The US Intelligence Community on Friday released its promised report on Russian election hacking. (The report had been expected some time this week, but it was issued soon after the President-elect was briefed on its contents.) The work of the CIA, FBI, and NSA, the report as expected is longer on conclusions than it is on evidence, evidence usually being more sensitive than conclusions, because likelier to reveal sources and methods.
Those conclusions are that the Russian government sought to influence the US presidential election, with a goal of ensuring that either major candidate would wind up either compromised, indebted, or damaged. The analysis holds that President-elect Trump was the Russians' preferred candidate, although their efforts were for some time premised on the assessment that former Secretary of State Clinton would be the eventual winner.
The Senate Select Committee on Intelligence will begin an investigation tomorrow. Initial reactions range from outrage against Russia's activities to skepticism (especially in RT, unsurprisingly, but in other quarters, too) concerning evidence in the analysis. The analysis is brief and worth reading. Two mild surprises: part of the Russian motivation seems to have been retaliation for embarrassment by the World Anti-Doping Agency, and the UK's GCHQ may have tipped US intelligence off to some Russian activity.
In other news, the Baltic News Agency, which reports on Latvia, Lithuania, and Estonia, sustained a denial-of-service attack late Friday. The DragonOK APT group, linked to China's PLA, is said to be newly active against Tibetan and Russian targets.
If you've been enjoying the podcasts, please consider giving us an iTunes review.
A special edition of our Podcast is also available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Ukraine's military denies Russian hack attack(Yahoo! News) Kiev (AFP) - Ukraine's military on Friday denied reports claiming Russia may have hacked targeting software for its heavy artillery in a breach that could have helped Moscow track and destroy Kiev's big guns
US Power Grid in Imminent Danger of Cyber-Attack(Financial Tribune) The US Energy Department says the electricity system "faces imminent danger" from cyber-attacks, which are growing more frequent and sophisticated, but grid operators say they are already on top of the problem
Browser Autofill Profiles Can Be Abused for Phishing Attacks(Bleeping Computer) Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form
Merry X-Mas ransomware from Sunday 2017-01-08(ISC Storm Center) On Tuesday 2017-01-03, BleepingComputer published an article about "Merry X-Mas Ransomware". This ransomware was first seen by people like @PolarToffee, @dvk01uk, and @Techhelplistcom. Merry X-Mas Ransomware was first reported as distributed through malicious spam (malspam) disguised as FTC consumer complaints
Ransomware to dominate cyber security landscape(SecurityBriefNZ) Ransomware will continue to dominate the cyber security landscape, with a new report from security specialists ESET forecasting the ‘year of ransomware’ will continue into 2017
Security Patches, Mitigations, and Software Updates
Google Patches Android Custom Boot Mode Vulnerability(Threatpost) A high-risk Android custom boot mode vulnerability was one of many bugs patched by Google as part of its January Android Security Bulletin released earlier this week. On Thursday, the IBM security team that discovered the vulnerability disclosed details about the flaw which leaves Nexus 6 and P6 model handsets open to denial of service and elevation of privilege attacks
Apache Jackrabbit 2.14.0 released(Apache Software Foundation) The Apache Jackrabbit community is pleased to announce the release of Apache Jackrabbit 2.14.0 The release is available for download at
After a terrible year for cybersecurity, will 2017 be any better?(Help Net Security) From a cybersecurity perspective, 2016 was a very devastating year for companies, schools, government agencies, organizations and even presidential campaigns. What we’ve learned from a record year for breaches, hacks, phishing, malware, and ransomware is what we’ve known all along: cyber criminals are clever and they are not bound by any rules or real strategy
New year, new patches: A look back and what to expect in the future(Help Net Security) As to be expected when ringing in a new year, there are predictions galore flooding social media and that includes the cybersecurity space. Predications are more than just possibilities when it comes to landscape we now know as IoT-based on the trends that ushered out 2016
No Computer is Safe: Now What?(LinkedIn) The quote "Technology is not the measure of a great civilization" from the first episode of The Man in the High Castle is timely given media headlines on President-elect Trump's remark that "no computer is safe." Since global critical infrastructure depends on computers for virtually everything--finance, transport, health, manufacturing, energy, military operations--his statement appears to offer a shaky start to the new year
