Cyber Attacks, Threats, and Vulnerabilities
North Korea back online: Was it the target of a cyberattack? (Los Angeles Times) North Korea experienced a major Internet outage on Tuesday, according to companies that monitor global networks, raising suspicion that the country may have been the target of a cyberattack
North Korea Goes Offline (Arbor Networks) It was reported earlier today that North Korea was having Internet connectivity issues
North Korean Web goes dark days after Obama pledges response to Sony hack (Washington Post) North Korea's fledgling Internet access went dark Monday, days after President Obama promised a "proportional response" to the nation's alleged hack of Sony Pictures Entertainment. The question of who pulled the plug immediately became the stuff of a global cyber-mystery
North Korea drops off the Internet in suspected DDoS attack (Ars Technica) Just a few gigabits per second seem to have taken the country offline
North Korea Experiencing Internet Outages, Raising Questions About US Retaliation (Dark Reading) Is it coincidence, or is a DDoS on North Korea's Internet infrastructure a "proportional response" by the US?
U.S. coy about North Korea Internet failure as retaliation speculation swirls (Washington Times) Obama last week vowed 'proportional' response to Sony hack that canceled 'The Interview'
Would a Cyberattack on North Korea Be Illegal? (Daily Beast) Someone knocked the Hermit Kingdom offline. If it was the United States, the operation will test the bounds of international law
DHS Releases Destover Wiper Malware Indicators of Compromise (Threatpost) US-CERT released a not-so-cryptic advisory this weekend providing enterprises with indicators of compromise and detailed descriptions of the malware used against "a major entertainment company," the Department of Homeland Security's description of Sony Pictures Entertainment
China Isn't Sure North Korea Hacked Sony, Nor Whether It Happened On China's Territory (Bustle) The U.S. government announced last week that the North Korea regime was behind the destructive cyber attack on Sony Pictures Entertainment, but one country still isn't convinced. On Monday, Chinese officials said there's not enough evidence that North Korea hacked Sony, disagreeing with the recent conclusion made by U.S. investigators. The Chinese government also refused to directly condemn the cyber attack on Sony, but did emphasize that China denounces any cyber breaches of national security
North Korea hacking accusations threaten to escalate cyber war between U.S. and China (Venture Beat) Chinese authorities condemned the concept of cyber attacks today but insisted there was no evidence that North Korea was behind the Sony hack
South Korea Divided on Response to North's Cyber Attack (Voice of America) In South Korea, there are voices of support for the idea that U.S. President Barack Obama might put North Korea back on the list of state sponsors of terrorism in response to the cyber attack on Sony Pictures Entertainment
Sony Hack Is Bad, But the Real Cyberwar Is All Around You (NBC News) Sony is reeling from the effects of its recent massive breach, in which hackers were able to penetrate the company's systems at a deep level — and make Hollywood insiders blush by releasing troves of internal data and private emails
Reacting to the Sony Hack (Schneier on Security) First we thought North Korea was behind the Sony cyberattacks. Then we thought it was a couple of hacker guys with an axe to grind. Now we think North Korea is behind it again, but the connection is still tenuous. There have been accusations of cyberterrorism, and even cyberwar. I've heard calls for us to strike back, with actual missiles and bombs. We're collectively pegging the hype meter, and the best thing we can do is calm down and take a deep breath
How to Explain the Sony Hack to Your Relatives (Gizmodo) The holidays are a time for eggnog and presents and bizarre credulous rituals involving an old elf-man and his pack of flying caribou. It's also a time to cuddle up by the hearth and begrudgingly explain the latest technology news to your relatives. This week's edition: The Sony hack
North Korea's Finest Hour (Politico) After 60 years of trying to be taken seriously, the strangest regime on earth finally succeeds
North Korea and cyberterrorists won big in Sony hack, researcher says (Ars Technica) If DPRK was really behind the Sony hack, "proportional response" is pointless
Why the U.S. Can't Punish North Korea (Atlantic) The FBI formally accused the isolated country of the Sony hack, but the White House is basically powerless to do anything to respond
