Symantec’s 2018 Internet Security Threat Report is here. Based on data collected by Symantec’s massive security infrastructure (the largest civilian threat collection network in the world), the report has become the de facto standard for giving enterprises and public organizations essential information to help secure their systems effectively.

By the nature of the topic, the report isn’t an easy read. Expect to be perturbed. However, the insights provided into today’s rapidly evolving threat landscape are invaluable.

Another day, another government ransomware victim. On March 22^nd, 2018, the city of Atlanta found itself locked out of computers across government offices and facing a ransom demand of $51,000 or $6,800 per computer, GCN reported.

Ransomware is quickly becoming the favored means for criminals to extract a profit from unsuspecting villains – most notably in the public sector. Throughout 2017 ransomware grabbed the headlines – WannaCry, Petya, etc. – both of which targeted government agencies. When they succeed the implications can be serious.

Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.

The Threats

Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.

The Threats

Ransomware tops today’s list of security concerns for governments, and no agency is immune. Just look at the statistics:

• Cook County, Chicago was a victim of last year’s WannaCry ransomware attack.
• St. Louis Public Library was hit with ransomware, demanding $35,000 in Bitcoin.
• Bingham County, Idaho paid out #3,000 in ransomware to restore its servers.

Cybersecurity skills shortages are nothing new. But new research shows that they are creating recruiting chaos.

How secure is your user access to AWS infrastructure and workloads? Security to protect every user’s access to apps, endpoints and infrastructure when moving to the cloud is a hot topic. AWS’ shared responsibility model means that security and compliance is just that, shared between AWS and the customer.

When it comes to network modernization and security, federal IT may be experiencing a case of dueling personalities. On one side, network modernization is essential to a better security posture. This is because outdated legacy IT systems are more prone to vulnerabilities and were never designed to handle today’s threat landscape. However, the very act of modernizing networks may actually be making those networks less secure, at least in the short term.

From Equifax to Yahoo, WannaCry and Petra, every month seems to bring with it yet another high-profile attack. Vendors roll out patches and fixes, and questions are asked across the political and security communities.