Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
August 12, 2019.
Black Hat and Def Con
Black Hat and Def Con have concluded. Here are few observations about the discussion of technology and policy that took place at the events.
We heard speakers in several sessions at Def Con urge that those professionally involved with cybersecurity also involve themselves with legislators, that they attend Congressional hearings, send direct messages to their representatives, and so on. Some of this was civics-class, good-government advice, some advocacy, and some a call to contribute from the distinctive perspective security expertise might lend a citizen. There were signs of mutual interest: several members of congress attended, which speaks to some recognition of the security community's importance, and of interest in the conversations taking place last week in Nevada.
Some such cross fertilization was intended by Def Con's organizers. "We are trying to breakdown the barriers between the people in tech who know what they're doing and the people in Congress who know how to take that knowledge to make laws," Phil Stupak, an organizer of the AI Village and a fellow at Cyber Policy Initiative at the University of Chicago, told CNN.
There were comparable signs of such interest at Black Hat. Bruce Schneier delivered an address in which he called for technologists to contribute their expertise to the policy process. "No policy makers understand technology," Infosecurity Magazine quoted him as saying. "Technologists are in one world, and policy makers are in a different world. It's no longer acceptable for them to be in separate worlds though, as technology and policy are deeply intertwined." Your influence as a consumer, he argued, is negligible, but your influence as a technologist can be considerable. And that influence can also be wielded within the companies technologists work for.
Contributions of knowledge by those who have it are surely welcome, as no thinking person would want laws to be written (and amended in committee) and passed by the ill-informed or clueless. Part of the expertise one hopes the technologists would deploy is a clear understanding of the scope of their knowledge. A self-appointed clerisy pushing whatever views they happen to hold on various topics because they're having difficulty distinguishing an "is" from an "ought" would quickly prove tiresome. Everyone has a right to an opinion, and to that opinion's expression, but of course that right doesn't automatically confer expertise any more than passionate expression does. Lawyers have plenty of valuable expertise, but it doesn't necessarily extend to, say, quantum entanglement. And the cogency of a line of reasoning is seldom well-correlated with the volume used in expressing it.
That said, there was commendable self-awareness and appreciation of complexity on display. A proposal for widespread online voting, for example, received a cool reception because the audience of technologists perceived how hard it would be to pull that off.
And on right-to-repair laws, a hot-button issue to many, one salient point made to the hacker crowd was that corporations are not necessarily malicious in their intent, and that they are often good people making decisions answerable to a different set of criteria from those a consumer (or hacker) might use. Others noted that decisions about the right-to-repair are largely made in first-world settings that have moved toward a more disposable economy. The same rules might not necessarily apply to emerging economies where equipment has a much longer lifecycle, and repair and reuse are not only common, but necessary.
We'll have more later this week as we wrap up our discussion of the events in Las Vegas.
By the CyberWire staff
The UK sustained a power failure Friday that left about a million users in England and Wales without electricity. The Independent reports that two power stations, one wind-driven, the other gas-fired, went offline almost simultaneously, after which automatic safety features caused outages to protect the grid as a whole. Some had jumped to the conclusion that the outages were the result of a cyberattack, but according to the Washington Post, this was quickly ruled out. Power was largely restored Friday evening, but railroads felt the effects linger into Saturday. It was not a case of graceful degradation: some essential medical and transportation systems were disrupted. Authorities tell the BBC they're determined to learn lessons.
Deutsche Welle reports that Russia's Internet regulatory body, Roskomnadzor, warned Google not to permit YouTube to incite opposition protests. On Saturday between twenty-thousand and nearly fifty-thousand demonstrators took to the streets in Moscow over allegations of municipal election fraud, according to the Guardian. The lower figure comes from police, the higher from independent estimates.
PC Magazine comments on some forthcoming research by IntSights that explores the connections between Russia's cyber criminal gangs and the country's intelligence services. The gangs operate at the sufferance of the security organs, on the condition that they leave certain targets alone, and from time-to-time accept taskings. The intelligence and security services themselves find the relationship useful.
China's Foreign Ministry dismisses FireEye's report on APT41 as "ill-intentioned fabrications." Besides, the spokesman adds, attribution is difficult, and China opposes all forms of cybercrime.
Today's issue includes events affecting China, European Union, France, Iran, Israel, Luxembourg, Russia, United Kingdom, United States.
