What if your security strategy added zeros to your bottom line?
Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.
March 25, 2019.
We were able to spend last Thursday and Friday in Crystal City, Virginia, observing the Atlantic Council's Cyber 9/12 Strategy Challenge. This competition, which the Atlantic Council organized in partnership with Lockheed Martin, challenged teams of students to develop policy response recommendations for the US President. The scenario, a tabletop exercise with well-crafted ancillary material, presented the competing teams with an evolving situation designed to capture much of the ambiguity crises carry. Congratulations to the two winning teams and their coaches: NDU Team 3 of the US National Defense University won the Professional track, and the US Air Force Academy's team Delongrand took top honors in the Student track. And congratulations to the other participants as well. The ones we observed represented themselves and their home institutions with credit.
The exercise was for the most part conducted under Chatham House rules, and we'll honor the conventions of non-attribution by confining ourselves to general observations. It was striking how difficult the teams found it to acknowledge, and work under, conditions of uncertainty. The exercise materials intentionally left a great deal in doubt, and most of the teams tended in their recommendations to be more confident in their understanding of the evolving situation than the evidence warranted. The teams also tended to perceive connections among disparate events where in fact no such connection existed, and where nothing beyond. Simple correlation, similarity, coincidence, and so forth led many to conclude that the scenario painted a picture of a large-scale coordinated cyber attack by a hostile nation-state. One of the harder lessons to learn is skepticism about our tendency as humans to perceive noise as signal.
In the presentations themselves, some of the teams drifted away from considering their audience. A decision briefing is prepared for a particular decision-maker, and it's goal is to inform the decision, not to display the briefers' command of their material.
One other lesson was drawn by a student we had occasion to speak with: policy is a lot harder and more complex than technical people tend to think it is.
So another interesting exercise by the Atlantic Council, and, again, a very good and intelligent effort by all who competed.
By the CyberWire staff
Special counsel Robert Mueller closed his probe of Russian election meddling with a report to the US Attorney General Friday. Sunday afternoon Reuters tweeted that Attorney General Barr reported to Congress that the investigation found no knowing collusion between the Trump campaign and Russian actors. WIRED has a round-up of the report and reactions to it. The Attorney General's letter to the Senate and House Judiciary Committees summarized the investigation into Russian influence operations. Those operations followed two broad directions of attack: trolling from Russia's Internet Research Agency, and attacks on Democratic Party networks. The special counsel declined to make a recommendation on obstruction of justice, where evidence is complicated and indistinct, and the Attorney General sees nothing to warrant charges.
ISIS and its caliphate officially no longer controls any territory, the Military Times and others note. Its leader remains at large, as does much of its money, and more ISIS activity may be expected online.
The LockerGoga ransomware that afflicted Norsk Hydro has hit two US chemical companies, Motherboard reports.
On Friday the US Federal Emergency Management Agency (FEMA) acknowledged improperly disclosing disaster victims' personally identifiable information to an unauthorized third-party.
Ransomware motivated by fandom flares in the fight for the top rank in YouTube. It's between T-Series and (of course) PewDiePie. According to HackRead, Mr. Pie's adherents have been distributing PewDiePie ransomware (regarded as a poor copy of ShellLocker) and, more recently and dangerously, pewCrypt, both with a view to forcing victims to subscribe to Mr. Pie's channel.
Today's issue includes events affecting Australia, Canada, Chile, China, Colombia, European Union, Israel, Italy, Mexico, Russia, Saudi Arabia, Switzerland, Syria, United Arab Emirates, United Kingdom, United States, and Vietnam.
Global Threat Report: Year of the Next-Gen Cyberattack
Our Threat Analysis Unit researched the current state of cyberattacks across our customer base with our IR partners. See the results.
ON THE PODCAST
In today's podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee discusses their recent purchase of Next Defense and the subsequent open-sourcing of their tools. Our guest, Rohit Sethi from Security Compass, reviews the PCI security framework.
Cyber Security Summits: April 2nd in Denver and in Philadelphia on April 25th(Denver, Colorado, United States, April 2 - 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Dell, Oracle, Darktrace, Verizon and more. Passes are limited, secure yours today: www.CyberSummitUSA.com
Global Cyber Innovation Summit(Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.
DHS Warns Implanted Medical Devices Can Be Modified Wirelessly(Decipher) The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency warned in an advisory that cardio defibrillators from medical device company Medtronic can be modified while still implanted in patients. Without access control, the defibs can’t differentiate between authorized and unauthorized instructions.
Norsk Hydro's Ransomware Headache(GovInfo Security) The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and
Fake CDC Emails Warning of Flu Pandemic Push Ransomware(BleepingComputer) A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target's computer.
12 most dangerous emails you can get(Gadget Now) It’s the cold and inescapable truth that if you’re anyway connected to the Internet then you’re susceptible to cybercrime of one kind or the other. Surprisingly, email continues to be one of the most vulnerable mediums and people often fall prey to malicious links or malware. A research conducted by cybersecurity firm Barracuda Networks analysed over 3.6 lakh emails and found out 12 most common yet dangerous subject lines in emails received by people. So, if you find any of these 12 – from unknown sources – subject lines in your inbox, beware before opening them:
Security Patches, Mitigations, and Software Updates
Timeline of Cyber Incidents Targeting Financial Institutions(Carnegie Endowment for International Peace) Since 2016, there have been growing concerns about cybersecurity risks to the financial system prompting the G20 finance ministers and central bank governors to warn in March 2017 that “the malicious use of Information and Communication Technologies could . . . undermine security and confidence and endanger financial stability.”
