Cyber Attacks, Threats, and Vulnerabilities
Sony and Microsoft video games hit by outages (Financial Times) Sony and Microsoft were struggling to respond to an apparent cyber attack on their video games networks over Christmas, leaving millions of customers unable to play games and access entertainment
Hackers took down Xbox Live and PlayStation Network on Christmas morning (Quartz) It's a Christmas tragedy for video game-lovers
Hackers Take Credit For PlayStation Network And Xbox Live Outages On Christmas (TechCrunch) Gamers who received new consoles for Christmas might find themselves unable to connect and play with friends, thanks to a coordinated attack by hackers who claim to have taken down the two largest gaming networks. On what might be the biggest gaming day of the year, a hacker group called Lizard Squad is claiming responsibility for taking down both Xbox Live and PlayStation Network
This is Lizard Squad, the nebulous hacker group now tied to the Sony hack (Christian Science Monitor: Passcode) Best known among gamers, Lizard Squad is both despised and revered for their seemingly random assaults on the video game world. They've claimed attacks on Call of Duty, Xbox, Sony Playstation, and now are being linked to the Sony Pictures hack
Four-star spymaster behind North Korean hacking; Sony's 'The Interview' available online (Washington Times) U.S. intelligence agencies have identified the military officer orchestrating North Korea's state-sponsored hacking attacks, such as the one on Sony Pictures Entertainment. He is Gen. Kim Yong-chol, director of the espionage and clandestine operations service known as the Reconnaissance General Bureau, or RGB
Russian hackers may be behind cyberattack on Sony, say analysts (The Times via the Australian) Security experts are voicing doubts that North Korea was behind the sensational cyberattack on Sony Pictures as new analysis suggests that messages sent by the hackers were composed by native Russian speakers
Taia Global Linguists Establish Nationality of Sony Hackers as Russian, not Korean (Taia Global) In the wake of the Sony(TYO: 6758; NYSE: SNE) attack, and the U.S. government's pronouncement of responsibility for the attack on the government of North Korea, Taia Global linguists conducted a preliminary scientific analysis on 20 Sony hacker messages using Native Language identification and L1 Interference analysis
The FBI Got it Wrong? Cyber Experts Say Sony "Nuked from the Inside" (Sputnik) Cybersecurity firm Norse has done its own independent investigation of the Sony hacks and determined that the FBI's accusations against North Korea could be incorrect. The company joins a chorus of other security experts who doubt the U.S. government's findings
Who hacked Sony becomes Internet's new mystery (AP via the Daily Record) Everyone has a theory about who really hacked Sony Pictures Entertainment Inc
North Korea blamed for internet attack on Sony Pictures: better cyber armour now a must (Canberra Times via the Sydney Morning Herald) We do not know who in the executive ranks of Sony Pictures Entertainment agreed to produce and distribute The Interview
A cyber conflict with North Korea is 'dangerous uncharted territory' (CNN) The United States and North Korea have long found themselves locked in a bitter cycle of escalating and deescalating tensions but the current cyber conflict may be especially hard to predict
The Sony Hack and the Rise of Cyber Ransoms (Bloomberg) Just three days before cyber-attackers crippled Sony Pictures, the hackers sent an e-mail to executives Michael Lynton and Amy Pascal that said they would do great damage to the company if they weren't paid off
The media's Sony cyberwar rhetoric means the terrorists win (ZDNet) The Sony Pictures Entertainment hack is certainly a custard duck of fabulous proportions, but it ain't no cyberwar — and the media should know this by now
FBI Warned Year Ago of Impending Malware Attacks — but Didn't Share Info with Sony (Intercept) Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm's reputation, or even spell the end of the company entirely. The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack. But the FBI never sent Sony the report
Sizing Up Cyber Risks after the Sony Breach (JD Supra) Sony's most recent data breach underscores the difficulties in underwriting and insuring cyber risk. Sony incurred losses that were surprising in both their scope and type. The company already is a defendant in at least four new lawsuits concerning the disclosure of employees' confidential information. In addition to potential liability, Sony suffered substantial first-party losses that may be difficult to quantify, including forensic costs, reputational injury, and business interruption losses
South Korea Says Nuclear Reactors Safe After Cyber-attacks (AFP) South Korea on Thursday ruled out the possibility that a recent string of cyber-attacks on its nuclear power operator could cause a malfunction at any of the country's 23 atomic reactors
Tony Abbott warns terrorism chatter has increased and attack remains 'likely' (Guardian) Prime minister says Australians should be on alert, but celebrate the festive season as normal
Who hacked a cluster of Tor servers in the Netherlands? (Security Affairs) A cluster of Tor servers suffered an unexplained outage just after the warning of the Tor project. Only certainty is someone physically accessed servers
Rackspace restored after DDOS takes out DNS (Register) 11-hour incident blocked traffic from reaching rackspace.com and some subdomains
SoakSoak Malware Campaign Evolves (Threatpost) The attackers behind the SoakSoak malware campaign are continuing to modify their tactics and have infected a new group of Web sites. The Javascript code that the attackers target with the malware has also changed
