Information Technology

US officials from the Justice Department, Treasury, and FBI announced a slate of actions taken against some of the leaders of the REvil ransomware group as well as sanctions against organizations helping groups launder illicit funds.

At a press conference on Monday, US attorney general Merrick Garland announced indictments of 22-year-old Ukrainian Yaroslav Vasinskyi and Russian Yevgeniy Polyanin for their involvement in REvil’s operations. Vasinskyi was arrested in Poland last month and is now facing charges for the attack on Kaseya that infected more than 1,000 companies with ransomware this summer. Garland said that Vasinskyi — who went by the name “Robotnik” online — was one of the masterminds behind the REvil ransomware and is facing extradition after being arrested by Polish authorities on October 8. Garland added that while Polyanin has not been arrested, he was also hit with a litany of hacking-related charges and had $6.1 million in ransom payments seized by law enforcement agencies. According to the DOJ, in addition to the headlining attacks on Kaseya and JBS, REvil is responsible for deploying its ransomware on more than 175,000 computers. The group has allegedly brought in at least $200 million from ransoms. Garland noted that Polyanin has been tied to at least 3,000 ransomware attacks. “Polyanin’s ransomware attacks affected numerous companies and entities across the United States, including law enforcement agencies and municipalities throughout the state of Texas. Polyanin ultimately extorted approximately $13 million dollars from his victims,” Garland said while unveiling the indictments of both men. “For the second time in five months, we announced the seizure of digital proceeds of ransomware deployed by a transnational criminal group. This will not be the last time. The US government will continue to aggressively pursue the entire ransomware ecosystem and increase our nation’s resilience to cyber threats.”Garland, deputy attorney general Lisa Monaco, and FBI director Christopher Wray, repeatedly thanked Kaseya for coming forward to law enforcement agencies almost immediately after discovering the REvil attack. 

All three noted that the company’s quick decision went a long way in helping the FBI and others track down the payments and help other victims. Alongside the indictments, the Treasury Department announced sanctions against the Chatex virtual currency exchange and its associated support network for allegedly facilitating financial transactions for ransomware actors.IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd were also sanctioned for providing support to Chatex.The Treasury Department also unveiled a $10 million bounty for any information about anyone who holds a key leadership position in the Sodinokibi/REvil ransomware variant transnational organized crime group. There is another $5 million reward for information leading to the arrest or conviction in any country of any individual conspiring to participate in or attempting to participate in a Sodinokibi variant ransomware incident.Recorded Future ransomware expert Allan Liska said the slate of actions on Monday dispelled the notion that law enforcement action was largely ineffective against ransomware groups. “We’re not going to pop corks and say ransomware is over yet, but I do think that we’re starting to see an impact. I’m excited that there are more sanctions against cryptocurrency exchanges that are known for laundering money. I also like that the Treasury Department called out some smaller countries, like Estonia and Romania, for their assistance in this, because I think it starts to show that Russia really is isolated in this, more so than they had been in the past,” Liska said.”The seizing of those assets from a Russian citizen kind of shows that even if you’re based in Russia, you’re not safe. They may not be able to arrest you, but they can impact you in ways that you probably haven’t thought of yet.” More

Annke makes solid external security cameras — but the CZ400 PTZ security camera I reviewed at the start of 2021 was really difficult to set up. Now the latest cameras in Annke’s line-up show that the brand has listened to feedback and has made some changes — but has it gone far enough?The recently released Annke NC400 and NC800 bullet camera models use a feature that Annke calls NightChroma. This feature adds colour to night vision images improving the colour in its video image. There are a lot of other features added to these cameras too. Annke NC800Made from heavy-duty aluminium,
the Annke NC800 is a 4K security camera

 with a 2.8mm lens, horizontal field of view of 102 degrees and a vertical field of view of 52 degrees. It will capture human and vehicle motion and will detect movement if someone crosses a pre-defined line. It uses a 1/1.2 inch STARVIS progressive scan CMOS and will record an image of up to 2688 x 1520 at up to 30fps. It will detect objects at up to 0.0005 Lux and will detect objects up to 130ft. It also has an LED spotlight that invokes when something crosses into its field of view.

