Widespread reports, sourced to "senior Administration officials unwilling to speak on the record," say the US has fingered the North Korean government as responsible (or at least "centrally involved") in the Sony hack. Some observers (notably Graham Cluley and Wired) think evidence of DPRK involvement is thin. Most, however, find the story convincing. Policy wonks and international lawyers speculate about US Government action should the attribution hold up. Mount a cyber counteroffensive? Wage lawfare against the financial interests of Kim Jong-un's associates? Do nothing? (Some point out that doing nothing risks emboldening known cyber adversaries Russia, China, and Iran.)
Whatever the attack's provenance, it's had considerable effect. Sony has deep-sixed "The Interview," and Fox has cancelled plans for a North-Korea-themed thriller. Officials dismiss the credibility of terror-attack threats, but many observers think caving in on movie projects gave attackers what they wanted, setting a bad precedent.
Elsewhere, the Kims have competition as media critics: the Syrian Electronic Army hacked the International Business Times to protest "bias." More seriously and lethally, ISIS appears to be working in cyberspace to identify and locate unsympathetic citizen journalists.
In cyber criminal circles, OphionLocker ransomware can now identify individual machines, thereby avoiding unprofitable re-attacks. Akamai warns of "Xsser," a mobile RAT affecting Android and iOS devices. Banking Trojans active against South Korea are using Pinterest for command-and-control. Applications are becoming increasingly attractive targets.
Want to see the effects of the burgeoning IoT? Watch what happens December 25, when connected presents are unwrapped and powered up.
Today's issue includes events affecting Australia, China, India, Indonesia, Iran, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Nepal, Netherlands, Organization of American States, Qatar, Russia, Saudi Arabia, Suriname, Syria, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
U.S. Said to Find North Korea Ordered Cyberattack on Sony(New York Times) American officials have concluded that North Korea was "centrally involved" in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North's leader that is believed to have led to the cyberattack
U.S. Said Set to Blame North Korea for Sony Cyber Attack(Bloomberg) U.S. officials plan to announce this week that North Korea is behind the cyber-attack that crippled Sony Pictures Entertainment computers and forced the studio to pull "The Interview," a person briefed on the FBI probe said
International Law and Cyber Attacks: Sony v. North Korea(Just Security) It could only happen in the movies. A major Hollywood company produces a film starring well-known comedic actors which involves the tongue-in-cheek assassination of the leader of a remote and rather bizarre dictatorship. The "supreme leader" apparently orders a secret group of cyber warriors calling themselves "The Guardians of Peace" (in actuality, the State-run "Bureau 121") to retaliate by attacking the company's IT system. Data is destroyed, sensitive personal data and highly embarrassing emails are made public and, worst of all, the script for the new James Bond movie is leaked. The international community is outraged, with some pundits calling it "war," while others claim that the operation has crossed the armed attack threshold thereby allowing the United States to respond forcefully. Send in the 7th Fleet
DHS Not Ready to Torpedo 'The Interview' Opening(Roll Call) International troublemakers Seth Rogen and James Franco may be ready to run for cover from the mystery hackers who've brought Sony to its horribly bruised knees, but the feds see no reason (yet) to deprive moviegoers of a few laughs on Christmas
North Korea-Based Thriller With Gore Verbinski And Steve Carell Canceled(Deadline Hollywood) EXCLUSIVE: The chilling effect of the Sony Pictures hack and terrorist threats against The Interview are reverberating. New Regency has scrapped another project that was to be set in North Korea. The untitled thriller, set up in October, was being developed by director Gore Verbinski as a star vehicle for Foxcatcher star Steve Carell. The paranoid thriller written by Steve Conrad was going to start production in March. Insiders tell me that under the current circumstances, it just makes no sense to move forward. The location won't be transplanted. Fox declined to distribute it, per a spokesman
Sony Pictures Employees Now Working In An Office "From Ten Years Ago"(TechCrunch) "It's been different for everyone," she said. She was upbeat, optimistic, even after finding out her bank account information had been traded on a black market website. She was worried her identity had also leaked. She imagined her private information on some forum somewhere and shuddered. She had a right to be concerned
