skip navigation

More signal. Less noise.

MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.

Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.

Daily briefing.

According to the Japan Times, Mitsubishi Electric has disclosed that Chinese actors hit the company with a "massive" cyber attack last year. In addition to personal information on some eight-thousand individuals, attackers may have obtained "email exchanges with the Defense Ministry and Nuclear Regulation Authority, as well as documents related to projects with firms including utilities, railways, automakers and other firms."

Cisco's Talos unit has described "JhoneRAT," a remote access Trojan currently active against Arabic-speaking targets in Saudi Arabia, Iraq, Egypt, Libya, Algeria, Morocco, Tunisia, Oman, Yemen, Syria, UAE, Kuwait, Bahrain and Lebanon. It's custom code, not a commodity attack tool, and its use seems part of an espionage campaign.

An Internet Explorer vulnerability is being exploited in the wild, but Microsoft won't be able to patch until February, TechCrunch reports.

CISA Director Krebs is quoted in Fifth Domain to the effect that the threat of a retaliatory Iranian cyberattack was diminishing over time, but the US Federal Deposit Insurance Corporation has warned the more than five-thousand banks and financial services institutions it supervises that they should be on heightened alert for cyberattacks.

While Iran may not, as the Verdict argues, rush into attacks on US infrastructure, it's nonetheless worth reviewing Iranian capabilities. APTs 33 (Elfin), 34 (OilRig), 35 (Charming Kitten), and 39 all have well-established track records, and, as IntSights explains in this context, there's also an active hacktivist community more-or-less aligned with Tehran's goals.

Thinking of filing a claim in the Equifax breach settlement? The deadline is tomorrow.

Notes.

Today's issue includes events affecting Algeria, Bahrain, Belgium, Canada, China, Egypt, European Union, France, Germany, Greece, Iran, Iraq, Ireland, Israel, Kuwait, Lebanon, Libya, Morocco, Oman, Russia, Saudi Arabia, Sweden, Switzerland, Syria, Tunisia, Turkey, Tunisia, Turkey, United Arab Emirates, United Kingdom, United States, and Yemen.

Bring your own context.

"Trusted advisers" can represent a portfolio of service providers and can help businesses with risk mitigation. What organizations might use such services?

"You've seen what's happened with the ransomware. It's been in the news a lot, especially in local municipalities and state and federal government. But that's also happening quite a bit in companies as well. And when they lose access to their data, to their intellectual property, to all the things that give them what they need to go out and do business, you can imagine, you know, that you're really putting that company at risk. So definitely small and medium businesses will benefit from having access to these service providers."

—Ron Hayman, chief cloud officer and COO at AVANT, on the CyberWire Daily Podcast, 1.16.20.

Risk can be mitigated in various ways, and organizations might need help tailored to their specific mission and situation.

And the CyberWire Pro will be here soon.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Investigating China’s Disinformation Campaigns

Cyber influence campaigns have plagued countries across the globe in the past few years, with foreign policy objectives, economic goals, and public opinion caught in the crossfire. LookingGlass researchers have tracked over 2000 People’s Republic of China-related influence operators on Twitter to better understand the current landscape. In our next webinar, Tom Creedon will explore these findings to gain an understanding of operator account patterns and targets. Save your seat for February 6 at 1pm ET.

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan tells the story of a random encounter that set him on his professional path. Carole Theriault speaks with Jon Fielding from Apricorn on whether or not anything has really changed with GDPR, 18 months into the EU's data privacy regime.

And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. In this episode, "The Physical and the Digital of Open Source Intelligence," they hear from Nico Dekens, also known as the “Dutch OSINT Guy," who discusses gathering OSINT and explains how individuals can do a better job protecting themselves online.