Likewell constructedcolour night vision

Don’t Likepoor documentation in the boxdifficult to find correct desktop softwaremanagement software needs updating

The Annke NC800 bullet security camera is a fairly compact camera at 78.8 x 78.6 x 215.2 mm. It’s well-built and weighs 860g. It has impressive image enhancement techniques, using WDR (Wide Dynamic Range), BLC (Back Light Compensation), HLC (Headlight light correction) and DNR (Digital Noise Reduction). Annke does not explain any of these acronyms on its website — but assumes that everyone who wishes to purchase one of its cameras already knows what the acronyms mean. That may be annoying for first-time buyers.

It uses a MicroSD card up to 256GB for local storage, or you can connect it using a NAS or 4K PoE (Power over Ethernet) NVR (Network Video Recorder). It is rated at IP67, so it’s waterproof and dustproof and can be used outside or inside. Inside the box is the NC800, a pack of waterproof connectors and a screw fixing kit. A camera quick start guide and a user guide explain which cables are which and show how to attach the camera to the network video recorder (NVR). There is also a mini-CD — presumably with documentation — but I could not confirm this as none of my current PCs have a CD slot.You need to download the ‘SADP’ — whatever that is — software from Annke’s download centre. The user guide does not explain what the SADP software is. I took a punt and downloaded the ‘Annke sight’ software. This did not work due to a missing DLL file. I then tried to install the Guarding Vision software – and also installed the Annke vision app onto my Android phone. This was all guesswork on my part, as the documentation did not mention any of this.I finally searched the support site for mention of SADP and got to an article that linked to the download of the SADP tool. This is a very clunky process, and setting up the management app is nowhere near as simple as most other security systems I have reviewed. The install process uses Internet Explorer, which hangs and needs to be stopped using taskmaster.The Guarding Vision software added the client, storage server and streaming media software onto my PC. The software quickly picked up my network connected camera and allowed me to add other devices to the group.
Eileen Brown
The Android phone software quickly connected the camera to the app and gave a live view of the camera. You can add up to 16 cameras in the group and monitor them simultaneously. You can configure various settings, such as the local time zone, microphone, image encryption, and other formats. You can also link cameras together in zones. You can customize voice alerts and other parameters such as alarms and Wi-Fi settings. There are several other features you can tweak too, depending on your setup. You can digitally zoom the image up to 8.0x, and the image is fairly crisp and clear – even at low light.It picks up sound from up to 20 feet away and has noise cancelling features to pick up clear and distinct voices. Annke NC400The 
Annke NC400 bullet security camera

 is a well-built camera with an aluminium body. It is smaller than the NC800 with dimensions of 68.4 x 65.2 x 161.q, and it weighs 430g. Like the NC800, it is rated at IP67, so it is dustproof and waterproof.Its image sensor is a 2.8mm lens 1/2.7 inch CMOS sensor, and it will detect movement in light levels down to 0.001 Lux. It has an LED spotlight. Its resolution is 4MP 2560 x 1440px at up to 20fps. Like the NC800, it has a horizontal field of view of 102 and a slightly larger vertical field of view of 54 inches. It will detect objects up to 100 feet away. The NC400 also has 4MP QHD colour night vision.Inside the box, there is the NC400, a pack of waterproof connectors and a screw fixing kit. There is also a screw fixing template and a quick start guide explaining how to connect the NC400 to the NVR (sold separately). You can connect the camera as an analogue system and connect the NVR to a router so you can access the NVR through your mobile phone. There is no option in the NC400 to add a memory card to the camera.The NC400 does not have a QR code to add the camera to the app easily. However, scanning the bar code does cause the app to beep — however, the camera fails to connect. Only after using the SADP device manager and adding the camera password and security details did the camera appear in the list of cameras. It is a really clunky process and not something that I want to do often. The Reolink range of security cameras are far simpler to set up.Other features are common to the app — like the 8.0x digital zoom — and not specifically the camera itself. All in all, these are well-built cameras that are sturdy and strong with great image features. The SDAP software needs to be refreshed and updated as it looks outdated, and Annke could spend time making the user guide far more comprehensive.The
NC800 is offered for sale at $350

and the
NC400 at $130

— good mid-range prices for the camera build and quality. Be aware of the desktop app limitations and the extra security hoops you need to add to make the product secure, and you could get a great security camera system for your business or home. More