Tech security: oldies getting it in the neck again(Naked Security) Another day, another survey – this time telling us that older people are increasingly susceptible to online fraud. According to the Daily Mirror, one million (sorry, one MILLION) older people may have fallen victim to an online scam
BlackBerry and Giuliani partner in cyber security venture(The Stack) BlackBerry has been selected by Giuliani Partners to support cyber security consulting services to the government and to private firms. The recently released BlackBerry Secure platform will provide the underlying software for the firm’s cyber security consulting product
Palo Alto Networks Will Deliver Robust Annual Upside In The Long Run(Seeking Alpha) Palo Alto's market share will triple in the coming years, which will lead to strong revenue growth as the end market expands. Its annual revenue could increase to $5.3 billion in the next three years as compared to $1.5 billion in revenue in the past year. Due to the robust revenue growth, Palo Alto could deliver annual gains of 50% going forward, based on its price-to-sales ratio. The company will also witness robust earnings growth as its revenue increases, driven by its complete suite of cybersecurity solutions as compared to rivals
Spotlight: How a Social Media Expert Finds Website Security(Sucuri Blog) With the new year upon us, it makes sense to reflect on how things have changed. Our Malware Research and Incident Response teams just published their latest report on trends in website security, and in the coming weeks we plan to write about the latest upgrades to the Sucuri dashboard
Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems(Techdirt) Techdirt has been worried by problems of e-voting systems for a long time now. Before, that was just one of our quaint interests, but over the last few months, the issue of e-voting, and how secure it is from hacking, specifically hacking by foreign powers, has become a rather hot topic. It's great that the world has finally caught up with Techdirt, and realized that e-voting is not just some neat technology, and now sees that democracy itself is at play. The downside is that because the stakes are so high, the level of noise is too, and it's really hard to work out how worried we should be about recent allegations, and what's the best thing to do on the e-voting front
A Step-by-Step Guide for Responding to and Protecting against Identity Theft(No Identify Theft) This step-by-step guide will help you to regain control of your financial life at a time when people feel helpless and are uncertain what to do. We will go over every aspect of identity theft, including websites to visit, organizations to contact, forms to fill out, samples of the kinds of letters to send, prevention, and more
What is happening with Russia and the USA?(Affairs Today) It’s no secret that Russia and the US have always had a slightly strained relationship, often stemming from their different ideologies. This relationship has steadily worsened in recent years due to the crisis in Ukraine, Russia’s annexation of Crimea and the differing opinions over Russian military intervention in the Syrian Civil War. It appears as if relations have reached an all-time low, especially, with the recent on-going hacking scandal
Russia’s election intervention is ‘new reality, new weapon’(PBS News Hour) One day after top U.S. intelligence officials showed him the classified evidence that Russian President Vladimir Putin ordered a hacking campaign to influence the election in his favor, President-elect Trump said Russia could become an ally during his administration. In a series of tweets this morning, Mr. Trump said in part, quote, “When I am president, Russia will respect us far more than they do now, and both countries will perhaps work together to solve some of the many great and pressing problems and issues of the world”
To counter Russian ‘information war,’ DNI advocates rebuilding U.S. Information Agency(Federal News Radio) A declassified report the intelligence community is set to release to Congress and the public next week on alleged Russian interference with the 2016 presidential election will assert that cyber attacks were only one part of a complex and adeptly executed information campaign — one that the nation’s top intelligence officer says the U.S. is inadequately equipped to counter
Obama admits underestimating impact of Russian hacking(India Today) "I think the report (of the intelligence community on election hacking) is very clear," Obama said about the report which alleged that the Russian President Vladimir Putin had ordered for hacking and interfering into the US election system