CyberTech Tel Aviv (Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/

Cyber Security Summits: February 5 in Atlanta and on March 20 in Tampa (Atlanta, Georgia, United States, February 5, 2020) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, IBM Security, Google and more. Register with promo code cyberwire20 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Cyber wars between Greece and Turkey after Turkish hackers claim responsibility for attacks on Greek government sites (NEOS KOSMOS) Turkish hackers last week claimed responsibility for cyber attacks on Greek government sites, including those of the Greek National Intelligence Services (EYP), Greek Parliament, the Greek Ministry of Foreign Affairs …

Greek embassies and consulates face major headache after Turkish cyber-attack (Greek City Times) Following the cyber attack on Greek government websites last Friday, many key websites such as the Ministry of Foreign Affairs are still ‘down’ leading to major headaches for both citizens and the government.

Turk Telekom says internet access restored after cyber attack (Reuters) Turk Telekom has restored internet access after a cyber attack caused connectivi...

Acting DHS secretary says he expects Russia to attempt to interfere in 2020 elections (TheHill) Acting Homeland Security Secretary Chad Wolf said Friday that his agency “fully expects” Russia to attempt to interfere in U.S. elections in 2020.

Don't assume Iran will be behind the next big cyber attack (TheHill) America’s other enemies may use this latest flare up as an opportunity to launch false flag cyberattacks.

Top DHS cyber official says Iran would’ve hit back in cyberspace by now (Fifth Domain) The top cybersecurity official at the Department of Homeland Security said that if Iranian cyber actors were to attack the United States in retaliation for a drone strike that killed an Iranian general Jan. 2, it would have already happened.

FDIC Issues Cyberattack Warning to U.S. Banks (MSSP Alert) Federal Deposit Insurance Corporation (FDIC) issues cyberattack warning letter to all FDIC-supervised institutions -- spanning roughly 5,400 U.S. banks & financial services firms.

Why Iran won’t rush a cyber response against the US (Verdict) The spectre of an Iranian cyberattack has loomed large but failed to materialise. Here's why Iran won't rush a cyber response against the US.

US-Iran tension highlights local infrastructure weaknesses (East Greenwich Pendulum) Institutions throughout Rhode Island worked in tandem with the Department of Homeland Security following increased tensions between the United States and Iran which included a threat by a member of

Iranian Offensive Cyber Attack Capabilities – Analysis (Eurasia Review) By Catherine A. Theohary* Threat Evolution Iran’s use of cyberspace has evolved from an internal means of information control and repression to more aggressive attacks on foreign targets. The regim…

Threat Brief: Iranian Cyber Warfare (IntSights) Now is the time to assess whether your organization is a likely target of Iranian state-sponsored cyber operations, and determine if your team is ready and trained to respond.

JhoneRAT Is A New Malware Stealing Data From Arabic-Speaking Nations (TechDator) JhoneRAT, as described by the discoverer Cisco's Talos Intelligence Group, is just another data stealer through its infectious malware.

Thousands of Chinese Students’ Data Exposed on Internet (Wall Street Journal) A Chinese facial-recognition database with information on thousands of children was stored with no protection on the internet, a researcher discovered, raising questions about school surveillance and cybersecurity in China.

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices (ZDNet) The list was shared by the operator of a DDoS booter service.

Alert (AA20-020A) Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP (CISA) On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781. Citrix expects to release updates for other vulnerable versions of Citrix ADC, Gateway, and SD-WAN WANOP appliances through January 24, 2020. (See Mitigations for update schedule)

A hacker is patching Citrix servers to maintain exclusive access (ZDNet) FireEye believes this is a bad guy hoarding Citrix servers, rather than a good-guy vigilante looking out for organizations.

Hackers Are Securing Citrix Servers, Backdoor Them for Access (BleepingComputer) An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access.

Microsoft warns about Internet Explorer zero-day, but no patch yet (ZDNet) IE zero-day connected to last week's Firefox zero-day.

No fix until February for Internet Explorer zero-day being actively exploited in targeted attacks (Computing) Internet Explorer vulnerability found in the scripting engine that handles objects in memory

Hackers are exploiting a bug in Internet Explorer, but no immediate fix (TechCrunch) Microsoft is "aware of limited targeted attacks," but a patch is not yet available.

This giant botnet has just sprung back to life pushing a big phishing campaign (ZDNet) Researchers identify a new Emotet campaign that is distributing phishing emails - and malware - to targets across the globe.

FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw (BleepingComputer) FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers.

Mitsubishi Electric data likely compromised in massive cyberattack blamed on Chinese group (The Japan Times) Highly sensitive information on defense, electricity or other infrastructure operations, however, was not breached, the company said.

Mitsubishi Electric reports cyber-attack (NHK WORLD) Mitsubishi Electric says it suffered a cyber-attack last year that may have compromised personal and corporate data. The company is engaged in businesses ranging from household appliances to communications, space and defense.

Facebook blocks start-up's 'brainwashing' tech (BBC News) Social network orders the Spinner to stop targeting its users with "disguised" ads.

Facebook and Instagram ban alleged ‘brainwashing’ service (Naked Security) The Spinner personalises “subconscious influencing” for a specific target.

EFS Ransomware (Safebreach Labs) Ransomware is a serious threat to individuals, SOHOs/SMBs and large enterprises. Consequently, many security solutions are now available, which attempt to address the ransomware threat. In this blog post we describe EFS-based ransomware (ransomware which abuses the Windows Encrypting File System), which is a new concept we developed in Safebreach Labs.

Android Beauty Camera Apps are Found to be Stealing Data from Their Users (TechDator) New research tells the beautification apps from both Playstore and Appstore are apparently growing with data-stealing codes.

New Nest Video Extortion Scam Plays Out Like a Spy Game (BleepingComputer) A new sextortion scam that breaks the typical mold has been detected at the beginning of the year. Fraudsters preying on the insecurity of connected devices used footage from Nest cameras, and led victims through a convoluted path of email accounts and web sites before making their ransom price known.

A popular new sextortion scam tricks victims into thinking they are being recorded on their Nest cameras (CNBC) Fears over the misuse of internet connected cameras like those made by Nest and Ring has combined with the powerful and simple email scam known as "sextortion."

Regus suffers staff data breach via third party (SC Magazine) Serviced offices and co-working space provider Regus has suffered a data breach that saw job performance data on more than 900 employees of Regus owner IWG published online.

Health Quest data breach revealed Social Security numbers, payment card information (The Poughkeepsie Journal) Patients with Health Quest may have received letters informing them of a data breach containing their information.

Morial Convention Center victim of latest ransomware attack (Fox 8) It is not believed that any sensitive employee data was compromised.

PAL warns against 'phishing site' luring public 'to win plane tickets' (ABS-CBN News) Philippine Airlines warned the public on Friday against a phishing site that it said is circulating a 'fake advertisement' supposedly offering a chance to win plane tickets.

Scam Alert: "Expiring License" Scam Tricks Microsoft Windows Users (Better Business Bureau) Scammers use Microsoft's announcement about the end of Windows 7 support to confuse Windows users into paying to update their “expiring license."

Colonie's computer system down after cyber attack (Times Union) The Town of Colonie’s computer system was down Friday due to a cyber...

Revealed: betting firms use schools data on 28m children (Sunday Times) Betting companies have been given access to an educational database containing names, ages and addresses of 28 million children and students in one of the biggest breaches of government data. They...

Gardaí warn of phone phishing scam targeting Cork people (Echo Live) GARDAÍ have issued a warning in Cork regarding an ongoing phishing scam.

City of Pensacola: Personal information possibly compromised during cyber attack (WEAR) The City of Pensacola says they cannot determine with certainty that personal information has not been compromised in the cyberattack they faced in December in a recent update. The city says the personal information that may have been obtained by the hackers includes individuals’ first and last names, social security number, driver license number or other identification number, bank account number credit card number, or debit card number. WEAR.

Pensacola residents receive 'nondescript' letters regarding data breach (WEAR) A Pensacola man recently received a letter he had been waiting for -- but when he first picked it up, he had no idea. "It looks like a piece of commercial junk," he said. "It said 'auto sort' and it's from an address in Atlanta. There's no identifying characteristic."

New Jersey Synagogue Suffers Sodinokibi Ransomware Attack (BleepingComputer) Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network.