Black Friday Deals

An investor group has acquired cybersecurity giant McAfee Corporation for more than $14 billion.Led by Advent International Corporation, Permira Advisers, Crosspoint Capital Partners, Canada Pension Plan Investment Board, GIC Private, and a wholly-owned subsidiary of the Abu Dhabi Investment Authority, the investment group bought all outstanding shares of McAfee common stock for $26 per share in an all-cash transaction. The price was based on McAfee’s closing share price of $21.21 on November 4. McAfee shareholders will receive $26 in cash for each share of common stock they own, and the deal will close at some point in the first half of 2022. Once the deal is completed, McAfee common stock will no longer be listed on any public securities exchange.McAfee sold its enterprise security business to a consortium led by Symphony Technology Group in a deal worth $4 billion in March. Since its split from Intel in early 2017, McAfee has pivoted to cloud services and worked to build out its platform with a focus on its enterprise product portfolio. However, the company is now narrowing its focus and directing its resources to the consumer side of the business in a bid for long-term growth.McAfee CEO Peter Leav said at the time that the transaction would allow McAfee to singularly focus on their consumer business and accelerate their strategy to be a leader in personal security for consumers. The enterprise security business was merged with FireEye in a $1.2 billion all-cash transaction that closed in October.

Leav said the deal on Monday was a “testament to McAfee’s market-leading online protection solutions, our talented employees, and outstanding customers and partners.””We want to thank our employees for their continued hard work and commitment to McAfee. We are thrilled to be partnering with premier firms who truly understand the cybersecurity landscape and have a proven track record of success,” Leav said.McAfee completed its initial public offering last year. TPG and Intel are still shareholders in the company. The investor group said in a statement that it would provide McAfee with financial support as well as operational resources to help the company meet rising demand for cybersecurity services. The company added that McAfee’s Board and advisors now have a 45-day shopping period where they can look for better acquisition proposals. Jon Winkelried, CEO of TPG and chair of the McAfee Board, said the deal signals continued growth and opportunity for McAfee, noting that over the last four years, the company has expanded its product portfolio, enhanced its go-to-market strategy, and pursued strategic M&A efforts. “The risks that consumers face from all aspects of their digital lives is immense, and these risks are unprecedented and rapidly increasing,” said Greg Clark, managing partner at Crosspoint Capital and former CEO of Symantec  “Consumers buy from brands they trust, and with the globally recognized brand of McAfee, we see the long term opportunity to deliver products and services to address these risks in all aspects of their digital presence.”

Tech Earnings More

Romanian authorities have arrested two individuals suspected of cyber-attacks using the Sodinokibi/REvil ransomware. They are allegedly responsible for 5,000 infections, accounting for €500,000 in ransom payments, according to European law enforcement agency Europol.REvil has been one of the most notorious ransomware groups of 2021, responsible for hundreds of high-profile attacks around the world.A further suspected GandGrab affiliate was arrested by Kuwaiti authorities on the same day.In addition to these arrests, GoldDust, which is a 17-nation law enforcement operation, saw three additional arrests in February and April by authorities in South Korea against affiliates involved with REvil ransomware. Another affiliate, a Ukrainian national, was arrested at the Polish border in October following an international arrest warrant from the US. The Ukrainian suspect was arrested on suspicion of involvement in the Kaseya ransomware attack, which affected around 1,500 companies across the world. In total, the operation has resulted in seven arrests, and it’s the first time they’ve been disclosed publicly by law enforcement.SEE: A winning strategy for cybersecurity (ZDNet special report)    The operation involved police from countries around the world and international law enforcement agencies Europol, Eurojust, and Interpol. The arrests follow a joint operation which was able to intercept communications and seize infrastructure used during campaigns.