Sony vs. North Korea: Send in the Clowns? (War on the Rocks) The Kim regime running North Korea is a brutally oppressive dictatorship that routinely commits mind-boggling atrocities against its own people. Thanks to its policy of punishing dissidents — as well as their extended families for several generations — an estimated 80,000-120,000 North Koreans suffer horrific human rights abuses in the Kim regime's gulags. Innocents are routinely beaten. Tortured. Made to eat vermin and grass to survive. It is difficult to comprehend the heartbreaking scope and scale of these abuses; they are "without parallel" in the 21st century. And, of course, as if all this wasn't disturbing enough, the Kim regime is proceeding "full steam ahead" on its nuclear weapons program, which threatens to destabilize the Asia-Pacific region. The dictatorship in North Korea is odious indeed
Obama Could Stifle North Korea's Shakedown of Sony (Breitbart) The American people now have a censor — North Korean dictator Kim Jong Un — and they can thank President Obama's failure to defend their rights to free speech and privacy
Obama Is Wrong: The Sony Hack Is Not 'Cybervandalism' (Foreign Policy) Why the United States needs a broad, new strategy to prepare for — and defend against — the next generation of online warfare
How The Hack Attack on Sony Is An Act of War (CCTV America) BVS Cyber Security Expert and CEO, Scott Schober, visits CCTV America to discuss how the North Korean hacker attacks on Sony are an act of war against the US
How Obama Took Sony's Crisis From Bad to Worse (Variety) If there are such a thing as textbooks in the field of crisis management, the Sony Pictures hack might end up in the chapter labeled "Worst Case Scenario"
Sony Hack Shows U.S. Gov't and Business Disconnect (Bloomberg) Bloomberg's Jonathan Allen reports on the disconnect between Sony and the White House in the wake of Sony's hack attack
Should Sony Pictures have pulled 'Interview' movie? (Palm Beach Post) In the last month, Sony Pictures has been subject to an increasingly common form of cyberterrorism. Computer hackers broke into the company's computer system and released sensitive business and personal information. Tens of millions of these files were stolen and have appeared on file-sharing Web sites around the world. The attacks, which U.S. authorities have determined originated in North Korea, have sent the entertainment conglomerate reeling
Robert J. Samuelson: Sony attack alerts America to cyber warfare threat (Billings Gazette) We have just witnessed the first major incident of cyberblackmail or cyberterrorism. Sony capitulated. This cannot be good, but it obscures a more unsettling message: Our digital dependence exposes us to catastrophic failures of basic services
North Korea, Iran, Syria — asymmetric cyberwar is here to stay (Computerworld via CSO) Until last week very few beyond a handful of security titles, a few cybersecurity vendors and the middle pages of the New York Times paid much attention to the growing issue of small nations with big cyber-ambitions
Sony Hack: Three Lessons Learned for Corporations (Bloomberg) Peter Singer, author of "Cybersecurity and Cyberwar," and senior fellow at New America Foundation, discusses the hacking attack on Sony Pictures related to the film "The Interview," and the three most important lessons companies can learn from the situation
The sad ironies of the Sony affair (David Strom's Web Informant) I have been spending time studying up on what actually happened at Sony over the past month. There has been a tremendous amount of inaccurate reporting, and a dearth of factual information. Let's try to set that record a bit straighter. From where I sit, the attack and the activity about the movie were two separate events and were probably caused by at least two separate entities. Assigning blame across both of them to the same actor is ludicrous
South Korean nuclear operator hacked amid cyber-attack fears (Guardian) Operator begins two-day exercise after suspected hacker tweets information on KHNP plants and its staff
Forget the Sony hack, this could be the biggest cyber attack yet (Quartz) On Friday, the FBI officially named North Korea as the party responsible for a cyber attack and email theft against Sony Pictures. The Sony hack saw many studio executives' sensitive and embarrassing emails leaked online. The hackers threatened to attack theaters on the opening day of the offending film, "The Interview," and Sony pulled the plug on the movie, effectively censoring a major Hollywood studio
Cluster of Tor servers taken down in unexplained outage (Ars Technica) Brief, unexplained shutdown (not seizure) follows warning of plans targeting Tor's directory service
Chinese Malware Found Targeting Visitors on Afghan Govt. Websites. (HackRead) All eyes are now open on the possible future wars and their tactics since 2014 has made public several cyber-attacks on both governmental and private entities
Christmas in October: a Nugget of Malware Reuse for the Holiday Season (Cyactive) The creators of Red October have returned with Cloud Atlas, a new variant of their malware, which reuses a number of major components from both RO and other malware