Is ISIS Trying To Unmask Syrians With Malware?(Forbes) It's not for certain, but a report today has suggested the Islamic State of Iraq and Syria (ISIS) or its supporters are trying to [identify and locate] citizen journalists critical of its actions. The aim of the attacks on the Raqqah is being Slaughtered Silently (RSS) campaign group was to unmask its operators' location. As reports have indicated ISIS has brutally shut down any form of activism in Ar-Raqqah, any information on RSS' whereabouts could put their lives in danger, according to the report by Citizen Lab, a research group primarily focused on digital attacks targeting activists
Hacked emails reveal China's elaborate and absurd internet propaganda machine(Quartz) "NOTICE: We request every internet commenter carry out the following task today," begins an email from the supervisor. It's just another day in the propaganda department of Zhanggong, a district in southeast China's modestly sized city of Ganzhou. Employees and freelancers are paid to post pro-government messages on the internet, part of a broader effort to "guide public opinion," as the Chinese Communist Party frequently puts it
Your Browser is (not) Locked(Microsoft Malware Protection Center) Most ransomware has a binary file that needs to be executed before it can infect your PC. Ransomware usually relies on social engineering or exploits to infect unsuspecting users. However, some malware authors are bypassing this requirement with a new trick — browser lockers
Security Firm Faults Coolpad Software(Nasdaq) Silicon Valley online security firm Palo Alto Networks Inc. said some mobile phones made by Chinese smartphone maker Coolpad Group Ltd. contain software that allows the handset vendor to install applications onto users' phones without their knowledge, raising privacy and security concerns
CyActive Analysis Reveals Staggering 35 Reused Components in Top Five Malware Attacks of 2014(PRNewswire) Following a year of massive security breaches that targeted some of the world's largest financial and retail institutions as well as governments and militaries, cyber security startup CyActive today released "Cyber Security's Infamous Five of 2014". The comprehensive analysis identifies the top five malware that returned the highest ROI for hackers with the least effort per dollar — achieved by recycling code and using the same methods from previous malware attacks to once again inflict damage. All in all, there were 35 reused components in the top five attacks
The Ultimate Goal of Digital Attacks(Trend Micro: Simply Security) For the final blog post in the series supporting the release of our Q3 Threat Roundup "Vulnerabilities Under Attack" I was asked to write "an analysis of security challenges faced by users." Fortunately I have the source material of the Threat Roundup to stick to because really, that's a subject deserving of a series in its own right
Cybersecurity Breaches Making Users More Savvy, but Vulnerabilities Persist(SIGNAL) Sensational data breaches such as the recent hacking of Sony Pictures Entertainment, in which employees' personal information such as Social Security numbers, salary details and emails not only were stolen but publicly disseminated, make for great headlines and capture people's attention — mainly because the public can relate to the breaches. The headline-grabbing attack leaves people thinking that this could happen to them
December 25: The Day Internet of Things Devices Go Online En Masse(Fast Company) This Christmas, experts have worried about the way that the "Elf on the Shelf" conditions their kids to accept a surveillance state. But the actual monitors are more likely to be under the tree: For kids, the RC helicopter gets connected to a smartphone and the cute little robot has to get set up with its own social network to the list. And it's the same with gifts to adults: the Wi-Fi-enabled coffee maker, the smart watch that gives you weather and traffic alerts or a smart home kit that lets you turn off the lights or shut off your water with the touch of a button
Emerging Threats in the APT World: Predictions for 2015(Sys-Con) For several years now, Kaspersky Lab's Global Research and Analysis Team (GReAT) has shed light on some of the world's biggest Advanced Persistent Threat (APT) campaigns, including Red October, Flame, NetTraveler, Miniduke, Epic Turla and Careto/Mask
Fears over the IT security of new banks are overblown(ComputerWeekly) Challenger banks such as PayPal, as well as internet giants such as Google, are perceived to be less secure than traditional banks when it comes to protecting personal data. But is this the case?