Operation GoldDust also received support from the cybersecurity industry from companies including Bitdefender, KPN, and McAfee. Researchers at Bitdefender provided technical insights throughout the investigation, along with decryption tools to help victims of ransomware attacks recover their files without having to pay the ransom.Decryption tools for several versions of GandCrab and REvil ransomware are available for free via the No More Ransom project. According to Europol, the REvil decryption tools have helped more than 1,400 companies decrypt their networks following ransomware attacks, saving over €475 million ($550 million) from being paid to cyber criminals.Europol supported the operation by providing analytical support, as well analysis into malware and cryptocurrency. The 17 countries participating in Operation GoldDust are Australia, Belgium, Canada, France, Germany, the Netherlands, Luxembourg, Norway, Philippines, Poland, Romania, South Korea, Sweden, Switzerland, Kuwait, the United Kingdom, and the United States.”These arrests illustrate what can be achieved when the public and private sectors pool their resources to fight cybercrime. This operation was an around-the-clock global effort to hunt down those responsible for the most devastating ransomware attacks in recent history leaving no stone unturned,” Alexandru Catalin Cosoi, senior director of the investigation and forensics unit at Bitdefender which aided investigations, told ZDNet.”The success of this operation is a wake-up call for cybercriminals. They should understand if they are caught in the crosshairs of an international effort to find them, they can’t hide,” he added.The arrests are the latest in a string of operations by law enforcement targeting ransomware operations. Last month saw a Europol-led operation target 12 suspects in Ukraine and Switzerland believed to be behind LockerGoga, MegaCortex, Dharma, and other ransomware attacks. It was also recently reported that law enforcement from multiple countries helped take down key elements of REvil.MORE ON CYBERSECURITY More

[embedded content]

Further details have been revealed concerning a 30-month investigation designed to disrupt the operations of the Clop ransomware group. 

In June, Ukrainian police arrested six suspects in 20 raids across Kyiv and other towns, seizing computers, technology, cars, and roughly $185,000. The Ukrainian National Police worked with law enforcement in South Korea on the raid, now known as Operation Cyclone.  Interpol, an inter-governmental organization focused on facilitating coordinated activities between police agencies worldwide, said last week that the operation was managed by Interpol’s Cyber Fusion Centre in Singapore. Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet, and Group-IB contributed threat intelligence through the Interpol Gateway project, together with police from Ukraine, South Korea, and the United States.  South Korean firms S2W LAB and KFSI also contributed Dark Web activity analysis.  South Korea was particularly interested in the arrests due to Clop’s reported involvement in a ransomware attack against E-Land. The ransomware’s operators told Bleeping Computer that point-of-sale (PoS) malware was implanted on the Korean retail giant’s systems for roughly a year, leading to the theft of millions of credit cards. 

Clop is one of many ransomware gangs that operate leak sites on the Dark Web. The groups will claim responsibility for a ransomware attack and will use these platforms for dual purposes: to facilitate communication with a victim to negotiate a blackmail payment in return for a decryption key — as well as to conduct further extortion by threatening to leak stolen, sensitive data on the portal if they do not pay up.  Clop has previously exploited zero-day vulnerabilities in the Accellion File Transfer Appliance (FTA) software, alongside other attack vectors, to claim high-profile victims including The Reserve Bank of New Zealand, Washington State Auditor, Qualys, and Stanford Medical School.  The six suspects are also accused of money laundering, as Clop overall is believed to have laundered at least $500 million obtained from ransomware activities. If convicted as part of the notorious group, the defendants face up to eight years behind bars.  “Despite spiraling global ransomware attacks, this police-private sector coalition saw one of global law enforcement’s first online criminal gang arrests, which sends a powerful message to ransomware criminals, that no matter where they hide in cyberspace, we will pursue them relentlessly,” commented Craig Jones, Interpol’s Director of Cybercrime. However, it should be noted that the six arrests in Ukraine have not stopped the Clop ransomware group’s activities or disrupted its leak site. It is believed the main operators of the ransomware are based in Russia.  Interpol added that Operation Cyclone “continues to supply evidence that is feeding into further cybercrime investigations and enabling the international police community to disrupt numerous channels used by cybercriminals to launder cryptocurrency.” In recent ransomware news, the US State Department has offered a bounty worth $10 million for information “leading to the identification or location of any individuals holding key leadership positions” in the DarkSide ransomware group.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

The Labor Party has vowed to set up a hub for monitoring and preventing scams if it is voted into Parliament at the next election to address the rising number of scams in Australia.The hub, labelled as an anti-scam centre, would look to make existing regulators, law enforcement officers, banks, telcos, and social media platforms all work together under the same umbrella to address scams. “AU$33 billion a year is being lost to criminals … We’ve got to do more. We’ve got to crack down on the illegal activity and we’ve got to do what we can to get the vectors of illegal activity, ensuring that they’re doing their bit as well,” Shadow Assistant Treasurer Stephen Jones said. In a scam report published by Microsoft in July, the company said 68% of Australians encountered some form of tech support scam, which was nine percentage points higher than the global average. In another scam report, Australia and New Zealand Group said it has seen a 73% increase in scams being detected or reported by customers, compared to the same time last year.  The Labor party also wants to create a new code of practice for fighting against scams and allocate AU$3 million over three years to community organisations that support those who have experienced ID theft, Jones said. In proposing this plan, Jones said Australia has been slow to address scams, pointing to how similar hubs have been established in Canada and the UK. “We should be treating [scams] like any other criminal activity. But we’re not, because Scott Morrison is asleep on the job. Of course, we want to stop this, but we know that some of it will get through. So we’ve got to do our bit to ensure that we are supporting the victims of illegal scamming,” he said.

