[ This article was originally published here ]
By: Joe Fay
U.S. looks for half a million cybersecurity professionals, ransomware victims less likely to pay up, analyst warns on Chinese smart device spy threat…but RSA encryption safe from Quantum cracking for now.
U.S. struggles with shortage of cybersecurity pros
New research suggests the U.S. is short over half a million cyber security workers, though demand cooled slightly in the last two months of 2022. The total number of employed cybersecurity workers held steady at 1.1 million through 2022, according to figures from Cyberseek, the National Initiative for Cybersecurity Education at NIST and CompTIA-backed workforce analytics site. The supply-demand ratio currently stands at 68 workers per 100 job openings, up slightly from the previous year’s ratio of 65 to 100. The figures also showed that public sector demand for cybersecurity pros grew 25 percent, compared to 21 percent in the private sector.
Ransomware victims not paying up
Ransomware victims are less likely to pay out to attackers, research by blockchain data platform Chainalysis says. Total pay-outs were $457 million in 2022, the firm’s research claimed, though it added the true figure was likely much higher. This is a massive jump on the $46 million extorted in 2017, but a big drop on the $766 million criminals harvested in 2021. The researchers said ransomware gangs faced increased pressure from Western law enforcement, while the Russia-Ukraine conflict had also likely disrupted their operations. Paying ransoms had also become riskier, as this could breach sanctions regimes, while insurance firms were imposing stricter criteria. The drop in payouts came despite an explosion in “unique ransomware strains” last year, with over 10,000 active in the first half of the year. At the same time, the average lifespan of a strain was 70 days, compared to 153 the previous year.
Ukraine extends cyber cooperation with NATO
Ukraine has signed a formal agreement to participate in NATO’s Joint Centre for Advanced Technologies in Cyberdefense. The Estonia-based organization spans research and training, and provides assistance with technology, threat-sharing and policy. While membership is not restricted to NATO partners, the move is likely to further inflame Moscow’s attitude to the alliance. While the move no doubt benefits Ukraine, the center will also gain from Ukraine’s experience dealing with cyberattacks before and since Russia’s invasion almost a year ago.
Chinese cellular IoT warning sparks lightbulb spying fears
A Washington D.C.-based consultancy has warned about the danger of Western reliance on Chinese cellular IoT modules, claiming that the Chinese Communist Party “wishes to dominate the market for cellular IoT Modules”. This in turned creates a vast opportunity for data collection and sharing, accordind to a repor from Ooda, which can be used to support China’s propaganda and intelligence operations, as well as constituting an economic threat. The report prompted a slew of popular press stories about how Beijing could be spying on Western citizens via their TVs, coffee machines and smart bulbs.
RSA encryption safe from Quantum for now
While the threats come thick and fast, there’s one that we shouldn’t have to worry about – for a while at least. The Register reported that researchers at Fujitsu estimate that cracking RSA encryption would require a fault-tolerant quantum computer with 10,000 qubits and 2.23 trillion quantum gates – and around 104 days to chew away at the problem. By comparison, IBM’s Osprey processor, unveiled in November, sports 433 qubits, with a 4158 qubit system due by 2025.
Ad