LastPass is in the midst of a major outage (ZDNet) LastPass issue appears to impact users with accounts dating back to 2014 and earlier.

Technical glitch prevents several LastPass users from accessing accounts (Computing) Nothing to see here, LastPass claims on Twitter

Travelex continues to insist that no customer data was compromised in new video update from CEO (Computing) Customer-facing systems are being restored, says Travelex CEO Tony D'Souza, 18 days after the ransomware attack broke out

December cyber attack costs New Orleans $7 million, so far (HOTforSecurity) A ransomware attack targeting the city of New Orleans has inflicted $7 million in losses so far, with more to be incurred in coming months, Mayor Latoya Cantrell said in a recent update. At 5 a.m. on December 13, New Orleans was becoming the latest victim... #louisiana #ransomware #ransomwareattack

Update on cyber-attack at Picanol (Innovation in Textiles) Following the large-scale ransomware attack of Monday 13 January 2020 textile machinery manufacturer Picanol issued the following statement this afternoon

Minister’s phone confession raises eyebrows (SWI swissinfo.ch) Defence Minister Viola Amherd has told SRF she usually uses her iPhone rather than the encrypted phone given to cabinet ministers.

Council Post: The Dangers Of Using A VPN On Home Computers For Work And What To Do Instead (Forbes) Some of the decisions by IT and security professionals are innovative, secure and even cutting-edge, while others are downright cringe-worthy and laden with potential risk.

Vulnerability Summary for the Week of January 13, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.  

Security Patches, Mitigations, and Software Updates

Microsoft releases critical Windows 10 security update – which doesn’t work (TechRadar) Another fail – and this time it’s serious

Citrix Patches ADC Bug as Attacker Hoards Access (Infosecurity Magazine) NotRobin backdoor spotted compromising exposed deployments

Citrix speeds up patches for exploited Netscaler vulnerability (iTnews) First fixes released.

Cyber Trends

Confidence in SD-WAN Shaken by Digital Transformation, Finds Cato Networks IT Survey (Cato Networks) SD-WAN is set for strong growth in 2020 as buyers migrate from MPLS to a more agile and affordable alternative. Survey findings suggest focusing on SD-WAN for MPLS replacement and failing to fully consider digital transformation requirements undermines long-term SD-WAN satisfaction.

Nation-state hackers increasingly target organizations (TechRadar) Businesses in North America were most likely to report being targeted by nation-state hackers

Computer viruses causes $902 million in damage to Vietnamese users (Vie Nam News) Computer viruses caused estimated losses of VNĐ20.9 trillion (US$902 million) to Vietnamese users last year, much higher than the VNĐ14.9 trillion reported in 2018, reported Bkav Technology Group.

Is London the hacking capital of Europe? (SC Magazine) The UK is the European country most attacked by cyber-criminals and within the UK London is disproportionately the target, suffering as many breaches as several European countries combined.

Ireland ranked second in Europe for data breach notifications (The Irish Times) Over 160,000 notifications reported across European Economic Area since GDPR began

Marketplace

The status of ‘silent cyber’ in the insurance industry (Canadian Underwriter) Silent cyber has long been a thorn in the side of some insurers, and it doesn’t look like the issue will be resolved any time soon. Part of the issue is that the cyber market doesn’t exist to cater to…

Snyk Closes $150M to Deliver Developer-first Security that Enables Secure Digital Transformation (PR Newswire) Developer-first security company Snyk has secured a $150 million investment, led by Stripes, a leading New York-based growth equity firm. This...

Acquisition bolsters Kroll's cybersecurity capacity in Asia Pacific (Consultancy Asia) Risk advisory Kroll has bolstered its incident response capabilities in the Asia Pacific with the purchase of Singapore-based cyber-security firm RP Digital Security.

GCHQ to mentor 11 Manchester startups to improve cyber security in smart devices (Moose Gazette) GCHQ is sending its ‘spies’ to work with UK start-ups to help prevent gadgets becoming hackable.

Hospitals Give Tech Giants Access to Detailed Medical Records (Wall Street Journal) It isn’t only Google that can tap into patients’ digital health records: Microsoft and IBM also have signed agreements with major hospital systems giving them the ability to access patients’ identifiable data.

