Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
October 31, 2019.
By the CyberWire staff
Reports of a cyber incident at India's Kudankulam Nuclear Power Plant have been confirmed. Reuters quotes a statement from the Nuclear Power Corp of India Ltd. acknowledging that it had found malware on a computer connected to administrative systems, but that control systems were unaffected. Varioussources say the malware was DTrack, an information-stealer associated with North Korea's Lazarus Group. DTrack has recently affected Indian financial and research institutions.
Facebook yesterday announced that it had taken down thirty-five accounts, fifty-three Pages, seven Groups and five Instagram accounts for coordinated inauthenticity. All originated in Russia, and have been connected to Russian oligarch Yevgeniy Prigozhin ("Putin's chef"). Their messaging focused on Africa, specifically on Madagascar, the Central African Republic, Mozambique, the Democratic Republic of the Congo, the Ivory Coast, and Cameroon. The campaigns' objective was election influence, generally aligned with Russian regional objectives.
Ars Technica reports that Facebook has cancelled accounts belonging to NSO Group personnel. The action follows Facebook subsidiary WhatsApp's lawsuit against NSO Group.
Twitter has decided that it won't try to fact-check or police paid political content. The social medium will simply no longer accept political ads. The exclusion affects ads for candidates and issues, but not voter registration drives.
In the US, NIST has asked for comments on proposed cryptographic standards.
Credit rating company Moody's made a presentation at EnergyTech 2019 on the credit and financial implications of cyber risk. Control Global welcomed Moody's perspective as providing those responsible for control system security "a key to the boardroom."
Today's issue includes events affecting Australia, Cameroon, Central African Republic, China, Democratic Republic of the Congo, Côte d’Ivoire, Egypt, Georgia, India, Iran, Israel, Kenya, Democratic Peoples Republic of Korea, Madagascar, Montenegro, Mozambique, Russia, Spain, United States.
Bring your own context.
People are accustomed to thinking of risk as something readily quantifiable, and quantifiable in a deterministic way: find all the possible outputs and assign them probabilities. But is this possible?
"And that leads us into, really, the concepts of uncertainty, where we can - we know some of the possible outcomes, but we just don't know all of the possible outcomes. And therefore, it becomes much more complicated to have a quantitative-based system to understand where all the probabilities of all the different outcomes happen. And so for me, this is really important when we start to talk about things like systemic risk within systems. So systemic risk is this concept that there is an underlying big problem that could actually change the way that people behave. But that assumes that, one, we can identify all the possible outcomes and assign probabilities, and two, that we know the whole system. My point here in thinking is that we can't know all the possible outcomes so we have to start thinking about systemic uncertainty."
—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 10.29.19.
Many, maybe most, decisions about risk are necessarily decisions taken under conditions of uncertainty.
According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.
And Hacking Humans is up. In this episode, "Don't dismiss the fraudsters," Dave describes a credential gathering scam targeting users of the Stripe online payment system. Joe responds to an email message from his boss, and learns a valuable lesson. Our catch of the day follows someone as they string along a text messaging scammer. Carole Theriault returns with an interview with J. Bennett of Signifyd, and AI firm fighting romance scams.
IMAGINE, A MISI salon-style bespoke dinner event(Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.
Cyber Security Summits: November 6 in Boston and November 21 in Houston(Boston, Massachusetts, United States, November 6, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today: www.CyberSummitUSA.com
NXTWORK 2019(Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.
World's First Domain Registrar Network Solutions Discloses Breach(BleepingComputer) World's first domain registrar Network Solutions disclosed a security breach that happened in late August 2019, and allowed a third-party to infiltrate some of the company's computing systems without authorization and potentially access some customers' personally identifiable information (PII).
Finally, a key to the Boardroom for control system cyber security – Moody’s steps up(Control Global) It is critically important for the safety and reliability of our infrastructures that credit rating agencies such as Moody’s consider control system cyber security in their risk ratings assessments. For that, there needs to be control system metrics for evaluating technology and people. Based on history, Moody’s (and other credit rating agencies) participation may be the only way to get senior management to take appropriate actions to address control system cyber security, and thus, reduce enterprise risk.
Deepfakes and the New Disinformation War(Foreign Affairs) Thanks to the rise of “deepfakes”—highly realistic and difficult-to-detect digital manipulations of audio or video—it is becoming easier than ever to portray someone saying or doing something he or she never said or did, with potentially disastrous consequences for politics.
Twitter to Ban Political Ads(Wall Street Journal) Twitter is banning political advertising from its platform, a move that comes as social-media firms have faced scrutiny over promoting messages that potentially contain false or misleading information.
Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline(The Aspen Institute) Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline Date: 10/30/2019 By: John Carlin Chair, Cyber & Technology Program, The Aspen Institute For the past four years, the Director of National Intelligence has named cyber threats to critical infrastructure as the top national security concern. Attacks on Atlanta, Baltimore, Louisiana, Florida, Texas show how, …
Products, Services, and Solutions
Address Persistent Threats Faster: Huntress Introduces Assisted Remediation(West) Huntress Labs, a provider of managed breach detection for Managed Service Providers (MSPs), SMBs and enterprises, today announced Assisted Remediation, a new product feature that automates execution of targeted remediation actions. Assisted Remediation enables the Huntress agent to automatically perform remediation recommendations that previously required manual response by an IT administrator
NIST Seeking Comments on Cryptography Changes(MeriTalk) The National Institute of Standards and Technology (NIST) is looking to update the techniques used to generate digital signatures under FIPS 186-5 and is seeking public comment, as noted in an upcoming Federal Register post.
If You Want Cybersecurity, Prepare For Cybercrime(Forbes) The probability of cybercrime committed against any business is high; the impact can be devasting, and the response is complicated. Every business, big or small, needs to have a cyber breach strategy, and it needs to practice it.
How Bitcoin And Blockchain Technology Evolved(Avast) Read why veteran cybersecurity blogger Byron Acohido believes public blockchains are in a nascent stage, approximately where the internet was in the 1990s, but headed in a very different direction.
Air Force Cyber launches 12N12 effort(Intelligence Community News) Leaders from the 16th Air Force, Air Force Cyber, recently launched an initiative called 12N12 to streamline its cyber weapon systems tools. Launched on July 1, 12N12 aims to replace, reduce and co…
Kenya urges cyberspace innovators to emulate Chinese innovation(News Ghana) A Kenyan official on Wednesday called on Kenyan cyberspace innovators to embrace the concept of Chinese inventiveness to help come up with products suitable for the local market. Ababu Namwamba, chief administrative secretary in the ministry of foreign affairs, said Chinese innovators create products that are suitable to the local…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
AdvaMed Cybersecurity Summit(Arlington, Virginia, USA, November 6, 2019) The AdvaMed Cybersecurity Summit brings together experts across the device security spectrum. Experts will provide in-depth and timely updates on the state of medical device cybersecurity, including issues...
Chicago Suburbs Cybersecurity Conference(Chicago, Illinois, USA, November 6, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Showcase(Washington, DC, USA, November 6 - 7, 2019) SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. Each year, SINET evaluates...
Health Data Stewardship & Privacy Summit(Arlington, Virginia, USA, November 7, 2019) AdvaMed’s inaugural Health Data Stewardship & Privacy Summit will bring together leading experts and health care industry stakeholders to explore the current data privacy landscape and forecast what may...
ACSC 2019: Collaborate(Boston, Massachusetts, USA, November 7, 2019) The 2019 Annual Conference is a chance for ACSC members and people from the New England cybersecurity community to come together and share information, network, and learn about the latest information in...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.