App "Component" Downloads Apps Onto Devices (TrendLabs Security Intelligence Blog) We often talk about the security risks when dealing with third-party app stores. Previous research has shown that third-party app stores are often a hotbed of malware, specifically, malicious versions of popular apps. Aside from malicious apps, we are now seeing a marked increase of "downloader apps" in these stores, whose primary function is to download other apps that may lead to security risks for mobile users
Exploits for dangerous network time protocol vulnerabilities can compromise systems (IDG via CSO) Remote code execution vulnerabilities in the standard implementation of the network time protocol (NTP) can be exploited by attackers to compromise servers, embedded devices and even critical infrastructure systems that run UNIX-like operating systems
Cybercrime group steals millions from Russian banks, targets US and European retailers (IDG via CSO) A sophisticated group of cybercriminals has stolen over $25 million by hacking into the infrastructure of numerous financial institutions in Russia and former Soviet Union countries, as well as into point-of-sale systems belonging to U.S. and European retailers
JPMorgan data breach entry point identified: NYT (Reuters via Yahoo! Tech) A computer breach at JPMorgan Chase & Co earlier this year could have been avoided if the bank had installed a simple security fix to an overlooked server in its network, the New York Times reported, citing people briefed on investigations
Staples says 1.16M cards affected during data breach (CSO) Data suggests the attackers were compromising cards for more than six months
Madonna turns to the sneakernet after album leak (Ars Technica) After her next album gets leaked, Madonna's team gets serious about security
oCERT Releases Advisory for Unpatched UnZip Vulnerability (US-CERT) The Open Source Computer Security Incident Response Team (oCERT) has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file
Meet the bots that made half the web's traffic in 2014 (Quartz) Bots, those software programs that automate web activity, accounted for 56% of Internet traffic in 2014, according to content delivery platform Incapsula. (This was actually down from 61.5% of traffic in 2013)
Security Patches, Mitigations, and Software Updates
Apple's First Automatic Security Update Protects Your Mac In the Background (TechCrunch) Apple has pushed its first ever automatic security fix for OS X, with a new update signed to thwart a vulnerability associated with the use of the network time protocol that allows your Mac to automatically sync its clocks. The update had already installed for me when I woke up this morning, with a notification letting me know what was up, but required no intervention on my part and also ran without having to restart my Mac
Snapchat apps on Windows Phone yanked over the weekend (Ars Technica) The unofficial disappearing photos apps have themselves disappeared
Cyber Trends
"Bare Minimum" Not Enough To Stop Hacktivists: An Interview with Dan Holden (Hacksurfer) Hacktivism has played a big role in the cyber threatscape this year. Anonymous, Lizard Squad and others have made headlines on an almost weekly basis for their hacktivist attacks
Will 2015 be the year of risk-based security? (Help Net Security) As 2014 comes to a close, many of us are beginning to look ahead at the expected trends for the coming year. For those of us in cybersecurity who are at the forefront of protecting organizations from an increasingly dynamic threat landscape and the harsh realities of cybercrime, placing big bets and declaring predictions regarding what we will see in 2015 has become both sport and tradition
2014: The year cyber danger doubled (GovTech) Cybersecurity stories were more popular than ever in 2014, with the word 'cyber' showing up in front of topics ranging from security to shopping scams to global online attacks. But no matter how we rename, reclassify or reanalyze the data in cyberspace, it is clear that the dollars spent, problems encountered and attention given cyber has virtually doubled in 2014
The Future of Privacy (Pew Research Internet Project) The terms of citizenship and social life are rapidly changing in the digital age. No issue highlights this any better than privacy, always a fluid and context-situated concept and more so now as the boundary between being private and being public is shifting. "We have seen the emergence of publicy as the default modality, with privacy declining," wrote Stowe Boyd, the lead researcher for GigaOm Research in his response in this study. "In order to 'exist' online, you have to publish things to be shared, and that has to be done in open, public spaces." If not, people have a lesser chance to enrich friendships, find or grow communities, learn new things, and act as economic agents online
Marketplace