Huawei signs deal with TomTom for a Google Maps alternative (The Verge) Earlier reports said Huawei was building its own map platform

Huawei Moves To Dodge Google Ban Just As U.S. Fight Gets Personal (Forbes) As Huawei's battle with Washington intensifies, the Chinese giant takes aim at Google.

'We won't be uniting for myriad reasons' - Kaseya CEO on owner acquiring Veeam (CRN) Fred Voccola insists that private equity owner Insight’s recent purchase of Veeam will not affect Kaseya’s strategy

IBM Secures $1.1B Contract With Banco Sabadell (SDX Central) IBM this week scored a 10-year, $1.1 billion contract to help Banco Sabadell, Spain’s fourth-largest private bank, modernize its IT infrastructure, and migrate its applications to the cloud.

Arkose Labs is a Fraud Prevention Start-Up to Watch in 2020 After 400% Annual Growth (Yahoo) Arkose Labs, the platform that bankrupts the business model of fraud and abuse, begins the decade following a year of tremendous growth. Traffic on the Arkose Labs platform grew fivefold in 2019, with both new and existing customers increasing usage due to the solution’s success in protecting against

Akamai Will Have A Great Year (Seeking Alpha) Akamai will benefit from the summer Olympics and presidential election.

CEO Runs Her Cybersecurity Company From Sweet Home Chicago (Forbes) Ning Wang has traveled a long road to become CEO of Offensive Security, a company offering highly specialized training in cybersecurity for clients ranging from the U. S. Army to Amazon.

Booz Allen names new national security head (Washington Technology) Booz Allen Hamilton elevates a three-decade veteran of the firm to lead its national security business.

CYFIRMA Appoints Leadership Team to Prepare for Market Expansion (Economywatch) World, US, China, India Economy, Investment, Finance, Credit Cards

Zscaler elects David Schneider to its Board of Directors (Help Net Security) Zscaler, the leader in cloud security, announced that Zscaler stockholders elected David Schneider to its Board of Directors.

Controversial Israeli cyberattack firm NSO adds Lieberman ally to its arsenal (Haaretz) Sharon Shalom, a former chief of staff at the Defense Ministry under then Defense Minister Avigdor Lieberman, has joined Israeli cyber-surveillance and spyware company NSO, as an outside consultant dealing with global policy.

Products, Services, and Solutions

GlobalPlatform Brings IoT Security to Nuremberg with SE IoT Technical Workshop - GlobalPlatform (GlobalPlatform) The standard for secure digital services and devices

Don’t let imposters into your inbox (Sophos News) Email impersonation protection is now available in Sophos Email Advanced.

Keyfactor Announces DevOps Integrations to Address Identity and Access Management Security Risk (Yahoo!) New PKI-as-a-Service Orchestration Capabilities Support Threat Mitigation and DevSecOps Workflow Integration

Technologies, Techniques, and Standards

What happens when we unmask hackers? (NewsDio) Cyber ​​threat activity has become an increasingly common topic of discussion in the media and in society in general. Why is this? Due to public disclosures, they have helped shed light on an obscure part of the malware and piracy underworld on the Internet. But so far, little has been considered about the potential impact …

Iowa Democrats revamped their caucuses to fend off disinformation. Now some fear the changes could sow new confusion in tight 2020 race. (Washington Post) When Democrats here went to bed on the night of their first-in-the-nation caucuses four years ago, the bitterly fought contest between Hillary Clinton and the insurgent Sen. Bernie Sanders was too close to call. So an abrupt predawn notice from the state party declaring Clinton the winner sent some into a fury.

Opinion | We’re Banning Facial Recognition. We’re Missing the Point. (New York Times) The whole point of modern surveillance is to treat people differently, and facial recognition technologies are only a small part of that.