Bring your own context.
So how was it at Black Hat this year?
"So it's been a relatively positive mood. I wouldn't say it's significantly different [from] previous years. You know, every year, you kind of sense increasing maturity in the industry as a whole. Particularly, you know, as people are harnessing technologies in more sophisticated ways, they're getting to grips with the realities of some of the threats and things like that. There's definitely an increasing evolution, shall we say, in how people are dealing with threats, pushing towards more automation and things like that."
—Matt Aldridge, senior solutions architect at Webroot, on the CyberWire Daily Podcast, 8.8.19.
What are the best practices and tools for SecOps in 2019?
Read the 2019 SANS Security Operations Survey report for key insights & strategies from principal SANS Instructor Christopher Crowley & SANS Director of Emerging Technologies John Pescatore. Download your copy now.
Cyber Warrior Women Summer Social: Sip and Paint(Columbia, MD, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Lawmakers embrace hackers in Vegas as 2020 election looms(FOX 61) Multiple members of congress, dozens of congressional staffers and members of the intelligence community are gathering in Las Vegas this weekend to rub shoulders with hackers at Def Con, one of the world's largest hacking conferences.
A sonic cyberattack could hijack a device's speakers(Yahoo) Weapons that injure crowds of people by emitting dangerous sounds may seem like the stuff of science fiction. Unfortunately, malicious hackers might be able to do just that -- but with Bluetooth- or WiFi-capable smartphones, headphones, speakers, or laptops.Researcher Matt Wixey is unveiling research
Cyber-attack ruled out in UK power outage(New York Post) Neither a cyber-attack nor unpredictable wind power generation were behind a power outage that left nearly one million people in England and Wales in the dark Friday. The outage stranded trains, di…
The Evolution of Russia's Dark Web(PCMAG) Russia is the birthplace of the dark web, and its tech-savvy population includes some brilliant hackers. We talk to two researchers who will present a report on the topic here at Black Hat.
China’s cyber-spies make money on the side by hacking video games(MIT Technology Review) Just because you’re a world-class Chinese government hacker busy conducting espionage against geopolitical adversaries doesn’t mean you can’t make a little extra money on the side.The hackers behind a sophisticated seven-year Chinese government intelligence operation simultaneously use their talents to hack for personal profit by putting a bull’s-eye on targets in the cryptocurrency and video game industries, according to the American security firm FireEye.
Robocall blocking apps caught sending your data without permission(TechCrunch) Robocall-blocking apps promise to rid your life of spoofed and spam phone calls. But are they as trustworthy as they claim to be? One security researcher said many of these apps can violate your privacy as soon as they are opened. Dan Hastings, a senior security consultant at cybersecurity firm NCC…
Bishop Fox Finds Trove of Secrets on Amazon Elastic Block Store(Yahoo) Bishop Fox, the largest private professional services firm focused on offensive security testing, has discovered a flaw in Amazon's Elastic Block Store (Amazon EBS) that makes many users' virtual hard disk available to anyone on the internet. Security Associate
Say Cheese: Ransomware-ing a DSLR Camera(Check Point Research) Research by: Eyal Itkin TL;DR Cameras. We take them to every important life event, we bring them on our vacations, and we store them in a protective case to keep them safe during transit. Cameras are more than just a tool or toy; we entrust them with our very memories, and so they are very important... Click to Read More
Screwed Drivers – Signed, Sealed, Delivered(Eclypsium) Download the PDF > Introduction Common Design Flaw In Dozens of Device Drivers Allows Widespread Windows Compromise As part of Eclypsium’s ongoing hardware and firmware security research, we have become increasingly interested in the area of insecure drivers and how they can be abused in an attack against a device.…
iNSYNQ Ransom Attack Began With Phishing Email(KrebsOnSecurity) A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned.
Officials: Elk County school targeted in national cyber attack, DHS investigating(WJAC) An Elk County school district is part of a Department of Homeland Security investigation after an apparent cyberattack targeted school districts, police departments and municipalities across the country, Ridgway Area School District officials wrote in a Facebook post. School officials say the school district was hit with an electronic virus July 30 that locked network servers and files and limited access to users.
