would be closer to the truth is if CISA stated: ‘Our adversaries have also learnt how to exploit DNS only now, not for Surveillance, but to cause chaos and disruption. The Modus Operandi is the same as ours and we have at least an entire generation and longer that have been kept in the dark and who are ignorant of DNS as a critical area to secure due to our Surveillance tactics.” – Projection
My fourth book is titled – ”Surveillance, the Blueprint for Cybercrime” for a good reason.
The Blueprint for todays cybercrime was the Exploitation, Tampering, and Abuse of the Internet and connections – Internet Assets. DNS Servers served as perfect conduits that nobody checked and those that do, have ‘special’ relationships with the IC community.
Cybersec Innovation Partners
GCHQ
National Cyber Security Centre
Federal Bureau of Investigation (FBI)
FBI Cyber Division
Central Intelligence Agency
Cybersecurity and Infrastructure Security Agency
United States Department of Defense
ABC News
BBC News
CNBC
CNN
Fox News Media
ITV News
Sky News
hashtag#InternetSecurity
hashtag#DNS hashtag#PKI