The federal government has so far focused primarily on addressing scams through working with the telco sector. Last month, the government launched a new initiative with telcos to block scam text messages posing as legitimate government sender IDs, such as Centrelink, myGov, and the Australian Taxation Office. Prior to that initiative, the federal government rolled out a Reducing Scam Calls Code, which is a telco sector-specific code for blocking spam. Since it was adopted in December, telcos have blocked over 214 million scam calls. By comparison, telcos had blocked 30 million scam calls in the year prior to the code’s rollout.   During Senate Estimates, Home Affairs secretary Mike Pezzullo also said his department was looking to provide telcos more powers to block spam and malicious content under the Telecommunications Act. Related Coverage More

StackCommerce

There has never been a greater need for cybersecurity analysts because cybercrime attacks seem to be neverending these days. So if you want a well-paid career with long-term job security, you can develop the skills you’ll need with The 2022 Ultimate Cybersecurity Analyst Preparation Bundle. And for a limited time, you can use the coupon code SAVE15NOV during our sitewide pre-Black Friday sale to get 15% off and pay only $25.49.The “Ethical Hacking with Metasploit: Exploit & Post Exploit” course is a crowd favorite, with students rating it an impressive 4.8 out of 5 stars. It’s offered by Oak Academy, which was founded by a group of tech experts who offer constantly updated courses specializing in critical skills such as coding, cybersecurity, IT, mobile, app monetization, game development, and more. You’ll learn Linux commands, penetration testing, and much more.Find out how to detect, prevent and combat security threats and improve IT security overall in “Cyber Security Analyst & Enterprise Architecture”. If you have a basic understanding of HTML web apps, “Mastering Burp Suite Community Edition: Bug Hunters Perspective” will teach you how to use Burp Suite effectively for bug hunting, ethical hacking, and more.Learn how to master the tools that are essential to hackers, pen testers, and other security professionals in “PenTesting with OWASP ZAP: Mastery Course”. Cybersecurity is not all about coding, “Learn Social Engineering From Scratch” explains how to hack into personal devices and accounts.When you start applying for cybersecurity positions, certifications can really make your resume stand out among competitors. There are three courses in this bundle to help you pass the exams. “CySA+ Cybersecurity Analyst Certification Preparation Course (2022)” and “TOTAL: CompTIA CySA+ Cybersecurity Analyst (CS0-002)” prepare you for specific exams. “Cyber Security Certifications Practice Questions 2022” has the most recent practice questions for the CISSP, CISA, CISM, and Ethical Hacker exams.Since these courses are self-paced, you can complete them even when working full-time. However, boosting your productivity could help you squeeze in your lessons more comfortably. A second display might help you with that, so you may want to check out these 13 portable monitors on sale.Don’t pass up this opportunity to train as a cybersecurity analyst; get The 2022 Ultimate Cybersecurity Analyst Preparation Bundle while you can use the coupon code SAVE15NOV for a limited time only during our sitewide pre-Black Friday sale to get 15% off and pay only $25.49.