Torrentlocker Holds User Data for Bitcoin Ransmom — but only a Fraction of Victims Pay (Inside Bitcoins) The ransomware known as TorrentLocker is taking email boxes by storm. The vicious software locks a computer's data down and only after paying a ransom is the information released back to the user
Is Your SSL Traffic Hiding Attacks? (Venafi) Encrypted traffic is growing fast and becoming mainstream. According to Gartner, SSL traffic comprises 15-25% of the total web traffic, making it a significant percentage. The use of SSL varies by industry, but often helps to securely transmit sensitive or confidential information
Hacking the Internet of Things: Beware of the Toasters (Tripwire: the State of Security) In previous posts, we've discussed using refrigerators as literal bombs launched by catapults and fridges used as bots to execute denial-of-service attacks against hapless networks. But now, all that is small potatoes when you think about the rapid push towards the creation of the Internet of Things
Security Patches, Mitigations, and Software Updates
HP's Zero Day Initiative Changes Bug-Buying Guidelines (Threatpost) HP's Zero Day Initiative has decided to adjust its guidelines and criteria or buying some vulnerabilities in the future, eliminating some large classes of bugs from its menu
Cyber Trends
Sony cyberattack is seminal moment in hacking: CEO (CNBC) The cyberattack on Sony that exposed sensitive internal communications and coerced theater chains to drop one of the company's films represents a seminal moment in the advancement of hacking, a cybersecurity executive told CNBC on Wednesday. While the attack was not technologically sophisticated, its success may embolden other cyber criminals to follow suit, George Kurtz, CEO of Crowdstrike said in a "Squawk on the Street" interview
Crisis consultant warns of more cyber attacks on business (Fox News) The devastating cyber attack on Sony Pictures may just be a preview of things to come, according to the crisis management firm Preparis
2015 Could Be the Year of the Hospital Hack (MIT Technology Review) Health-care organizations often store medical records and other information insecurely
Last Minute Cybersecurity Predictions for 2015 (Network World) My quick list of things to look for next year
Marketplace
Public Relations & Damage Control in the Aftermath of the Sony Hack (Business Insider) The entertainment world was completely shocked by the amount of information leaked in the recent Sony Industries hack. Sony was targeted by hackers in protest of the film "The Interview". In this comedy, journalists are instructed to assassinate North Korea's Leader, Kim Jong-un, after booking an interview with him. Loads of sensitive financial, personal and artistic information were leaked in this surprise attack, which has put a dent in Sony's reputation
How Investors Can Profit From the Growing Cyber Security Industry (TheStreet) The rampant data breaches throughout the past year have spelled nothing but bad news for major corporations and millions of American consumers
Israeli Cybersecurity Stocks Boosted By Attack Fears (Investor's Business Daily) Israeli cybersecurity companies are getting a boost from their government's efforts to protect the country from attacks
Why we believe Akamai is fairly valued (Trefis Team via Forbes) Akamai had a stellar 2014 and its stock price is up over 30% year to date. The company reported strong numbers for the third quarter and displayed growth across all its reported business segments and geographies. This growth is likely to continue and will be driven by the secular trends of more business being conducted online, increased online content and traffic, content providers striving to improve the experience of their users and the increased demand for faster and safer content delivery. We believe that Akamai is fairly valued and our price estimate for Akamai stands at $61.70. This price estimate is based on our expectation that the company can increase its revenue by 1.9x from an expected $2.0 billion in 2014 to $3.8 billion by the end of our forecast period. We expect the company to accomplish this by growing its customer base by 1.25x during the same time frame, with the remaining growth coming from an increase in its average revenue per customer
MACH37 Cyber Accelerator Launches 17 New Cyber Security Startups (PRWeb) New accelerator countering cyber attacks by growing new companies, creating new innovation ecosystem
ForeScout Inducted Into SC Magazine Industry Innovators Hall of Fame (Nasdaq) ForeScout Technologies, Inc., the leading provider of continuous monitoring and mitigation solutions for Global 2000 enterprises and government organizations, today announced that it has been named to the SC Magazine 2014 Industry Innovators Hall of Fame for ForeScout's CounterACT™ appliance. Inductees to the Industry Innovators Hall of Fame must demonstrate technology and business innovation, staying power and market success, and they must also be selected by SC Magazine as a Best Buy for three consecutive years
Products, Services, and Solutions
Best security options (CNET) Find the best security software for you
Kaspersky Lab Launches Cyber Threat Logbook Project (VAR Guy) Kaspersky Lab recently launched its interactive targeted cyberattacks logbook project to help users understand the correlations and relationships between major targeted attacks. The project is expected to give users additional insight into some of the most infamous cyberattacks on record so they can protect themselves from future attacks
ESET announces updated two-factor authentication application (FirstPost) ESET has launched the latest version of ESET Secure Authentication which provides the potent combination of ultra-secure access to online applications, while introducing ease of installation and support