Thank you Sony! Cybersecurity stocks soar (CNN via Gant Daily) The massive Sony hack may have killed "The Interview," but it's breathing new life into cybersecurity stocks
Sony Hack Ignites Cybersecurity Market, But Human Element Remains Weak Link (International Business Times) Following hacks that crippled Sony Pictures and caused numerous other high-profile data breaches in 2014, cybersecurity has caught the attention of Wall Street. With companies and government agencies looking to secure their computer networks more tightly than ever, stocks of antivirus and network-protection specialists are hot. But even the most sophisticated software can't stop an employee from clicking on a legit-looking email link that opens their corporate data to the world
FireEye (FEYE) Stock Continues to Climb Today Following Deal With Sony (TheStreet) FireEye (FEYE) shares are up 0.36% to $33.18 in trading on Monday after Sony (SNE) announced that it was hiring the cyber security firm to clean up the mess left by its high profile hack last week
Jim Cramer: Palo Alto Networks Is the 'Gold Standard' of Cyber Security (TheStreet) Shares of Palo Alto Networks (PANW) are up Monday after Piper Jaffray raised its price target to $150 from $130. In these times of security breaches, Palo Alto is the "gold standard" of cyber security, TheStreet's Jim Cramer said on CNBC's "Mad Dash" segment
Teradata Corporation (NYSE:TDC) Announces Increase in Repurchase Plan (Street Report) Teradata Corporation (NYSE:TDC) announced that its Board of Directors has authorized an additional $300M for share repurchases under its general open market share repurchase program. The company now has approximately $450M available under this program as a result of the increased share repurchase authorization
How to stop hackers once they're in: CyberArk CEO (CNBC) The innovative project, in cooperation with the Check Point Software Technologies, will build a mechanism to detect and identify cyber-attacks on the Foreign Ministry's missions throughout the world
Sony Seeking More Cybersecurity Staff Amid Hack Fallout (Wall Street Journal) Sony 6758.TO +0.94% Corporation of America, whose film studio is recovering from a crippling hack, is seeking to hire cybersecurity managers to handle the political fallout from hack attacks and assess vulnerabilities. Filling those roles could be challenging given the cybersecurity talent shortage, say tech experts
FBI campaigning to hire skilled technical employees over the next month (Ars Technica) A concerted effort to bring scientists and engineers into the fold ends Jan 20
New site to bolster cybersecurity community, workforce (Federal Times) The U.S. Cyber Challenge has partnered with Monster.com to build a community of cybersecurity professionals and verified talent pool that government and private sector employers can tap to fill positions in this critical field
Cybertalent on the Cheap (Internet Storm Center) I recently attended an information security meetup and one of the main topics was building up security resources on a state/local government budget. This is not an easy task, but is something many people are facing
Products, Services, and Solutions
Security firm IOActive to expand Vehicle Security Service program (SC Magazine) Known for its hardware, software and wetware security services, IOActive has announced that it will be expanding its automotive security testing practice
Sony Hack Underscores the Need for Practical Email Protections — Virtru Makes Email Encryption Easy, Affordable and Available to Everyone (Marketwired) The Sony Pictures Entertainment hack and email leak is a cautionary tale for any business or individual with high-value intellectual property or company secrets to protect. The now historic security breach highlights the inherent vulnerabilities of email communication and how an email hack can cost a company more than its reputation. Early estimates predict losses of hundreds of millions resulting from the leak of personal and employee information, business plans, unreleased movies and other confidential and proprietary studio information. Had Sony adequately invested in data security and deployed an end-to-end email encryption service like Virtru, it's likely much of the fallout from this data breach could have been prevented
Procserve partners with CenturyLink to meet government requirements (Computer Weekly) Established in 2006 to underpin the UK government's e-commerce strategy, Procserve's secure network has carried more than £2bn worth of transactions and is used by more than 17,000 buyers and 32,000 suppliers
Technologies, Techniques, and Standards
Attributing Cyber Attacks (Journal of Strategic Studies) Who did it? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either solvable or not solvable, and as dependent mainly on the available forensic evidence. But is it? Is this a productive understanding of attribution?
Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (NIST Special Publication 800-53A Revision 4) This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations
Former Home Depot Managers Depict 'C-Level' Security Before the Hack (Macroinsider) House Depot's (HD) in-store payment system wasn't set up to encrypt customers' credit- and debit-card data, a gap in its defenses that gave potential hackers a wider window to exploit, according to interviews with former members of the retailer's
Mitigate cyber attacks with crisis management (Tech Republic) Businesses go through crises, that's just the way it is. Researcher explains the importance of differentiating between a regular crisis and a cyber crisis
Understanding & Detecting Backoff POS Malware (RSA: Speaking of Security) Point of Sale (POS) malware has had its share of headlines this year. Now with the holiday shopping season underway POS systems will certainly be an enticing target for hackers to explore due to the payoff of thousands of fresh credit card numbers that will be run through these devices
2 keys to enhancing DOD's new risk framework (Defense Systems) In mid-November, the Government Accountability Office and Veterans Affairs Department Inspector General testified before the House Veterans Affairs Committee regarding the deficiencies in the VA's cybersecurity program… One of the main concerns included in the report was the over-utilization of systems that were issued a temporary authority to operate (ATO), a formal declaration that a solution has passed the certification and accreditation (C&A) process
3 tips for a quieter Christmas than Sony (Naked Security) Sony got breached. Data was leaked; lawyers' letters were written; a movie was withdrawn; lawsuits were announced
Design and Innovation
MFA and Cyber Bureau launch Cyber Defense Project (Yeshiva World) The innovative project, in cooperation with the Check Point Software Technologies, will build a mechanism to detect and identify cyber-attacks on the Foreign Ministry's missions throughout the world
BlackBerry and Boeing Team Up to Offer Self-Destructing Spy Phone (Bloomberg) Boeing Co. (BA) is teaming up with BlackBerry Ltd. (BBRY) on a secretive, self-destructing smartphone developed for use by U.S. defense and homeland security employees and contractors
Research and Development
Mathematicians Make a Major Discovery About Prime Numbers (Quanta via Wired) In May 2013, the mathematician Yitang Zhang launched what has proven to be a banner year and a half for the study of prime numbers, those numbers that aren't divisible by any smaller number except 1. Zhang, of the University of New Hampshire, showed for the first time that even though primes get increasingly rare as you go further out along the number line, you will never stop finding pairs of primes that are a bounded distance apart — within 70 million, he proved
Mathematicians have finally figured out how to tell correlation from causation (Quartz) Untangling cause and effect can be devilishly difficult
Academia
Ever-increasing cyberattacks prompt new cybersecurity degree programs (Catholic News Service via Catholic Sentinel) The year 2014 has seen jaw-dropping news of banks, businesses and governments reporting organized cyberattacks and breached data networks compromising millions of private data files, financial accounts and consumer information
Legislation, Policy, and Regulation
S. Korean military to set up cyber operations team (Korea Herald) The South Korean military plans to establish a new team in charge of cyber operations under the Joint Chiefs of Staff (JCS) as part of efforts to boost its cyber warfare capabilities, officers said Tuesday
China and U.S. grapple over red lines for cyberattacks (E&E News) Tucked away on a commercial street in the Pudong district of China's most populous city is a plain beige building with a dark history