Cloud in the Crosshairs(NETSCOUT) When the Worldwide Infrastructure Security Report (WISR) was launched 14 years ago, 10 GBPS attacks made headlines and took networks down.
State of the Digital Workplace(Igloo Software) Igloo report highlights opportunities for employers to embrace a workforce ready for next-gen tools For the second year, Igloo set out to determine the state of the digital workplace in companies large and small, across all industries. In this report, we outline opportunities for business leaders to improve communication, collaboration, and information sharing — recommendations that directly reflect the pain points the modern workforce is still experiencing.The 2019 State of the Digital Workplace Report
Where did social media go wrong?(TechCrunch) For most of my life, the Internet, particularly its social media — BBSes, Usenet, LiveJournal, blogosphere, even MySpace, early Twitter and Facebook — consistently made people happier. But roughly 5 years ago it began to consistently make people more miserable. What changed? I posted th…
HyperQube launches 'cyber range as a service'(Technical.ly DC) The 2017 Mach37 cybersecurity accelerator graduate company allows enterprises to create virtual test environments to see how their IT infrastructures can hold up against cyber attacks.
Descartes, Kharon partner on sanctions risk intelligence(Compliance Week) Software as a service (SaaS) solutions provider Descartes Systems Group announced that it has integrated research company Kharon’s sanctions ownership data with its denied party screening solutions to help organizations ensure they are not conducting business with entities that are majority-owned by individuals or companies under the Department of the Treasury’s Office of Foreign Assets Control (OFAC) regulations.
Kudelski Security inks blockchain security partnership with Hosho(Telecompaper) Kudelski Security, the cyber security division of the Kudelski Group, has announced a strategic partnership with Hosho, a global leader in blockchain security and smart contract auditing, to extend the capabilities of Kudelski Security’s recently launched Blockchain Security Center (BSC).
CYBERSECURITY: How 5G high-speed America jolts grid security(E&E News) Call it a choice between "Black Panther" and blackouts in the rollout of super-fast 5G internet technology. America's tech titans are lined up against electric utilities in a noisy fight for control of wireless spectrum that power companies say is critical for communications if a natural disaster darkens a city or hackers breach the grid.
Traveler Verification Service for Simplified Travel(US Customs and Border Protection) U.S. Customs and Border Protection (CBP) is changing the face of travel with its cloud-based facial biometric matching service that enables safe, secure and fast identity verification.
DHS preps launch of Cyber Talent Management System(FedScoop) The Department of Homeland Security requested $11.4 million in fiscal 2020 to fund the launch of a personnel system for hiring cybersecurity talent. First detailed in the administration’s reorganization plan last summer, the Cyber Talent Management System is described as an “agile and innovative personnel system” that better equips DHS to “compete for cyber talent with …
Norwich and Leahy announce $7.3M for grants to advance cybersecurity programs(Vermont Business Magazine) Norwich University President Richard W Schneider and Senator Patrick Leahy, (D-Vermont) announced on Thursday, March 21, the award of three major contracts totaling approximately $7.3 million that continue Leahy’s long-standing support of cybersecurity education programs and research at Norwich University.
Chile, Colombia sign cybersecurity MOU(BNamericas) BNamericas is the business intelligence tool for Latin America with data, news, analysis and events to identify job opportunities, projects, companies and contacts
Entering the age of hack back(The Independent Online) When the debris settles after special counsel Robert Mueller completes his investigation into Russian hacking of the 2016 presidential election, America will still be left with the underlying
Cyber security: be safe – and that’s an order(Utility Week) Operators of essential services are under a legal obligation to protect themselves from cyber attack, but some utilities are sleepwalking into non-compliance, as Rachel Willcox reports.
AG March 24 2019 Letter to House and Senate Judiciary Committees(Attorney General Barr) Dear Chairman Graham, Chairman Nadler, Ranking Member Feinstein, and Ranking Member Collins: As a supplement to the notification provided on Friday, March 22, 2019, I am writing today to advise you of the principal conclusions reached by Special Counsel Robert S. Mueller III and to inform you about the status of my initial review of the report he has prepared.
How internet mercenaries battle for authoritarian governments(LiveMint) The Saudi government’s reliance on a firm from Israel offers a glimpse of a new age of digital warfare governed by few rules.The US laws governing this new age of digital warfare are murky, outdated, and ill-equipped to address rapid technological advances
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
KNOW 2019(Las Vegas, Nevada, USA, March 24 - 27, 2019) The Future of Trust starts at KNOW 2019, the definitive event focused on the data economy. From Facebook and Equifax to GDPR, identity data is at the forefront of cybersecurity and regulation. KNOW is...
Cyber Security for Critical Assets Summit(Houston, Texas, USA, March 26 - 28, 2019) The Cyber Security for Critical Assets Summit unites 250+ senior IT & OT security professionals to elucidate the most advanced cybersecurity information, debate policies and guidelines, and collaborate...
SecureWorld Boston(Boston, Massachussetts, USA, March 27 - 28, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...
Symposium on Securing the IoT(San Francisco, California, USA, March 27 - 29, 2019) Want to share your passion and knowledge for Securing the 25 Billion devices connected to the Internet? Topics currently being selected for tracks include: Authenticating Blockchain, Secure Medical & Healthcare,...
Women in CyberSecurity (WiCyS) Conference(Pittsburgh, Pennsylvania, USA, March 28 - 30, 2019) The WiCyS Conference brings together women in cybersecurity from academia, research, government, and industry to share knowledge, experience, networking, and mentoring. The event's goal is to broaden participation...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.