CAA launches aviation cyber-security assurance scheme (SC Magazine) UK's Civil Aviation Authority and accreditation body CREST announced the first list of companies to be accredited under its cyber-security oversight scheme ASSURE

£150m cybersecurity framework to go live next month (CRN) Cyber Security Services 3 replaces current framework

Phishing Is Getting More Sophisticated. Here's What to Look Out For (Inc.com) Experts weigh in on the best practices for combating the next wave of data breaches.

5 tips to avoid spear-phishing attacks (Naked Security) Our tips will help you boost your resistance to phishing, even when the crooks make a determined effort to reel you in.

How to recognize AI snake oil (CITP) Much of what’s being sold as “AI” today is snake oil — it does not and cannot work. Why is this happening? How can we recognize flawed AI claims and push back?

Design and Innovation

An Open Source Effort to Encrypt the Internet of Things (Wired) IoT is a security hellscape. One cryptography company has a plan to make it a little bit less so.

The Secretive Company That Might End Privacy as We Know It (New York Times) A little-known start-up helps law enforcement match photos of unknown people to their online images — and “might lead to a dystopian future or something,” a backer says.

Researchers Can Make AI Forget You (IEEE Spectrum) New methods make removing records from trained models more efficient

IoT Pushes Blockchain Toward a Tipping Point (RTInsights) Blockchain could serve as an automatic registry for ownership and maintenance status for devices and systems connected via IoT, validating state of repair.

Research and Development

Teen entered ‘dark rabbit hole of suicidal content’ online (Naked Security) Molly Russell’s grieving father has backed a psychiatrists’ report, saying that tech companies must be forced to hand over anonymized data.

Academia

Citadel to help train nation's future cyber warriors (The Times and Democrat) The Citadel, dedicated to training America’s cyber warriors, will harness a new $2.8 million National Science Foundation grant to create the state’s first CyberCorps Scholarship for Service program. It is

Legislation, Policy, and Regulation

Analysis | The Cybersecurity 202: Here’s the inside story of Cyber Command's campaign to hack ISIS (Washington Post) Newly declassified documents reveal internal roadblocks to conducting the secretive 2016 effort.

How a Military Cyber Operation to Disrupt Islamic State Spurred a Debate (Wall Street Journal) The rollout of a secret operation launched during the Obama administration was delayed by interagency disagreements, according to newly released government documents and former U.S. officials.

Top Secret documents show Cyber Command's growing pains in its mission against ISIS - CyberScoop (CyberScoop) U.S. government documents made public Tuesday show that while a U.S. Cyber Command operation that disrupted ISIS computer networks was largely successful, there were significant shortcomings, including operators having trouble collecting data, interagency deconfliction issues, difficulty vetting targets, and, in at least one case, a close call with the operation being discovered by the adversary.

Uniting the Cyber Domain Stakeholders (Small Wars Journal) The United States faces an organizational dilemma when it comes to the cyber domain, as the Department of Defense, Department of Homeland Security, Intelligence Community, and the private sector all are stakeholders in the domain and the security. Uniting the stakeholders under one security domain, specifically quantum encryption, would strengthen the United States cyber defense against their adversaries.

Why Iran would avoid a major cyberwar (Fifth Domain) What's in it for Iran to launch a massive cyber engagement against the free world? What can they win and what would their regime lose?

Worried about a cyberattack from Iran? Here’s how feds prepare (Fifth Domain) Fifth Domain asked former top cybersecurity professionals from top civilian government departments how they prepared for heightened cybersecurity risk. Here's what they said.

Asia Times | Cyber diplomacy in Iran’s government | Opinion (Asia Times) While victimized by cyberwarfare, the Rouhani government also uses the Internet to build international relationships

A Public Relations Disaster Overtakes Iran (Foreign Policy) With protests raging in the streets, the Islamic Republic finds itself on the defensive at home and overseas over its misrepresentations.

The cyberwar with Iran is already a decade old: So where does it go now? (TheHill) One factor that may serve as a disincentive to Iran to launch major cyberattacks against the United States is the fact that Iran is aware that the United States has already infiltrated the infrastructure of Iran.

