2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
December 3, 2018.
A CyberWire Daily News Briefing redesign is coming.
By the end of this week we expect we'll have completed a new design for our email, the better to avoid falling into spam traps or becoming enmeshed in the array of anti-phishing measures enterprises increasingly deploy. You've seen some of the changes already with our addition of inline links to our summary.
When the redesign is complete, you'll see fewer links to suggested reading in the email itself. That selected reading will remain present in its entirety on our website, posted as always with the appropriate Daily News Briefing. We hope you'll find the new format more user-friendly. We'll announce the date of the rollout as it approaches. And, as always, thanks for subscribing and reading.
By The CyberWire Staff
Iran's operations in cyberspace have been growing in capability as Tehran shows a disposition to learn from the best. Its information operations in particular show fresh sophistication, particularly against targets in the Arab world (Reuters).
US Defense Secretary Mattis said that Russia's attempts to influence US elections show that President Putin is a "slow learner" (Reuters). In the UK, MI6 director Younger warns Russia not to take Britain lightly (Bloomberg).
The Marriott breach poses a range of risks, identity theft and espionage being two of them (KFDM). Authorities are also beginning their investigation of the incident. As is often the case, the State of New York is first out of the gate: on Friday the state's attorney general announced it was opening a probe that would not only look into the circumstances of the breach, but that would also determine whether Marriott's "delay" in disclosure constituted a violation of New York law (New York Law Journal). And if you are an affected guest wondering if there was anything you could have done to protect yourself, Rook Security says, essentially, no, there was nothing you could have done (Fox 59).
The US Court of Appeals for the DC Circuit ruled Friday that the Government's ban on Kaspersky products can stand. It's not, after all, and unconstitutional bill of attainder (TheHill).
Another reason not to pay ransomware extortion demands: under current US law, if those payments go to the wrong place, ransomware victims could find themselves in violation of US sanctions (BleepingComputer).
Today's issue includes events affecting Afghanistan, Australia, China, Iran, Iraq, Israel, Japan, Democratic Peoples Republic of Korea, New Zealand, Saudi Arabia, Syria, Turkey, United Kingdom, United States.
How to Budget for Insider Threat Management, Proactively
According to a Ponemon Institute study, 34% of cybersecurity professionals said a lack of budget was a major barrier to effective insider threat management. So, how do you ask for the budget you need to proactively detect and stop insider threats? The latest guide from ObserveIT gives you the in-depth information you need to ask for a dedicated insider threat line item in your cybersecurity budget. Download The Guide to Budgeting for Insider Threat Management today.
Rapid Prototyping Event: The Turing Test(Columbia, Maryland, United States, December 11 - 13, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Prototyping Event in which participants implement an automated process to interact with a Microsoft Windows machine just as a human user may do with the goal being to fool a human judge who is monitoring target computers via Remote Desktop Protocol (RDP) or Virtual Network Computing (VNC) into thinking a normal user is interacting with that machine and not an automated program or process.
Al Qaeda tries to capitalize on Saudi controversy(FDD's Long War Journal) Earlier this month, Al Qaeda's As Sahab released an essay blasting Saudi Arabia's relationship with the US. The essay's author, identified as Sheikh Awab Bin Hasan al Hasni, portrays America as a declining power and touts the resurrection of the Taliban's Islamic Emirate of Afghanistan. AQAP also finally released the 58th issue of Al Masra newsletter, which focuses on the murder of Jamal Khashoggi.
What the Marriott Breach Says About Security(KrebsOnSecurity) We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties.
Espionage, ID theft? Myriad risks from stolen Marriott data(KFDM) The data stolen from the Marriott hotel empire in a massive breach is so rich and specific it could be used for espionage, identity theft, reputational attacks and even home burglaries, security experts say. Hackers stole data on as many as 500 million guests of former Starwood chain properties over four years including credit card and passport numbers, birthdates, phone numbers and hotel arrival and departure dates. It is one of the biggest data breaches on record.
Contractors Are a Bull's-Eye for Hackers(SIGNAL Magazine) As large defense contractors invest heavily in securing their networks, adversaries turn their attention to smaller defense suppliers for cyber attacks.
The user, the abuser and the cyber criminals(Business Post) According to Europol’s fifth annual internet organised crime threat assessment, ransomware remained the biggest malware threat out there in 2018. Ransomware lockdown...
7 warning signs of an insider threat(CSO Online) While the security industry often focuses on the nation-state and cyber criminals, often some of the biggest dangers are hiding in plain sight within your own company.
What Type of Vulnerabilities Does a Penetration Test Look For?(The State of Security) Penetration testing is becoming increasingly popular as organizations are beginning to embrace the need for stronger cybersecurity. But there are still too many businesses that don’t fully understand the benefits of regular security testing.
U.S. Department of Energy hosts national competition at PNNL on Saturday(KEPR) Teams from all over the country were in town this weekend for the largest cyber-security competition of its kind. Students spent their Saturday at Pacific Northwest National Lab (PNNL) to compete against each other in a simulated cyber-attack on America's energy grid. Jeffrey Baumgartner from the Department of Energy in Washington D. C. says they host competitions like this to train, and hopefully recruit, the next generation of cyber-defenders.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Digital Utilities Europe 2019(London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...
Transport Security Congress(Washington, DC, USA, May 14 - 15, 2019) The Transport Security Congress brings together business and security leaders from all sectors of passenger and goods transportation to discuss solutions to the evolving security and safety risk landscape.
GovSummit(Washington, DC, USA, June 26 - 27, 2019) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...
Securing Digital ID 2018(Alexandria, Virginia, USA, December 4 - 5, 2018) As an increasing number of transactions move online and are mobile-enabled, the conference will explore today’s complex world of digital identities and how they are used for strong authentication and remote...
First Annual Maryland InfraGard Cybersecurity Conference(College Park, Maryland, USA, December 5, 2018) InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely...
International Cyber Risk Management Conference(Hamilton, Bermuda, December 6 - 7, 2018) Now in its fourth year in Canada, the International Cyber Risk Management Conference (ICRMC) has earned a reputation as one of the world’s most trusted cyber security forums. We are proud to bring ICRMC...
2018 Cloud Security Alliance Congress(Orlando, Florida, USA, December 10 - 12, 2018) Today, cloud represents the central IT system by which organizations will transform themselves over the coming years. As cloud represents the future of an agile enterprise, new technology trends, such...
Wall Street Journal Pro CyberSecurity Executive Forum(New York, New York, USA, December 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work...
National Cyber League Fall Season(Chevy Chase, Maryland, USA, December 15, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.