Security appliances continue growth trajectory(IT-Online) According to the International Data Corporation (IDC) Worldwide Quarterly Security Appliance Tracker, both factory revenue and unit shipments continued to grow in the third quarter of 2014 (3Q14). Worldwide vendor revenue grew 10% year over year to nearly $2,4-billion for the 20th consecutive quarter of positive growth
Medical Device Cybersecurity: One-off or Overall Strategy?(Veracode) According to recent data from MarketsandMarkets, the market for portable medical devices will be worth $20 billion by 2018. One key factor in this growth is the "availability of a wide range of medical software applications" that allows manufacturers and health agencies to custom-design medical devices to meet specific needs
Will Smartwatches' Vulnerability to Hackers Be a Big Setback?(Wall Street Cheat Sheet) Smartwatches communicate constantly with smartphones, passing information about text messages, meetings, Facebook notifications, and biometric measurements back and forth countless times a day. But researchers have shown that all of those communications may not be as secure as we'd like to believe. A vulnerability that exists due to the way the Android Wear operating system handles Bluetooth communications leaves users' messages, biometric data, and any other information passed between the smartwatch and a paired Android smartphone susceptible to interception by hackers
Rapid7 Receives $30 Million Investment to Accelerate Growth and Strong Traction of New Security Data Analytics and Strategic Services Offerings(Rapid7) Rapid7, a leading provider of security analytics software and services, today announced that it has received $30 million in additional funds from its long-standing investors, Bain Capital and Technology Crossover Ventures (TCV). The stockholders increased their investment in Rapid7 to enable the Company to maximize on the incredible growth opportunity presented by its latest innovative technology and strategic security services, which help customers radically improve security incident detection and speed response, and build better enterprise security programs. Interest in these offerings has been so compelling that Rapid7's leadership and investors capitalized on a timely opportunity to further the development of the solution and market while continuing to drive innovation in the Company's core threat exposure management portfolio
Sansa Security Announces Membership in the Thread Group(Marketwired) Sansa Security, a leading provider of embedded security technologies, today announced that it has joined the Thread Group, an industry organization dedicated to market education and product certification for Thread, a low-power, wireless mesh networking protocol designed to easily and securely connect hundreds of devices in the home
LightCyber Appoints Gonen Fink as CEO, Spearheads Active Breach Detection Market(PRNewswire) LightCyber, a leading provider of Active Breach Detection solutions, announced today that Gonen Fink was recently appointed as the company's CEO. The company also announced the establishment of its global sales and marketing headquarters in Los Altos, CA, as well as the expansion of R&D operations in Israel
AXON Ghost Sentinel, Inc. Names Michael Markulec as President & CEO(PRWeb) AXON Ghost Sentinel, Inc. (AGS) announced that its Board of Directors has appointed Michael Markulec as President & CEO, effective immediately. Mr. Markulec assumes the CEO role previously held by Kent Murphy who will become Chairman of AGS's board of directors, and President's role from Hugh Brooks who will now lead product development
Google Chrome tops list for security vulnerabilities… and it's not a bad thing(PC Pro) A report from software vulnerability experts Secunia has revealed that security flaws in Google Chrome rose from 64 in August 2014 to 162 in October of the same year. Fellow web browser Avant was next highest-listed software product with 159, before the figures fell sharply with iTunes' comparatively low number of 83 vulnerabilities
Norton Security 2015 Review: One Size Fits All(Tom's Guide) A good antivirus program is a critical part of any PC software suite, and one of the best options is Norton Security 2015, which includes a sleek, well-organized interface, a top-notch antivirus engine and many other security and privacy features
Stop Waiting For File Encryption With TrueCrypt Alternative By Jetico(Herald Online) Jetico, leading developer of security software, has announced the immediate availability of BestCrypt Container Encryption version 9.0. Jetico's long-trusted file encryption offers a unique advantage in its TrueCrypt alternative by delivering instant access to dynamic containers. Already fully compatible with Windows® 8, this new version allows users to encrypt files on Windows® 10 Technical Preview
Recorded Future Launches New Cyber Threat Insights Report: Valuable context for defenders(CTOvision) Recorded Future has launched a new free service for cyber defenders which I am finding valuable for situational awareness. This new cyber daily provides technical indicators and context around vulnerabilities making them more understandable and helping put them in context. My view is their report can be helpful to both security executives and more operational and tactical defenders since it can help both prioritize actions and discuss the need to mitigate specific concerns
