2021 First Quarter Review
As we look back at our most recent breach activity during the last 90 days, we see a pattern emerging which is a departure from the historic norm, and one which likely portends a difficult future state.
It is a state with which we are unprepared to assimilate, due to the ‘protect and defend’ architectural design of our cyber-defense technologies, combined with our constitutional guardrails, and our confirmation biases toward our adversaries.
To wit, 99+% of our software tools are not engineered to detect or discover threat vectors like those used in the SolarWinds, Accellion and Microsoft attacks and our rule of law, which currently prevents the execution of offensive techniques and tactics outside our networks. We are also inclined to believe that cybercriminals are seeking immediate financial rewards (ransomware) or the extraction of data which, when combined with other data creates assets of value that can be sold on the dark web for delayed financial benefit.