What are the best practices and tools for SecOps in 2019?
Read the 2019 SANS Security Operations Survey report for key insights & strategies from principal SANS Instructor Christopher Crowley & SANS Director of Emerging Technologies John Pescatore. Download your copy now.
July 23, 2019.
By the CyberWire staff
Venezuela sustained another nationwide blackout yesterday, with the country's telecommunications services heavily affected. Over half the country's states were affected. CNN reports that the government blames "an electromagnetic attack" on a hydroelectric plant as the cause of the grid failure. CNBC points out that officials have neither specified what they mean by "electromagnetic attack" (possibly electromagnetic pulse) nor provided evidence of the foreign activity they blame for the disruption. Opposition leaders claim that the blackouts are due to neglect, corruption, and mismanagement. Before yesterday's blackout, Newsweek reported that Russia had announced plans to dispatch more help to secure Venezuela against American "economic terror."
The Washington Post has obtained internal company documents that appear to describe Huawei's work to establish and maintain North Korea's WiFi networks. A Huawei spokesman neither disavowed nor authenticated the documents, saying merely that the company was "fully committed to comply with all applicable laws and regulations in the countries and regions where we operate, including all export control and sanction laws and regulations." The US Justice Department has already charged Huawei with crimes connected to evasion of sanctions against Iran. Should the latest revelations be substantiated, they would amount to more trouble for Huawei.
The Washington Post reports that, for all of its record-setting éclat, the Federal Trade Commission wanted the $5 billion fine on Facebook to be higher. The FTC-led settlement with Equifax also strikes some members of Congress as low. There's said to be rising sentiment in favor of increasing penalties for privacy missteps.
Today's issue includes events affecting Australia, Canada, China, Democratic Peoples Republic of Korea, Russia, United Kingdom, United States, and Venezuela.
Bring your own context.
Does nuclear deterrence hold any useful lessons for cyber deterrence? Maybe, but not any obvious ones.
"Deterrence doctrine from the nuclear era doesn't port well over to the cyber era. Deterrence doctrine - MAD - mutually assured destruction - depended upon people knowing that both side had weapons that would work, knowing that those weapons could definitely get through, knowing that those weapons could do a specific amount of damage. And that's not the case in cyber."
So both sides should have a realistic assurance that the weapons will function more-or-less as advertised. There are other issues, too, especially surrounding attribution.
"Also, in deterrence doctrine from the nuclear era, attribution was not an issue. Attribution can be an issue with cyberattacks because we now know that the Russians and the Chinese and apparently the Americans use each other's cyberweapons to obscure who's doing the attacks. And apparently, we've all stolen each other's weapons. But certainly nothing like that ever happened in the nuclear era. We never had the Russians running around with a U.S. missile submarine or vice versa."
—Richard A. Clarke, former National Coordinator for Security, Infrastructure Protection and Counter-terrorism and currently chairman of Good Harbor Security Risk Management, on the CyberWire Daily Podcast, 7.19.19.
Cyber deterrence is likely to be a different kettle of fish.
With LookingGlass, it’s Game Over For Threat Actors
There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.
And Recorded Future's latest podcast, produced in partnership with the CyberWire, is out. In this episode, "A passion for pen testing," Jason Bernier describes his work as a penetration tester, helping organizations ensure their systems are secure, and helping them understand where their weaknesses may be. He’s got some insightful stories to share from his work, along with practical advice for folks looking to find their place in the industry. To be sure, it’s serious work, but there’s no question Jason is passionate about his job, and he has a good time doing it.
XM Cyber is coming to Black Hat(Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.
Codenomicon August 6 Skyfall Lounge Las Vegas(Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!
Wicked6 Cyber Games(Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.
Hackers Exploit Recent WordPress Plugin Bugs for Malvertising(BleepingComputer) An ongoing malvertising campaign is targeting an unauthenticated stored cross-site scripting (XSS) vulnerability in the Coming Soon Page & Maintenance Mode WordPress plugin according to Wordfence's Defiant Threat Intelligence team.
How Account Takeover Botnets Outsmart Traditional Security Controls | Imperva(Imperva) Account Takeover (ATO) describes when an online account is accessed and/ or used by someone other than its legitimate owner, usually for malicious purposes. Account Takeover attacks happen when an attacker is trying to get unauthorized access to an account or when the account has already been compromised and the attacker uses the account for …
Vulnerability Summary for the Week of July 15, 2019(CISA) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.