Hey, You, Get Off of My Cloud! Cloud Security Basics(B2C) Lately, it seems like everyone is "in the cloud"; big corporations, small businesses — you name it. But as we've learned time and time again, great technological advances don't come without security risks. Though it's quickly been adopted by organizations all over the spectrum, cloud computing is still a fairly new concept and, as with anything new in our technological age, it can take a while for security measures and legal policies to catch up. For now, that means it's your job to make sure your information, and that of your customers, is protected
Complex Solutions to a Simple Problem(KrebsOnSecurity) My inbox has been flooded of late with pitches for new technologies aimed at making credit cards safer and more secure. Many of these solutions are exceedingly complex and overwrought — if well-intentioned — responses to a problem that we already know how to solve. Here's a look at a few of the more elaborate approaches
Attack on classical cryptography system raises security questions(Phys.org) How secure is completely secure? In the world of secure communication, a scheme may be completely secure until it's not — that is, until an attack is proposed that reveals a weak spot in the scheme. This is what's currently going on for Kish key distribution (KKD), which claims to derive total and unconditional security using classical rather than quantum techniques, thus avoiding the complexity and expense of quantum cryptographic schemes. But now a new paper has uncovered a vulnerability in KKD that enables an eavesdropper to correctly determine more than 99.9% of the transmitted bits. Fortunately, countermeasures may exist to protect against this attack and regain the system's security
DHS cyber division opens up on R&D(FCW) While the Department of Homeland Security regularly spins off other federal agencies' technologies into the private sector for further development, it has also been doing the same — with less fanfare — for DHS-developed cybersecurity technologies
OAS Begins Supporting Suriname in the Development of a National Cyber Security Plan(SKNVibes) The Organization of American States (OAS) today concluded a two-day mission in Suriname for preparatory meetings geared towards information gathering to assist in the development of a National Cyber Security Plan. This mission consisted of an initial assessment of the current cyber security situation in the country, through the convening of stakeholders from a number of sectors, such as government, civil society, academia, and critical infrastructure operators. Facilitated by OAS experts, discussion groups were organized to identify cyber security gaps and needs
Obama signs $1.1T spending bill into law(Military Times) President Obama signed the $1.1 trillion federal spending measure into law Tuesday, officially ending any threat of a government shutdown over the holidays
Congress sets limits on overseas data collection(Washington Post) A little-noticed provision in the Intelligence Authorization Act passed by Congress last week puts restrictions on spy agencies' ability to keep communications collected overseas, but critics say it does not go far enough to protect Americans' privacy
NACS Sends Letter Addressing Errors in Recent Testimony(National Association of Convenience Stores) Earlier this week NACS sent a joint trade association letter to Thomas Curry, Comptroller of the Currency, in response to some inaccurate testimony his agency provided during a cybersecurity hearing in the Senate Banking Committee on December 10. The testimony, offered by Valerie Abend, senior critical infrastructure officer from the Office of the Comptroller of the Currency (OCC), was startlingly uninformed about the way the payment card system allocates data breach liability and did not address the focus of the hearing: enhancing cybersecurity coordination to protect the financial sector
Health Care Industry Puts a Price Tag on Unpatched Software(WindowsITPro) Last week it was reported that federal regulators have issued a sanction against an Alaskan mental health service provider, due to, of all things, not being up-to-date on software patches. Fined $150,000 by HIPAA, Anchorage Community Mental Health Services failed to apply available software patches and was subsequently infected with malware that led to personal information being absconded from 2,700 individuals
Microsoft and Jakarta police team up to educate public on dangers of pirated software(Tech in Asia) In a report by Akamai Technologies last year, Indonesia was ranked as the number one source of hacking-related traffic in the world, overtaking China. The country is also a place where pirated software is used ubiquitously by individuals and businesses alike. Because pirated software often contains malicious malware, the widespread use of inauthentic software in Indonesia brings large potential threats each day to the nation's digital infrastructure
Navy engineer pleads not guilty to charges(Daily Press) A York County man accused of attempting to send to Egypt sensitive designs for the nation's newest aircraft carrier pleaded not guilty Wednesday to the two federal charges against him
Teenager pleads guilty to massive Spamhaus DDoS attack(Naked Security) A 17-year-old London schoolboy who was arrested last year has pleaded guilty to a distributed denial of service (DDoS) attack of unprecedented ferocity launched against the Spamhaus anti-spam service and internet exchanges, including the London Internet Exchange
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybersecurity World Conference(New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting...
FloCon 2015(Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
FIC 2015(Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.