2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
December 17, 2018.
By the CyberWire staff
A report on Russian information operations commissioned by the US Senate Intelligence Committee was released this morning (Washington Post). The study focuses on the Internet Research Agency’s output, and confirms the St. Petersburg troll farm’s opportunism and cultural fluency. WIRED says the study is also bad news for both Facebook and Google, since it suggests the two companies “dissembled” in their responses to Congressional inquiries.
Huawei's position in Europe continues to erode, as both BT and Deutsche Telekom shy away from the Chinese hardware manufacturer on security grounds (Bloomberg). Huawei has said it’s determined to do whatever it takes to allay security concerns (Financial Times). It’s smaller rival ZTE is in a similar position: the company has retained former Senator Lieberman to conduct "an independent security assessment" of its products (POLITICO).
The Five Eyes are said to have agreed this summer to "contain" the threat from Huawei (Gizmodo). Fifth Domain sees parallels between 2014’s Sino-American cyber tension sand those of today.
The boomstortion scammers who made false bomb threats across much of the English-speaking world last week haven’t really scored—the “cockwombles” behind the caper (as Graham Cluley calls them) have so far pulled in nothing but chickenfeed. They’re also turning to a new bogus threat: acid attacks (Infosecurity Magazine).
Followers of YouTube star PewDiePie are back, and again hijacking printers. This time, however, they express a more high-minded purpose than, for example, encouraging people to eat Tide Pods: they say they’re hacking printers to raise security awareness (Infosecurity Magazine).
How Are You Responding to Threats? Find Out Now in the SANS 2018 Incident Response Survey
What new and continuing threats were uncovered in investigations and how are organizations dealing with those threats? In this SANS 2018 Incident Response Survey, learn how IR teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment. Find out how they have structured their incident response functions, what systems they’re conducting investigations on, the threats they’re uncovering and how they're uncovering them. Then apply these findings in your 2019 programs.
Attribution is the topic of this week's Research Saturday: "The Sony hack and the perils of attribution." Risk Based Security took a detailed look back at the 2014 Sony hack, comparing analysis that came out while the facts were still unfolding with what we know today. There are interesting lessons about attribution to be learned. Brian Martin, V.P. of vulnerability intelligence at Risk Based Security, talks us through what they found.
Cyber Security Summits: 2019(United States, January 1 - December 31, 2019) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Darktrace and more at the 2019 Cyber Security Summits. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).
DreamPort Event: The Red Hat OpenShift Container Platform Bootcamp(Columbia, Maryland, United States, January 3, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting the Red Hat OpenShift Container Platform Bootcamp. This is all about Containers, DevOps, & Agile Development. Attendees will learn, hands on, how to create, develop, use, deploy, and access containers as DevOps & Agile Development tools.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Quiz Phishing: One Scam, 78 Variations(Akamai) Over the past year, Akamai Enterprise Threat Research team monitored the usage of one particular phishing toolkit in the wild. We previously wrote about this phishing toolkit as
Fake Xmas Bonus Payslip delivers Ursnif – Gozi(My Online Security) We are still seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK again this week. Today we are seeing an Xmas Payslip theme The subjects vary slightly but include Wages December…
Connecticut utilities tight-lipped about potential for cyber-attacks(New Haven Register) Given how we have come to take the reliable delivery of electricity for granted, the results of a recent survey of power- and utility-executives about the potential for a cyber-attack disrupting service could be seen as shocking.
Nearly half of the chief executive officers of power- and utility-companies who responded to a KMPG survey released in November said they believed a cyber-attack on their businesses is a matter of "when", not "if." And only 58 percent of the respondents felt their companies were prepared in their ability to identify new cyber-threats.
International email bomb hoax proves to be a spectacular failure(Graham Cluley) Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday.
But if the hoaxer thought they were going to make a lot of money through the scam, they’re going to be disappointed.
Save the Children Charity Org Scammed for Almost $1 Million(BleepingComputer) If certain crooks have some sort of moral compass that keeps them away from certain victims, others ditch such boundaries for the right amount of money. A perpetrator from the latter category was able to fool the charitable organization Save the Children into misdirecting close to $1million.
Trend Micro says, Sophisticated cyber attacks on cloud will dominate in 2019(TechGraph) A Japan-based cybersecurity firm, Trend Micro on Friday released its cybersecurity reports, in which it said that “In 2019, the hackers will use more sophisticated tools for hacking, especially in new technologies like Cloud The trend in its report said “The vulnerabilities will be found more in Cloud infrastructure, such as containers and weak cloud …
In the winds of crypto winter(TechCrunch) Well, it was surreal while it lasted, by which I mean the 2017-18 cryptocurrency bubble. For a while there, Coinbase was #1 in the App Store, Bitcoin was above $10K, and there were more notional crypto zillionaires out there than you could shake a Merkle tree at. Those were the crazy days. Now, tho…
Acquisition sees formation of UK's broadest cyber training provider(BCW) QA, the UK’s largest tech training provider, today announced that it has acquired information security training company InfoSec Skills, which will sit under the wing of QA’s Learning division. This acquisition gives QA the broadest range of cyber security accreditations (including popular CREST qualifications) compared to any other provider across an inclusive set of cyber security domains. As the UK’s leading cyber security education provider, QA currently delivers over 100 cyber security solu...
The 2018 NIAC Report does not address its own recommendations(Control Global) The 2018 President’s National Infrastructure Advisory Council (NIAC) report “Surviving a Catastrophic Power Outage – How to Strengthen the Capabilities of the Nation”, was issued December 2018. How can we respond and recover from catastrophic power outages when we continue to ignore the devices that can prevent “respond and recover”? How can we improve our understanding of how cascading failures across critical infrastructure will affect “restoration and survival” when we don’t know we have a problem?
How to end a romance scam(CSO Online) Use this two-part test to convince romance scam victims that their “true love” is a fraud.
'Five Eyes' Spy Chiefs Agreed to Contain Huawei's Global Reach at Meeting in July: Report(Gizmodo) At a meeting in Canada in July 2018, espionage chiefs from Australia, Canada, New Zealand, the U.K. and the U.S.—all signatories to a treaty on signals intelligence, and often referred to as the “Five Eyes”—agreed to do their best to contain the global growth of Chinese telecom Huawei, the Wall Street Journal reported on Friday, citing a prior report from the Australian Financial Review.
Don’t swallow Labour’s claims of ‘black ops’(Times) The deep state’s machinations have been exposed. The government is secretly funnelling taxpayers’ money to a “black ops” propaganda unit that meddles in friendly countries’ affairs and spreads...
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
BSides Columbus 2019(Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.