Why no one understands what cyber war actually is (Cyberwarzone) Here we go again, the hack on Sony has been titled an "cyber war attack" by various news outlets and the government is now claiming that it was an act of cyber vandalism and not an cyber war attack. Euhmm, ok. Awesome — that really helped us forward. Guys how many times does it need to be repeated, we clearly see the "war" in "cyber war", now let's take a look at the definition of war
Sony hack points to NSA's conflicting roles (San Jose Mercury News) Sony Pictures made a mistake in pulling the satire "The Interview" from movie theaters. But rather than look for help from China to solve the problem, President Obama needs to look inward, at his own federal government, to address the broader security issues underlying this and other damaging hacking, whether foreign or domestic
Cyber Command investment ensures hackers targeting U.S. face retribution (Washington Times) Pentagon budget documents detail growing military commitment to cyberwarfare
Obama Administration Aims to Create 'Insider Threat' Job Specialty to Plug Leaks (Nextgov) A New Year's goal of the federal office responsible for averting employee leaks is to make a career out of catching so-called insider threats
Litigation, Investigation, and Law Enforcement
GCHQ warns serious criminals have been lost in wake of Edward Snowden leaks (Telegraph) Surveillance by GCHQ on other crime lords has also not gone ahead after Snowden exposed their methods
Cybersecurity and the Risks of Law Enforcement Back Doors (Reg Blog) Software, networking, and other technology providers are beginning to see stronger system security measures as a real benefit to their users. In fact, some companies, like Apple, Google, and Yahoo, are aiming to provide such strong security on user data that no one but the user can ever access the user's information. Law enforcement agencies in the United States have reacted negatively to plans for producing such strong security, insisting that companies must at least provide "back doors" to law enforcement to access user information. Law enforcement specifically wants to require companies to build their products' encryption and other security systems so that companies could "unlock" the data for law enforcement by using, as one editorial board unfortunately put it, a "secure golden key they would retain and use only when a court has approved a search warrant"
What Is Wrong With 'Legal Malware'? (Forbes) Can malware, malicious by definition, ever be a good thing? Surprisingly, there are law enforcement agencies that would answer yes. There are a growing number of hacking techniques involving malware deployed by governments around the world. Effectively they are using criminal tools, which they claim is a legitimate means to the ultimate, legitimate end — fighting crime, even going so far as deeming their use legal. I disagree. And I think it is a worrying trend generally — one that needs to be nipped in the bud
Thailand's Government Claims It Can Monitor The Country's 30M Line Users (TechCrunch) Government officials in Thailand last year demanded access to chat app Line so that they could monitor conversations taking place in the country, and this week a politician claimed that they can now do so
Watchdog: Secret Service refused to hand over cybersecurity data (The Hill) The Secret Service refused to hand over mandatory data on its computer security systems to the Department of Homeland Security (DHS) during fiscal 2014, a new watchdog report finds
Israel charges eight Palestinians over Facebook incitement (Al Arabiya) Eight Palestinians from annexed east Jerusalem were indicted on Monday for inciting anti-Jewish violence and supporting ?terror? in postings on Facebook, a justice ministry spokeswoman said
Google: Hollywood Is 'Trying to Secretly Censor the Internet' (National Journal) Leaked emails reveal movie studios have been encouraging state officials to go after Google as part of a fight against online piracy
Edu-apps may be STALKING YOUR KIDS, feds warn (Register) Vendors scolded over possible privacy violations