Questions about Russia swirl as Trump enters critical week(Press of Atlantic City) Donald Trump and his aides are entering a crucial week in his presidential transition as he and his Cabinet nominees undergo public questioning about their approach to Russia and potential conflicts of interests
Trump plans to form anti-hacking team(Kuwait News Agency) US President-elect Donald Trump said his meeting with intelligence chiefs on Friday was "constructive" and that he would be forming a team to "aggressively" combat cyberattacks
Air Force Wants a ‘Nerd Cyber Swat Team’ at Pentagon(DoD Buzz) Engineers walking around in hoodies and jeans may become a common sight at the Pentagon as part of an Air Force initiative to create its own “nerd” cyber squad, according to the service’s top civilian
New OPM guidance updates IT, cyber job coding(Federal Times) A Jan. 4 memorandum from the Office of Personnel Management explains updated procedures for identifying and coding federal positions with information technology and cyber-related functions
A Few States Now Actually Help You Figure Out If You’ve Been Hacked(Wired) Thousands of US companies were hacked last year, and each time people’s private data was taken. Was yours? You may not know because it’s hard to keep track, much less do anything about it when there are so many incidents all the time. But if the data collected on breaches in the US were available to you, it would be a lot easier to check whether you’ve interacted with compromised businesses and institutions. That data exists. In fact, nearly every US state (47 to be exact) requires companies to disclose when a breach affects their citizens, and most track this data internally. That data is usually a public records request away from you, the consumer, who could actually use it to inform your digital habits. But, recently a small group of states have decided to make breach information freely available to the public. This week, Massachusetts joined them
Digital India’ Needs To Be Cybersecurity Ready(BW Disrupt) “Sometime ago, I assisted Melissa Hathaway, who was a cybersecurity advisor to Obama and Bush, in preparing a Cyber Readiness Index for India… It states that India faces a herculean task of improving upon all markers of its cyber health like national strategy, incident response, e-crime and law enforcement, information sharing, investment in R&D, diplomacy and trade, and defence crisis and response”
Litigation, Investigation, and Law Enforcement
ODNI Statement on Declassified Intelligence Community Assessment of Russian Activities and Intentions in Recent U.S. Elections (IC on the Record) On December 9, 2016, President Barack Obama directed the Intelligence Community to conduct a full review and produce a comprehensive intelligence report assessing Russian activities and intentions in recent U.S. elections. We have completed this report and briefed President Obama as well as President-elect Trump and Congressional leadership. We declassified a version of this report for the public, consistent with our commitment to transparency while still protecting classified sources and methods
Russian cyberattacks influenced by WADA investigation(ABC News) Intelligence officials believe that Russian hacking efforts made against the United States were done in part as retaliation for a World Anti-Doping Agency (WADA) investigation that led to dozens of Russians being banned from the Rio de Janeiro Olympics
U.S. Spies to Trump: Putin Ordered Hacking to Boost Your Chances(Foreign Policy) Russian President Vladimir Putin “ordered an influence campaign” targeting the 2016 American election to “undermine public faith in the US democratic process” and to “help President-elect Trump’s election chances,” according to a newly declassified report released Friday
U.S.: Putin Personally Tried to Elect Trump(Daily Beast) A declassifed report from the U.S. intelligence community, released Friday, moments after a meeting with President-elect Trump, said that Russian President Vladimir Putin personally ordered a campaign to disrupt the U.S. presidential election. “We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election, Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency,” the report which included conclusions from the FBI, NSA and CIA read. “We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.” The report continued: “Moscow’s approach evolved over the course of the campaign based on Russia’s understanding of the electoral prospects of the two main candidates. When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign began to focus more on undermining her future presidency”
Intelligence agencies reveal Putin plan to back Trump(Christian Science Monitor Passcode) An Office of the Director of National Intelligence briefing reveals the fullest picture yet of claims Russia attempted to influence the presidential vote. Trump, however, says the operation had 'absolutely no effect on the outcome of the election'