How tech is transforming the intelligence industry(TechCrunch) Shay Hershkovitz Contributor Share on Twitter Shay Hershkovitz is a Senior Research Fellow at The Intelligence Methodology Research Center (IMRC). At a conference on the future challenges of intelligence organizations held in 2018, former Director of National Intelligence Dan Coats argued that he t…
McAfee acquires Cupertino-based security platform NanoSec(Silicon Valley Business Journal) Cybersecurity company McAfee on Friday announced its acquisition of NanoSec, a Cupertino-based company that's focused on keeping applications secure. Neither company disclosed the financials behind the purchase.
G4S carve-out lacks compelling valuation bump(breakingviews.com) The British security firm is spinning off its cash-handling unit, a no-brainer given the shift to digital money. That allows more focus on its core business of guarding people and businesses. But a share price bump requires investors to place a high value on the latter.
Report: Palantir's U.S. government contracts top $1.5B(Silicon Valley Business Journal) Alex Karp, the head of Palantir, whose software has been used to target terrorists, at the company's headquarters in Palo Alto, Calif., on March 13, 2014. Karp says American companies have a moral obligation to support the country and its military no matter who is president.
Preclusio uses machine learning to comply with GDPR, other privacy regulations(TechCrunch) As privacy regulations like GDPR and the California Consumer Privacy Act proliferate, more startups are looking to help companies comply. Enter Preclusio, a member of the Y Combinator Summer 2019 class, which has developed a machine learning-fueled solution to help companies adhere to these privacy…
Foreign Ministry Spokesperson Hua Chunying's Remarks on August 9, 2019(MInistry of Foreign Affairs of the People's Republic of China) ...Q: According to a report issued by the cyber-research firm FireEye, a hacker group working for the Chinese government attacked game companies and cryptocurrency providers for personal profit. FireEye said those hackers work for the Chinese government and are involved in commercial hacking behaviors for profit. I wonder what is your response?
Trump ‘In No Rush’ to Select Permanent Intelligence Chief(Wall Street Journal) President Trump said he was in no hurry to select a candidate for the nation’s permanent intelligence chief, after current and former national-security officials and Democratic lawmakers warned of instability following the ouster of the director of national intelligence and his top deputy.
Top intel official interrupted meeting to urge his deputy to resign (CNN) The country's No. 2 intelligence official, Sue Gordon, knew it was likely she would have to eventually step down from her post, but the timing of that decision became more urgent on Thursday after her boss -- outgoing spy chief Dan Coats -- interrupted a meeting she was holding on election security and asked his deputy to submit her letter of resignation, sources familiar with the events told CNN.
New York State Toughens Data Security Laws(Cooley) On July 25, 2019, New York enacted a pair of data security laws. First, the Stop Hack and Improve Electronic Data Security Act (SHIELD Act) updates New York’s data security requirements. Second, th…
Amazon’s lead EU data regulator is asking questions about Alexa privacy(TechCrunch) Amazon’s lead data regulator in Europe, Luxembourg’s National Commission for Data Protection, has raised privacy concerns about its use of manual human reviews of Alexa AI voice assistant recordings. A spokesman for the regulator confirmed in an email to TechCrunch it is discussing the …
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cybersecurity Summit, New York(New York, New York, USA, August 13 - 14, 2019) The Cybersecurity Summit, New York, invites information security practitioners to learn about the latest trends in data breaches and frauds, and about mitigation strategies. ISMG’s Global Summit focuses...
Virginia Cybersecurity Education Conference(Fairfax, Virginia, USA, August 13 - 14, 2019) The goal of the Virginia Cybersecurity Education Conference is to get attendees thinking about ways to engage students at all grade levels in hands-on, meaningful educational activities related to cybersecurity.
AcceleRISE(Minneapolis, Minnesota, USA, August 14 - 16, 2019) Prepare for your future. Designed for young industry professionals like yourself, and presented by SIA, AcceleRISE brings together tomorrow’s security leaders for two-plus days of idea sharing, coaching,
The conference, hosted by SIA’s RISE community for young professionals and those new to the industry, will present blended learning sessions featuring a mix of keynotes, panel sessions, team building exercises, peer networking and workshops.
PCI Security Standards 2019 Latin America Forum(São Paulo, Brazil, August 15, 2019) Don’t miss the data security event of the year for the payment card industry. We provide you with the information and tools to help secure payment data. We lead a global, cross industry effort to increase...
Austin Cybersecurity Conference(Austin, Texas, USA, August 15, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.