More ZDNet Academy Deals More

Four US Senators have introduced a new bipartisan amendment to the 2022 National Defense Authorization Act (NDAA) that will force critical infrastructure owners and operators as well as civilian federal agencies to report all cyberattacks and ransomware payments to CISA.Two Democrats — Gary Peters and Mark Warner — worked alongside two Republicans — Rob Portman and Susan Collins — to push the amendment, which they said was based on Peters and Portman’s Cyber Incident Reporting Act and Federal Information Security Modernization Act of 2021.The amendment only covers confirmed cyberattacks and not ones that are suspected. But it forces all federal contractors to report attacks. There is no fine component in the amendment, one of the many provisions senators had been fighting over for months. Victims organizations will have 72 hours to report attacks, another hotly debated topic among government cybersecurity experts. Some wanted it to be within 24 hours and others said it should be within a week.  But the 72 hour limit does not apply to all organizations. Some — which the senators said included businesses, nonprofits and state and local governments — would be forced to report ransomware payments to the federal government within 24 hours of payment being made. “Additionally, the amendment would update current federal government cybersecurity laws to improve coordination between federal agencies, force the government to take a risk-based approach to security, as well as require all civilian agencies to report all cyber-attacks to CISA, and major cyber incidents to Congress,” the senators said in a statement.”It also provides additional authorities to CISA to ensure they are the lead federal agency in charge of responding to cybersecurity incidents on federal civilian networks.”

Warner, chairman of the Senate Select Committee on Intelligence, said the SolarWinds hack changed how the government needs to approach cyberattacks.”It seems like every day, Americans wake up to the news of another ransomware attack or cyber intrusion, but the SolarWinds hack showed us that there is nobody responsible for collecting information on the scope and scale of these incidents,” Warner said.”We can’t rely on voluntary reporting to protect our critical infrastructure — we need a routine reporting requirement so that when vital sectors of our economy are affected by a cyber breach, the full resources of the federal government can be mobilized to respond to, and stave off, its impact. I’m glad we were able to come to a bipartisan compromise on this amendment addressing many of the core issues raised by these high-profile hacking incidents.”Peters, chairman of the Homeland Security and Governmental Affairs Committee, noted that cyberattacks and ransomware incidents have affected everything from energy sector companies to the federal government itself. He lauded the amendment for putting CISA “at the forefront of our nation’s response to serious breaches.”Portman explained that the amendment updates the Federal Information Security Modernization Act and gives the National Cyber Director, CISA, and other appropriate agencies “broad visibility” into the cyberattacks taking place across the country. “This bipartisan amendment to significantly update FISMA will provide the accountability necessary to resolve longstanding weaknesses in federal cybersecurity by clarifying roles and responsibilities and requiring the government to quickly inform the American people if their information is compromised,” Portman said. The $740 billion NDAA is sure to be passed before the end of the year but Senate Majority Leader Chuck Schumer faced backlash from Republicans and members of his own party this week for delaying the passage of the bill. The House approved their version of the bill in September and the House Armed Services Committee was finished with its version in July.It is unclear whether the cybersecurity provisions in the bill will change once Senate and House leaders reconcile their differing versions of the NDAA. While some companies and organizations have been reticent to embrace any mandatory cyberattack reporting measures, cybersecurity experts said overall, the country needs the rules in order to promote better habits. Hank Schless, senior manager at cybersecurity firm Lookout, said that as national security and cybersecurity become more intertwined, having acknowledgement of its importance from both sides of the aisle will help get more done. “This amendment follows suit of GDPR, which also requires organizations to inform any affected parties of a data breach within 72 hours. This holds organizations more accountable, and it will be interesting to see if there are any fines associated with failure to report these incidents as there are with GDPR. What’s interesting is that most entities will be required to report whether they paid the ransom in the event of a ransomware attack. It’s hard to guess what type of impact this may have,” Schless said. “If they’re required to disclose when payment is made, perhaps these entities will be less willing to pay the ransom. Seeing this type of action at the Federal level shows that the US may be closer to implementing a nation-wide data protection policy that’s the equivalent of GDPR. Regardless of whether that ends up being the case, seeing this type of action at the highest level is encouraging for the future cyber defenses of the nation.”Rick Holland, CISO at Digital Shadows, said the status quo isn’t working and expressed support for breach notification and ransomware payment requirements. “We don’t have a holistic view of how bad the problem is, and reporting mandates can at least quantify the scope of the issue. The challenge is that reporting isn’t addressing the root cause of these incidents. The status quo is analogous to patients with chronic illnesses like heart disease; it has taken years to get to this state. There isn’t a magical intervention that will mitigate the risk overnight,” Holland said. He went on to compare the amount of funding designated for cybersecurity to the funding given to fighter jet programs and other defense priorities. “We have to address the root causes of the illness, not just the symptoms. Coordination and reporting won’t solve our problems; organizations need to invest in cybersecurity, starting with people,” Holland added. “Cybersecurity needs to have the same priority as these ‘next generation’ weapons systems.”  More