Looking for an introduction to AI for security professionals?
Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.
December 20, 2017.
By The CyberWire Staff
All Five of the Eyes are glaring like basilisks toward Pyongyang, which they agree was responsible for WannaCry. Some conclude that collective defense works (albeit abetted in this case by someone lucking into the kill-switch) because the outbreak could have been far worse. (US networks proved generally resistant to the campaign.) The White House drew particular attention to Facebook account takedowns and Microsoft fixes as providing valuable and ongoing defense against North Korean cyberattacks.
Two questions at least remain. First, if you wished to deter similar attacks, how might you retaliate? You can hack until the ones and zeros jump, but it's not clear doing so will seriously affect North Korea's regime absent identification of something the regime values that one could hold at risk. Blame, shame, and further isolation may be the best anyone can do, some suggest. And second, how did the alleged NSA exploits used in WannaCry get loose into the hands of the ShadowBrokers in the first place?
Pyongyang hasn't had much to say about the latest round of accusations, but it has denounced earlier attributions as slander and provocation.
The DPRK's current interests appear to lie in cryptocurrency, with the Lazarus Group paying a great deal of attention to hacking wallets and catphishing people with access to alt-currencies.
Another cyber espionage campaign has been spotted in the Middle East. Nyotron security researchers call it "Copperfield." It's an evolution of the H-Worm (also called "Houdini") that emerged from Algeria four years ago. No firm attribution yet.
Today's issue includes events affecting Australia, Canada, European Union, Democratic Peoples Republic of Korea, Republic of Korea, Netherlands, New Zealand, Norway, Romania, Russia, United Kingdom, United States.
How are you handling your cloud monitoring and security?
Cloud providers offer many security measures, but you’re ultimately responsible for securing your own data. While 53% of organizations are training their staff to manage cloud security, 30% of organizations plan to partner with an MSP. In our white paper, we discuss the considerations you need to make before choosing a solution.
Earn a master’s degree in cybersecurity from SANS(Online, December 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, December 21st, at 12:00pm noon ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.
What North Korea's WannaCry attack shows us(CNN) DHS official Christopher Krebs says protective measures prevented significant damage to the United States -- our networks withstood the onslaught, and our response efforts prevented an unchecked ransomware attack.
US short of options to punish North Korea for serious cyberattack(Military Times) The Trump administration vowed Tuesday that North Korea would be held accountable for a May cyberattack that affected 150 countries, but it didn’t say how, highlighting the difficulty of punishing a pariah nation already sanctioned to the hilt for its nuclear weapons program.
U.S. says Facebook and Microsoft disabled North Korean cyber threats(Reuters via VentureBeat) Facebook Inc and Microsoft Corp disabled a number of North Korean cyber threats last week, a White House official said on Tuesday, as the United States publicly blamed Pyongyang for a May cyber attack that crippled hospitals, banks and other companies.
North Korea's new front: Cyberheists(The Straits Times) The messages are alluring, the pictures are attractive. But the women seeking to beguile South Korean Bitcoin executives could actually be hackers from Pyongyang in disguise, experts warn.. Read more at straitstimes.com.
Buyers Beware of Tampered Gift Cards(KrebsOnSecurity) Prepaid gift cards make popular presents and no-brainer stocking stuffers, but before you purchase one be on the lookout for signs that someone may have tampered with it.
Tim Matthews Joins Exabeam as Chief Marketing Officer(EconoTimes) SAN MATEO, Calif., Dec. 19, 2017 -- Exabeam, the leader in Security Intelligence Solutions, today announced that Tim Matthews has joined the company as chief marketing officer. In this role, he will drive global brand...
Who (or What) Can You Trust?(CIO) CIO.com delivers the latest tech news, analysis, how-to, blogs, and video for IT professionals. Covers apps, careers, cloud computing, data center, mobile, outsourcing, security, social media, hardware and software.
Electromagnetic emissions from smartphones analyzed for security vulnerability(EurekAlert!) Researchers at Universidad Carlos III de Madrid (UC3M) and the Consejo Superior de Investigaciones Científicas-CSIC (Spanish National Research Council) are developing a tool that enables cell phones to be analyzed in order to determine if they could undergo a cyber-attack to obtain encryption keys through their electromagnetic emanations.
Urgent: We Only Have Hours Left to Stop the NSA Expansion Bill(Electronic Frontier Foundation) According to reports published Tuesday evening by Politico, a group of surveillance hawks in the House of Representatives is trying to ram through a bill that would extend mass surveillance by the National Security Agency. We expect a vote to happen on the House floor as early as tomorrow,...
Five arrested for spreading ransomware throughout Europe and US(Europol) During the last week, Romanian authorities have arrested three individuals who are suspected of infecting computer systems by spreading the CTB-Locker (Curve-Tor-Bitcoin Locker) malware - a form of file-encrypting ransomware. Two other suspects from the same criminal group were arrested in Bucharest in a parallel ransomware investigation linked to the US.
Cybersecurity Co. Brings Defamation Suit Against Condé Nast(Law 360) Chicago-based cybersecurity company Keeper Security Inc. sued Condé Nast and its technology magazine Ars Technica along with the magazine’s security editor in Illinois federal court on Tuesday, claiming an article run on Ars Technica’s website last week defamed the company by including “misleading" information about the company, thereby harming it.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CYBERTACOS(Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...
2018 Leadership Conference(Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.
Connected Medical Device & IOT Security Summit(Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...
CyberUSA(San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.