Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
December 9, 2019.
By the CyberWire staff
Bayerische Rundfunk reports that Ocean Lotus (also known as APT32), a hacking group associated with the government of Vietnam, has been detected in the networks of BMW and Hyundai. Engadget calls it cyberespionage.
The UK will hold its general elections this Thursday. Campaigns are being roiled in the last week by the documents Labour brandished to accuse the Conservatives of planning to sell the National Health Service to the US, or, put somewhat more plausibly, that the Tory Government was planning to offer thorough control of the NHS's place in the healthcare market to a set of US firms in order to sweeten negotiation of a new UK-US trade deal. Labour's leader Jeremy Corbyn is hanging tough, saying it's an important issue the Prime Minister has yet to address, and that he won't reveal where the documents came from, the Guardian reports. Besides, even if accusations that the documents were planted in Reddit by Russian operators (and ZDNet has a useful account of what Reddit found), no one has yet made the case for the documents' inauthenticity. The Washington Post points to the incident with glum alarm as a "stark warning" for the US 2020 elections, if only because, as the Post puts it, "politicians are not exactly serving as a deterrent right now to would-be adversaries."
Here's one National Health Service cyber issue that seems beyond dispute: according to Computing, the NHS still has about two-hundred-thousand machines running Windows 7, which really and truly reaches its end-of-life next month.
Today's issue includes events affecting China, European Union, India, Democratic Peoples Republic of Korea, Russia, Saudi Arabia, United Kingdom, United States, and Vietnam.
Bring your own context.
What once was old is now new again.
"So botnets, we're again seeing an increase in - and you and I have talked about this before, David, but it's one of those things where what's old is new. We'd seen a huge decrease in botnets in the early 2010s because folks had become very, very good at detecting and preventing those on Windows platforms. But as we've seen, the growth of IoT infrastructures and, you know, more sophisticated organizations building botnets, we're seeing a lot more growth in that area. I would say at the moment, what we're seeing are kind of flagship projects where they're going out and testing the capabilities of what they could do. And I would guess within the next year or two, we'll see some fairly large botnets attacking large IoT infrastructures and things like that as they really hone in their skills on being able to attack these new environments."
—David Dufour, vice president of engineering and cybersecurity at Webroot, on the CyberWire Daily Podcast, 12.6.19.
Thank the IoT. And once 5G arrives, well, Katie bar the door (at least for a little).
Meet the team of leading experts dedicated to making the world a safer place.
If cybersecurity is important to your business (and of course it is), work with the team whose entire mission is to make the world a safer place for everyone. Based on years of law enforcement and military experience, our team pulls and analyzes the best data and delivers it in the most actionable format. Get human-curated, in-depth analysis, layered on top of the most comprehensive, exclusive sets of data from the Deep and Dark Web.
ON THE PODCAST
In today's Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan reviews McAfee's predictions of two-stage ransomware extortion.
All the King’s Consultants(Foreign Affairs) Experts play valuable and highly visible roles advising leaders in wealthy liberal democracies and international institutions. But far less is known about what they do—and to what effect—for authoritarian regimes and developing countries.
These companies are teaming up to pursue a $1B cyber contract(Fifth Domain) The primary component of the contract is the Persistent Cyber Training Environment, an online client in which members of U.S. Cyber Command’s cyber mission force can log on from anywhere in the world for training and to rehearse missions.
Image Protect Attracts First Four Websites for Conversion to Fotofy Model(West) Image Protect Inc. (OTC: IMTL) (imageprotect.com) (“Image Protect”, “IMTL”, or the “Company”), a global leader in the end-to-end copyright infringement sector, is excited to announce that the Company has engaged four popular, high-quality websites for conversion to the Fotofy model for all native images currently hosted, or to be hosted in the future, on those four sites.
The Navy will build tactical cyber teams(Fifth Domain) In a new strategy document released Dec. 4, Chief of Naval Operations Adm. Michael Gilday said he wanted the service to develop a plan to field small tactical cyber teams by February 2020.
Voting-Machine Upgrade Stirs a Partisan Clash in Pennsylvania (Wall Street Journal) A partisan clash is unfolding over an effort to upgrade voting systems in Pennsylvania, after Republicans accused the Democratic governor of rushing the deployment of new voting machines, some of which malfunctioned in November. Democrats called the claims inaccurate.
PRIMER: China’s cryptography law(IFLR) IFLR’s latest primer looks at China’s new law targeting blockchain development, how it relates to the country’s national digital currency, and the impact on the fintech community
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Anaheim Cybesecurity Conference(Anaheim, California, USA, December 11, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
Cincinnati Cybersecurity Conference(Cincinnati, Ohio, USA, December 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
CPX 360 Bangkok(Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...
Cyber Security for Critical Assets, MENA 2020(Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.