Was It a 400-Pound, 14-Year-Old Hacker, or Russia? Here’s Some of the Evidence(New York Times) In recent weeks, President-elect Donald J. Trump has taken to Twitter to cast doubt over a United States joint intelligence assessment that Russian intelligence services are responsible for hacking into Hillary Clinton’s presidential campaign, the Democratic National Committee, and the email account of Mrs. Clinton’s campaign chairman, John Podesta
Feds’ Damning Report on Russian Election Hack Won’t Convince Skeptics(Wired) On Friday, the Office of the Director of National Intelligence finally released a declassified report on Russia’s role in influencing the US election. And though it offers the most detailed official analysis yet of Russia’s operations, critics in the cybersecurity community say it lacks the still-secret evidence needed to persuade skeptics that analysis is true
FBI Says the Democratic Party Wouldn’t Let Agents See the Hacked Email Servers(Wired) Questions about the Democratic National Committee hack and Russia’s alleged involvement have been swirling for months, and have intensified as the intelligence community prepares to brief president-elect Donald Trump about its conclusions on Friday and release a declassified report next week. Ahead of this announcement, the DNC told Buzzfeed on Wednesday that neither the FBI nor any other intelligence agency ever did an independent assessment of the organization’s breached servers. Instead, they alleged, the FBI relied exclusively on information from private digital forensics company Crowdstrike. Now the FBI is refuting this account of the events
Rolling out the red carpet for hackers(Washington Times) Whether Sen. John McCain and Democrats on the Senate Armed Services Committee intended for Thursday’s Russian hack hearings to be used to undermine the U.S. presidential election, one thing is for sure: The hearings WILL be used to undermine the election — precisely as the Russians wanted
Was Friday's declassified report claiming Russian hacking of the 2016 election rigged?(Fox News) Friday night, during her last show on Fox News, Megyn Kelly asked former House Intelligence Committee Chairman Pete Hoekstra whether he accepted the conclusion by 17 intelligence agencies in a recently released declassified report that Russia interfered in the 2016 presidential election and that this interference came at the direction of Russian President Vladimir Putin
DHS slammed for report on Russian hackers(CyberScoop) The hacker groups known as Fancy Bear and Cozy Bear have been tracked for years by cybersecurity specialists — almost all of whom long accepted the detailed, public pattern of evidence linking them to Russian intelligence, including technical indicators-of-compromise
WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived(Intercept) In the past six weeks, the Washington Post published two blockbuster stories about the Russian threat that went viral: one on how Russia is behind a massive explosion of “fake news,” the other on how it invaded the U.S. electric grid. Both articles were fundamentally false. Each now bears a humiliating editor’s note grudgingly acknowledging that the core claims of the story were fiction: The first note was posted a full two weeks later to the top of the original article; the other was buried the following day at the bottom
Eight Facts on the “Russian Hacks”(Sharyl Attkisson) There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts. So what are the allegations and facts as we know them?
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Crimestoppers Conference(Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of...
SANS Security East 2017(New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...
S4X17 ICS Security Conference(Miami Beach, Florida, USA, January 10 - 12, 2017) Three Days of advanced ICS cybersecurity on three stages with the top 500 people in ICS security. Main Stage - The big names (Richard Clarke, Renee Tarun, ...) and forward looking topics (ICS certification,...
Suits and Spooks DC 2017(Arlington, Virginia, USA, January 11 - 12, 2017) “What we are creating now is a monster whose influence is going to change history, provided there is any history left.” (John von Neumann) When John von Neumann said those words in 1952, he didn’t mean...
Cybersecurity of Critical Infrastructure Summit 2017(College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...
ShmooCon 2017(Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...
SANS Las Vegas 2017(Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...
BlueHat IL(Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel.
Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017(Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...
Blockchain Protocol and Security Engineering(Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.