Scammers Impersonating IRS, TSP Next?(FEDweek) Scammers are impersonating federal agencies such as the IRS; they’re often pretending to be from the Social Security Administration and Medicare. When will they start targeting TSP account holders? Identity theft and phishing are threats to all of us. It’s not just bank accounts and credit cards that are at risk, our
Apple fixes Walkie Talkie app vulnerability in watchOS update(TechCrunch) If you are, for some reason, an avid Walkie Talkie user on the Apple Watch, you will be pleased to learn that the functionality is back in the latest watchOS update today. The watchOS 5.3 release notes specify that the update “[p]rovides important security updates including a fix for the Walk…
M&As a hotbed for hackers and cybercriminals(Business News Australia) With breaches of cybersecurity now one of the most looming threats for most Australian businesses and their sustainability, many are wondering how best to protect their operations.
Norsk Hydro sees higher cost of cyber attack as second quarter lags(Yahoo News) Norsk Hydro, one of the world's largest aluminum producers, said a cyber attack it sustained in March would cost it more than expected in the second quarter as it reported quarterly earnings that slightly lagged forecasts on Tuesday. The cyber attack is now expected to cost 250-300 million crowns
Cowen expects cybersecurity earnings strength(Seeking Alpha) Cowen analyst Nick Yako thinks cybersecurity companies will report solid Q2 results due to strong demand particularly in the North American market, where spending should remain favorable through the end of the year.
Aura Announces Addition to Executive Leadership Team(Yahoo) Aura, a unified threat protection platform committed to making digital security simple for everyone, today announced the expansion of its leadership team with the appointment of human resources leader Jeanne Gray as chief people officer. Gray brings key
Collibra Debuts New Privacy & Risk Product to Power Data Intelligence(Collibra) Collibra, the Data Intelligence company, today announced the launch of Collibra Privacy & Risk, a new enterprise-grade product that will empower organizations to proactively manage personal data assets by enabling compliance with privacy regulations, helping to protect data, and unlocking...
Bitdefender Browser Isolation Stops Sophisticated Cyber Threats(Bitdefender) Bitdefender, a global cybersecurity leader protecting over 500 million systems across 150 countries, today announced availability of Bitdefender Browser Isolation. Creating a virtual air-gap between end-user systems and the web, it ensures attackers cannot gain a foothold or escape the execution environment of virtualized browsers.
The Future of 5G or Quo Vadis, Europe?(Kosciusko Institute) As little as a year ago few experts would probably anticipate the fifth-generation telecommunication network development issue along with 5G vendor choice to become an acid test for new geopolitical and geoeconomic alignments of states and regions. Today, it is obvious that the pillar of power, might, and agency that global actors …
Trump Touts Tech Industry Support for Huawei Exemptions(Wall Street Journal) President Trump agreed to grant timely licensing decisions to U.S. technology companies that want to continue lucrative sales to Huawei Technologies, as the administration seeks to restart trade talks with China.
Why this security expert is concerned about Huawei(CNBC) Huawei suppliers are expected to meet at the White House on Monday to talk about doing business with the Chinese telecom giant. Robert Spalding, senior fellow at the Hudson Institute, joins "Squawk Box" to discuss why he's been very outspoken about the security issues posed by Huawei.
Huawei reportedly helped North Korea build out 3G network in secret(TechCrunch) A new report could ultimately prove another bombshell in Huawei’s ongoing conflicts with the U.S. government. New documents obtained by The Washington Post tie the Chinese hardware giant to North Korea’s commercial 3G wireless network. If proven, the ties would be yet more fodder for the U.S., whic…
Iran says it arrested 17 Iranians allegedly recruited by CIA(Military Times) Iran on Monday announced the arrest of 17 Iranians accused of spying on the country’s nuclear and military sites for the CIA and said some of them have been sentenced to death. President Donald Trump called it “another lie” from Iran.
GA Man gets 3 Years for Identity Theft(ISSSource) A Georgia man is facing three years and one month in prison and ordered to pay $697,270 in restitution after his sentencing Thursday in federal prison for hacking into more than 100 Apple accounts belonging to high-profile professional athletes and rappers and spending nearly $325,000 using stolen financial information from several of these victims.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Cybersecurity Summit, New York(New York, New York, USA, August 13 - 14, 2019) The Cybersecurity Summit, New York, invites information security practitioners to learn about the latest trends in data breaches and frauds, and about mitigation strategies. ISMG’s Global Summit focuses...
Cybertech Midwest 2019(Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...
Smoky Mountain Bigfoot Conference(Gaitlinsburg, Tennessee, USA, July 27, 2019) Join us for the first ever Smoky Mountain Bigfoot Conference. We have some of America's most experienced Bigfoot researchers and investigators including Cliff Barackman, Bigfoot Field Researcher and co-host...
Cyber:Secured Forum 2019(Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...
Community College Cyber Summit (3CS)(Bossier City, Louisiana, USA, July 30 - August 1, 2019) The 2019 Community College Cyber Summit (3CS) at Bossier Parish Community College in Louisiana marks the sixth annual edition of 3CS. 3CS is the only national academic conference focused on cybersecurity...
New York City Cybersecurity Conference(New York, New York, USA, August 1, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.