Russia To Focus On Preventing Weaponization Of Cyberspace In 2020 - Foreign Minister Sergey Lavrov (UrduPoint) Russias security agenda for 2020 includes work on preventing arms race in space and weaponization of cyberspace, acting Foreign Minister Sergey Lavrov said Friday

EU industry chief dismisses fears strict security rules could delay 5G (Reuters) European industrial policy chief Thierry Breton dismissed claims that relying on...

EU Won’t Recommend Banning Huawei in Upcoming 5G Risk Rules (Bloomberg) Bloc to unveil 5G risk measures for EU states end of January. EU states have ultimate say to ban Huawei from networks.

Huawei's cheap 5G comes at an incalculable cost (The Telegraph) It is high time that the UK woke up and recognised what we are facing

Johnson will defy US and allow use of Huawei, says top security adviser (the Guardian) Chinese firm poised to help build UK’s 5G phone network despite warnings about spying

UK's BT, Vodafone May Seek PM Johnson's Support for Huawei: Sources (New York Times) Britain's BT and Vodafone are considering urging Prime Minister Boris Johnson not to risk the rollout of next generation mobile networks by banning China's Huawei [HWT.UL], sources said, confirming a Sky News report on Friday.

BT and Vodafone set to moan to PM about Huawei (Telecoms.com) The CEOs of BT, Philip Jansen, and Vodafone, Nick Read, are working on a letter they will sent to the UK Prime Minister, begging him not to ban Huawei.

BT and Vodafone 'support Huawei involvement' in UK 5G network (CityAM) BT and Vodafone are reportedly set to support Chinese telecoms firm Huawei's involvement in the UK's 5G network in a letter lobbying the Prime Minister

Wake up Britain – Huawei is a national threat (The Telegraph) Dear citizens of the UK,

Germany to wait until March for Huawei decision – report (Telecoms.com) German Chancellor Angela Merkel might ask German lawmakers to wait until the conclusion of the March EU Summit before making a Huawei decision, reports suggest.

Können wir chinesischen Smartphones vertrauen? (T-online.de) Huawei, Xiaomi, OnePlus: Die Smartphones aus China sind beliebt, denn sie sind hochwertig und günstig. Die US-Regierung wirft Huawei allerdings Spionage vor. Können Kunden die Smartphones bedenkenlos kaufen?

How Huawei Landed at the Center of Global Tech Tussle (Bloomberg via the Washington Post) China’s biggest tech firm, Huawei Technologies Co., has risen to global prominence as a leader in 5G, the much ballyhooed, next-generation wireless technology.

How just five companies came to dominate the world’s 5G networks (The Telegraph) How do you solve a problem like Huawei?

Fianna Fail to reprogram military for cyber-security (Times) Fianna Fail is to propose the creation of a cyber-command unit as part of a plan to modernise the Defence Forces, following similar moves by other EU states. The proposal, which is expected to be...

What Switzerland should consider when tracking cyber incidents (SWI swissinfo.ch) Swiss attorney Florian Roth offers perspective on what the Swiss legislator still needs to answer to track and respond to cyber incidents.

Google CEO Sunder Pichai calls for 'proportionate' regulation of artificial intelligence (Computing) There is no question in my mind that artificial intelligence needs to be regulated - Sundar Pichai

Why Google thinks we need to regulate AI (Silicon Valley Business Journal) Alphabet and Google CEO Sundar Pichai makes the case for the responsible development of artificial intelligence in an op-ed for the Financial Times.

New US Bill Wants to Assign State Cybersecurity Coordinators (BleepingComputer) Four U.S. Senators have introduced a bipartisan bill that will require the Department of Homeland Security (DHS) to appoint cybersecurity effort coordinators in every state to orchestrate cyberattack response and remediation efforts, and to improve coordination between federal, state, and local entities.

Litigation, Investigation, and Law Enforcement

European Regulators Target Big Tech Companies (Wall Street Journal) A new offensive that tackles both data and competition issues threatens some of Silicon Valley’s most successful business models.

GDPR: 160,000 data breaches reported already, so expect the big fines to follow (ZDNet) The number of breaches reported each day continues to rise - and the number of significant fines is soon to follow.

