Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
September 9, 2019.
News from the 10th Annual Billington CyberSecurity Summit
We have some further notes from last week's Billington CyberSecurity Summit linked below. The conference's call to action was heavily answered by US Federal organizations who seem to have devoted some thought to interagency cooperation (particularly between the Departments of Defense and Homeland Security). And they're also devoting a great deal of time and attention to securing the 2020 elections. It would appear that, whatever Congress does or doesn't do in the way of election security legislation, the Executive agencies have found more than enough authorities and intelligence to get to work on the challenge.
We'll conclude our coverage of the Summit in tomorrow's issue.
By the CyberWire staff
Over the weekend Wikipedia sustained a cyberattack that took it offline in several countries. Computing calls the outage the result of a large distributed denial-of-service attack affecting Europe and the Middle East. The Wikimedia Foundation said Saturday that “'bad faith' actors" of the sort it tends to attract were responsible. Wikipedia's working to restore normal operations.
The North American Electric Reliability Corporation (NERC, an industry group) has released a report on the 5 March 2019 incident that affected the US power grid. According to E&E News, this cyberattack generated the first formal report of a "cyber incident" from the utilities to the Department of Energy. NERC's report of lessons learned downplays the severity of the attack as affecting a "low-impact control center," and it cites a basic lapse in cyber hygiene (failure to patch a firewall) as the enabling cause. (Control Global harrumphs in NERC's direction that there've been plenty of others.) Coincidentally or not, the Wall Street Journal observes that the Federal Energy Regulatory Commission (FERC, a US Government regulatory body) is considering revising its rules to include public identification of electric utilities that fail to follow rules designed to ensure the grid's physical and cyber security.
CyberScoop reports that Symantec thinks a recently discovered Chinese government hacking group, "Thrip," may actually be another manifestation of the long-active "Billbug" (or "LotusBlossom") unit.
Axios speculates that US Cyber Command is trolling Pyongyang by releasing samples of DPRK malware on September 9th, North Korea's Day of the Foundation of the Republic.
Today's issue includes events affecting Australia, China, Germany, India, Indonesia, Ireland, Democratic Peoples Republic of Korea, Malaysia, New Zealand, Philippines, Russia, Turkmenistan, United Kingdom, United States, and Vietnam.
Bring your own context.
Consideration of data breaches prompts reflections about attack surfaces. How do you handle these things if you're responsible for an enterprise's security?
"It is very, very difficult. They have to be everywhere all the time. They have to be looking at technology. They have to be looking at their software. They have to be looking at their people. But add to that this important concept that you have to have these standards that you're enforcing. You have to know how you can get your third parties to enforce them as well, your sub - your contractors. Everybody who is in your greater-business ecosystem has to be considered part of what many in the industry call an attack surface."
—Dov Goldman, director of risk and compliance at Panorays, on the CyberWire Daily Podcast, 9.5.19.
(And "third-party" probably includes "fourth-, fifth-, etc.- parties."
Conduct secure and anonymous research on the open and dark web.
If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.
Cyber Security Summits: September 17 in Charlotte and October 3 in NYC(Charlotte, North Carolina, United States, September 17, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com
Second Annual DataTribe Challenge(Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge.
Could this cyber partnership help national security?(Fifth Domain) The Cybersecurity and Infrastructure Security Agency's director sees an opportunity in partnering with the new Cybersecurity Directorate at the National Security Agency to defend critical US infrastructure.
Critical Windows Warning Gets Real As Wormable Exploit Weaponized(Forbes) If you've ignored repeated warnings from Microsoft, the U.S. Government and the National Security Agency (NSA) to update Windows or face a security threat on a par with WannaCry, now's the time to take action. A weaponized wormable exploit has just been released into the wild.
Kaspersky claims to have found malware in digital college textbooks(Notebookcheck) The online security company Kaspersky has reported the presence of dangerous programs in the digital versions of educational content for university students. These essays and texts were found to contain malware of varying severity and virulence. Some were described as capable of infecting whole networks from a single student's PC.
Hong Kong exchange suffers cyber attack(Finextra) The chief executive of the Hong Kong Stock Exchange (HKEx) has conceded that the trading venue was subject to a series of cyber attacks this week but has insisted that an outage which brought derivatives trading to a halt was related to a software bug and not a hacker.
Ransomware Poses Tough Choices For State, Local Gov'ts(Law360) This year, more than 70 state and local governments have been targeted by ransomware attacks. Despite a flood of legislation aimed at the problem, many state and local government information technology leaders still lack the funding and cybersecurity talent they need, says Korey Clark of State Net Capitol Journal.
Update on Texas Local Government Ransomware Attack(Texas Department of Information Resources) Our mission is to provide technology leadership, technology solutions, and value to our customers in Texas state government, education, and local government entities. The services we provide focus on excellence in quality of service, responsiveness, innovation, professionalism, and teamwork. We operate in an open, ethical, efficient, and accountable manner with high regards to our customers.
