2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
December 18, 2018.
By the CyberWire staff
Shamoon 3 seems to have affected a wider range of targets than at first believed. McAfee says the attacks affected victims in the oil, gas, telecommunications, energy and government sectors in the Middle East and southern Europe. Symantec reports more signs that this Shamoon infestation came from Iranian threat actors, including its association with attacks that used Stonedrill malware (SecurityWeek).
Shamoon 3, as well as Charming Kitten's reappearance with 2FA-defeating attacks (Threatpost), have led some observers to conclude that the long-expected Iranian cyber-retaliation for reimposed sanctions is underway (WIRED).
The Czech government's CERT has issued an unambiguous warning that Huawei and ZTE equipment represents a security threat. The NÚKIB report specifically cites Chinese laws requiring companies to cooperate with intelligence and security services.
The US Senate-commissioned reports on Russian influence operations point out extensive trolling via Instagram, much directed toward African-American voters. The NAACP has, in response to the news, called for a boycott of Facebook (Telegraph).
We've seen many sound cautions against placing too much importance on attribution of attacks to specific actors, but here's one way it matters: your cyber insurance policy might not cover an act of cyberwar. Mondelez International, hit hard by NotPetya, submitted a claim for more than $100 million, but Zurich Insurance is disputing the claim on the grounds that their policy excluded coverage for a "hostile or war like act" by any "government or sovereign power" (Reinsurance News). NotPetya has generally been attributed to Russia, convincingly enough for Zurich to hold its payout.
How Are You Responding to Threats? Find Out Now in the SANS 2018 Incident Response Survey
What new and continuing threats were uncovered in investigations and how are organizations dealing with those threats? In this SANS 2018 Incident Response Survey, learn how IR teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment. Find out how they have structured their incident response functions, what systems they’re conducting investigations on, the threats they’re uncovering and how they're uncovering them. Then apply these findings in your 2019 programs.
Cyber Security Summits: 2019(United States, January 1 - December 31, 2019) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Darktrace and more at the 2019 Cyber Security Summits. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).
DreamPort Event: The Red Hat OpenShift Container Platform Bootcamp(Columbia, Maryland, United States, January 3, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting the Red Hat OpenShift Container Platform Bootcamp. This is all about Containers, DevOps, & Agile Development. Attendees will learn, hands on, how to create, develop, use, deploy, and access containers as DevOps & Agile Development tools.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Cyber Attacks, Threats, and Vulnerabilities
Shamoon 3 Attacks Targeted Several Sectors(SecurityWeek) Several Shamoon 3 samples have been identified and there appear to be targets in more sectors than initially believed. Researchers also found some links to Iran.
Saipem-like cyber-attack numbers 'will climb', former hacker warns(Energy Voice) The number of cyber-attacks to hit the servers of oil and gas firms “will climb”, a former computer hacker has warned. Last week’s attack on oil services firm Saipem hit the firm’s servers in Aberdeen, India and the Middle East, with some servers attacked in Italy. Mike Jones, a former hacker with the Anonymous hacktivist group, …
Amid AI and Machine Learning, the Human Touch Remains Crucial to...(Bricata) Amid the fervor over artificial intelligence (AI) and machine learning, it’s easy to lose sight of just how important human involvement is in cybersecurity, a new survey finds. We know network security is complicated and becoming... #cybersecuritystatistics #cybersecuritytrends #networksecurity
How Instagram got to one billion users: being the anti-Facebook(The Telegraph) In late March, at the height of the Cambridge Analytica scandal that threw Facebook’s management into crisis and sent its share price plummeting, Elon Musk announced he was deleting the Facebook pages of his two companies, Tesla and SpaceX.
Market News: Will Intel Sell McAfee to Thoma Bravo?(Best Endpoint Security Protection Software and Vendors) Dominating the conversation in endpoint security: the possible acquisition of endpoint security solution provider McAfee by private equity firm Thoma Bravo.
Zscaler: Unrealistic Valuation(Seeking Alpha) Shares of Zscaler have ripped higher and shaken off lockup expiration weakness after reporting strong Q1 results. The company's revenue growth accelerated five
New Cyber Readiness Program Launched for SMBs(SecurityWeek) The Cyber Readiness Institute (CRI) has launched a Cyber Readiness Program designed to provide assistance to small and medium businesses who may not have the resources to give security the priority it needs and deserves.
Simplifying Blockchain Security Using Hyperledger Ursa (InfoQ) In a recent blog post, the Hyperledger project announced that their latest project, Hyperledger Ursa, has been accepted by the Technical Steering Committee (TSC). Ursa’s primary objective is to simplify and consolidate cryptographic libraries in a trusted, consumable manner for use in distributed ledger technology projects in an interoperable way.
Russia social media influence efforts ongoing, report says(Fifth Domain) Russia's sweeping political disinformation campaign on U.S. social media was more far-reaching than originally thought, with troll farms working to discourage black voters and "blur the lines between reality and fiction" to help elect Donald Trump in 2016, according to reports released Monday by the Senate intelligence committee.
Irish Data Authority Probes Facebook Photo Breach(SecurityWeek) The Irish data watchdog on Friday launched an investigation into Facebook, after the social media titan admitted a "bug" may have exposed unposted photos from up to 6.8 million users.
Equifax, others must secure apps as part of New York settlement(CyberScoop) The New York attorney general’s office said five apps made by well-known companies could have leaked user data. The firms – Western Union, Priceline, Equifax, Spark Networks and Credit Sesame – have agreed to revamp the security of their apps as part of a settlement announced Friday.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
CYBERSEC Brussels Leaders' Foresight 2019(Brussels, Belgium, May 15 - 16, 2019) The aim of the CYBERSEC Brussels Leaders' Foresight 2019 is to give proactive guidance on how to lead, encourage evidence-based desision-making, and develop cybersecurity policy statecraft in the EU and...
5th European Cybersecurity Forum – CYBERSEC 2019(Krakow, Poland, October 29 - 30, 2019) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.