Europe's privacy overhaul has led to $126 million in fines — but regulators are just getting started (CNBC) The biggest penalty under GDPR to date was a fine of 50 million euros imposed on Google, according to law firm DLA Piper.

Extradition hearing of Meng Wanzhou, Huawei executive at the center of U.S.-Canada-China rift, to open in Vancouver (Washington Post) It’s been more than a year since Huawei “princess” Meng Wanzhou stepped off a Cathay Pacific flight in Vancouver and into the waiting arms of the Royal Canadian Mounted Police, detailed to arrest her on behalf of the United States.

Israeli surveillance software lawsuit goes behind closed doors (Gadget Now) A Tel Aviv District Court judge cited national security concerns when she banned the public and the media from court sessions, drawing quick condemnation from the campaign group.

Schiff says intelligence agency is withholding Ukraine documents from Congress (CNN via Erie News) By Devan Cole, CNN Lead impeachment manager Adam Schiff said Sunday that the National Security Agency is withholding from Congress documents pertaining to the

What Has Happened Since House Vote to Impeach (Wall Street Journal) As lawmakers wrangle over which documents and witnesses should appear in the Senate impeachment trial of President Trump, here’s what information has emerged in the last few weeks.

Sen. Morgan, cyber security expert, details Russian hacking of Burisma (Seacoastonline.com) State Sen. Jon Morgan has unique insight into the Ukrainian energy company at the center of the ongoing impeachment trial against

NH senator part of firm that uncovered Ukraine hack (UnionLeader.com) A New Hampshire state senator has a key role with the firm that last week revealed Russian military intelligence operatives hacked into the Ukrainian gas company at the heart of

Facebook is ordered to hand over data about thousands of apps that may have violated user privacy (Washington Post) A Massachusetts judge rejected the tech giant's earlier attempt to withhold the evidence from state officials investigating its privacy practices.

FBI unlocks iPhone 11 Pro Max using Graykey raising privacy concerns (HackRead) In the past, Apple has repeatedly refused to unlock the iPhone for the FBI pleasing its fan base with the notion that it indeed has no secret backdoor to your smartphone. Yet, this sadly did not mean that the iPhone was unhackable.

Does the F.B.I. Need Apple to Hack Into iPhones? (New York Times) There are tools to crack into the phones at the center of a new dispute over encryption. But the F.BI. says it still needs Apple’s aid.

Unlocking news: We decrypt those cryptic headlines about Scottish cops bypassing smartphone encryption (Register) New perspective on FBI, Interpol demands for backdoors

The FBI Wants To Treat Carter Page Warrant Mistakes Like Training Problems. A Court Adviser Says That's Not Enough. (Reason.com) The FBI's newly released plans to avoid mistakes when seeking permission to wiretap and surveil American citizens is insufficient, according

To catch a thief, go to Google with a geofence warrant – and it will give you all the details (Register) Investigators ask Chocolate Factory to help them connect the geographic dots

2G Allowed for Post-Paid Mobiles in Two Kashmir Districts but Only to Access 153 Websites (The Wire) The order allows people to have extremely limited access to the Internet over mobiles for the first time since August 5, 2019. Broadband internet remains banned.

Arrest of journalist and cyberspace laws (Daily Times) A jobless journalist and social media activist from Lahore has fallen prey to the Prevention of Electronic Crimes Act (PECA), 2016, which

Make-believe major in Swedish army echoes con trick of Friedrich Voigt (The Irish Times) Security breach of fraud’s rise through military reminds of 1906 Köpenick shoemaker

Reputable police video displays phone-unlocking Cellebrite pc in motion (Herald Cloud) Telephone encryption within the context of legislation enforcement has at all times been a testy topic, and simply weeks in the past, tensions rose additional as Apple it appears refused to liberate an suspect’s iPhones. It seems that, the FBI has sought different choices, akin to era advanced by means of Israeli company Cellebrite, which …

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Security for Critical Assets, MENA 2020 (Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...

SANS Cyber Threat Intelligence Summit (Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...

CPX 360 New Orleans (New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

CPX 360 Vienna (Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.