Google Calendar Spam Got You Down? A Fix Is on The Way(BleepingComputer) Google is working on a solution to stop spammers from abusing a Google Calendar feature designed to automatically add event invitations to its users' calendars after receiving countless reports about spam events over the last few months.
Alternate Cybersecurity Futures(Atlantic Council) Read the Publication (PDF) While cyberspace continues to enable tremendous commercial, humanitarian, and national security opportunities, it also breeds an expanded threat landscape of massive complexity. As innovation and new vulnerabilities...
Singapore’s SecureAge eyes US market(ComputerWeekly.com) The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan
Jigsaw Academy launches India's First offensive Cyber-security Programme(ANI) Bengaluru (Karnataka) [India] Sept 06 (ANI/NewsVoir): Jigsaw Academy, a pioneer in emerging technologies and data science training, has signed a Memorandum of Understanding (MoU) with HackerU, one of the world's leading cyber security Training companies from Israel, to launch India's first 'Offensive' Cyber-security Certification Programme.
FIME adds EMV® 3DS services to new digital test platform(FIME) FIME’s EMV®* 3-D Secure (3DS) test platform and laboratory have been qualified by EMVCo for ACS component testing, protocol 2.1. The combination of an automated test platform and the expertise of FIME 3DS experts brings agility and efficiency for payment solution providers (PSPs), EMV 3DS vendors and banks while ensuring the compliance of new authentication implementations. With the platform, they can accelerate the testing and certification of their 3DS ACS solutions according to the EMV® 3-D Secure Specification.
Identity and Access Management: Preventing a Cyber Attack(EC-Council Official Blog) Digital identity is a significant component of any organization’s digital strategy. It ensures the delivery and security of systems, data, and applications. On the contrary, Identity and Access Management (IAM) is a framework designed for various business policies, processes, and technologies to manage digital identities. IAM framework enables IT managers to control user access to... Read More
Tests Show That Voice Assistants Still Lack Critical Intelligence(Forbes) Increasingly, devices we interact with have an audio conversational interface instead of buttons or screens to type or click. The dawn of the conversational computing age is here. However, are these devices intelligent enough to handle the wide range of queries that humans are asking?
Saudi college, BAE sign cybersecurity agreement (Arab News) Prince Mohammed bin Salman College for Cybersecurity, Artificial Intelligence and Advanced Technologies has signed a memorandum of understanding with British aerospace and technical sciences company BAE Systems. Dr. Abdullah Al-Dahlawi, the dean of the college, explained that this strategic partnership with the world’s third-largest company for space, defense and security industries aims to activate training and technical cooperation between the college and the company.
Exclusive: US extracted top spy from inside Russia in 2017 (CNN) In a previously undisclosed secret mission in 2017, the United States successfully extracted from Russia one of its highest-level covert sources inside the Russian government, multiple Trump administration officials with direct knowledge told CNN.
In the Race to Dominate 5G, China Sprints Ahead(Wall Street Journal) The super-fast wireless technology 5G is expected to revolutionize everything from driving to surgery, and everybody wants to be first. Beijing is using its authoritarian power to clear obstacles on the ground.
DHS looks to upgrade flagging info sharing program(FCW) A top cyber official at the Department of Homeland Security said the underutilized Automated Indicator Sharing program will be getting a facelift to improve quality and facilitate more complex defensive actions.
Don’t Hack Back: Call The FBI & They’ll Call NSA(Breaking Defense) “The average time it takes to discover a data breach is about six months,” said Hickey, a deputy assistant attorney general at the Justice Department specializing in cybersecurity and China. By the time you realize you’ve been hacked, it’s too late to “hack back" and shut down your attacker.
Police: Man steals identity to buy iPhones(KTSM 9 News) A man who stole someone else’s identity in order to get two iPhones and Verizon phone service is being sought by Crime Stoppers of El Paso. The suspect walked in…
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Global Security Exchange (GSX)(Chicago, Illinois, USA, September 8 - 12, 2019) Global Security Exchange (GSX) is the only event that brings together security professionals from all vertical markets throughout the world to network, learn, and re-invest in the industry. It’s home for...
Insider Threat Symposium & Expo(Laurel, Mayland, USA, September 10, 2019) The National Insider Threat Special Interest Group's event is for anyone involved in Insider Threat Program (ITP) Management / Insider Threat Mitigation. Speakers will come from the White House, Missile...
Atlanta Cybersecurity Conference(Atlanta, Georgia, USA, September 12, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...
SINET Canada(Toronto, Ontario, Canada, September 12, 2019) SINET Canada's theme this year is "accelerating innovation clusters." The conference follows SINET's proven approach: a rich yet intimate conference where participants from industry and government can...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.