Are you using the most secure and private web browser? (Computerworld) Aviator web browser, created by a WhiteHat Security, is setup to maximize privacy and security safeguards by default. Simply download OS X or Windows versions and then start surfing in private, protected mode without being tracked. You are not a product being sold in exchange for this free software
BitSight Bits: How to Prove that Security Ratings Work (BitSight) During last month's FS-ISAC webinar, Home Depot, the SEC and Increasing Board Oversight: Why Metrics Matter More and More, BitSight CTO and Co-Founder Stephen Boyer answered questions from attendees about why using IT security metrics is more important than ever before. He also performed a live demo of BitSight Security Ratings to show how to prove that security ratings work
Technologies, Techniques, and Standards
Incident Response at Sony (Internet Storm Center) For those of you who are not aware; Sony currently has a job posting for a Manager of Incident Response. Where I come from they refer to that as "closing the barn door after the horse has got out". They do need to start somewhere and all in all it sounds like a cool job for an experienced Incident Handler. They do mention SANS certifications. Of course they do put SANS certifications on the same level as CISSP and CISM, but it is a step
What's an Asset? (RSA: Speaking of Security) Ask a security professional for his or her job description, and you're likely to get an answer along the lines of, "Protecting the company's assets from being stolen or compromised"
Why Digital Forensics In Incident Response Matter More Now (Dark Reading) By understanding what happened, when, how, and why, security teams can prevent similar breaches from occurring in the future
How to avoid a malware wipe-out (IT-Online) Malware development has reached a new threat level with the emergence of destructive "wiper" worms, such as that used in the attack against Sony Pictures. Doros Hadjizenonos, Check Point South Africa sales manager looks at how firms can defend themselves
Design and Innovation
6 aging protocols that could cripple the Internet (IT World) From BGP to SSL, several Internet protocols are no match for today's malicious hackers — and should be replaced
IBM supports biometrics for corporate BYOD use (Biometric Update) IBM stated in a recent blog post that it expects that the addition of biometrics to personal mobile devices will enhance security surrounding corporate 'bring your own device' (BYOD) policies
Making web programming easier and more secure (ZDNet) An MIT researcher has unveiled a new approach to self-completing programming with Ur/Web
Inadvertent Algorithmic Cruelty (Meyerweb) I didn't go looking for grief this afternoon, but it found me anyway, and I have designers and programmers to thank for it. In this case, the designers and programmers are somewhere at Facebook
Academia
For America's Youth, Career Success STEMs from Competition (Fox Business) When Cooper Yerby was six years old, he wanted to be a pilot. But, like most young children, as he grew up, his opinion changed. A few years later, he wanted to be a meteorologist, then a plastic surgeon, then a chemical engineer
Girl Scouts learn about cyber security and related careers (Press Enterprise) About 200 Girl Scouts from middle schools throughout San Bernardino County learned about cyber security, deciphering codes and how to design and create model airplane gliders during a hands-on engineering and technology event at Cal State San Bernardino on Dec. 17
Legislation, Policy, and Regulation
US, Japan and South Korea to share intelligence on North Korea (Financial Times) South Korea, the US and Japan will sign a trilateral intelligence-sharing agreement on Monday to better cope with North Korea's increasing military threats, Seoul's defence ministry said on Friday
Japan Is Preparing For A Possible Cyberattack From North Korea (Reuters via Business Insider) Japan, fearing it could be a soft target for possible North Korean cyberattacks in the escalating row over the Sony Pictures hack, has begun working to ensure basic infrastructure is safe and to formulate its diplomatic response, officials said
China a likely factor in North Korea cyber prowess: Experts (Zee News) North Korea may be facing explosive hacking accusations, but analysts are questioning how an isolated, impoverished country with limited Internet access could wage cyber sabotage — and many experts believe China plays a role
Played for a Fool (Slate) The Sony hacking story has unfolded just as North Korea’s propagandists would have wanted
New domains of conflict and war emerging: DRDO chief Avinash Chander (Economic Times) Security challenges are going beyond traditional domains of land, sea and air and new forms of conflict and war are emerging, chief of DRDO Avinash Chander said today
Israeli expert: 'cyberspace has become a battlefield' (Al Monitor) Col. Gabi Siboni (ret.) heads the Cyber Security Program at the Israeli Institute for National Security Studies. Considered one of the top experts in the field, Siboni publishes numerous studies and position papers on the issue on behalf of the institute. The most recent of these, published the week of Dec. 22, is devoted to the cyberwar between the United States and North Korea
Iran and Modern Cyber Warfare (Global Research) Today US intelligence services seem to finally have become aware of the potential damage a cyber-attack can inflict, therefore Washington is placing particular stress on enhancing its "combat capabilities" in virtual space. Therefore, not only the CIA, but the NSA and the Pentagon have started getting substantial resources on an annual basis in order to be able to create the most advanced cyber-weapons conceivable
U.S. Puts New Focus on Fortifying Cyber Defenses (Wall Street Journal) Sony hacking case gives White House, business interests urgency to address Internet security
When Does Cyber Crime Become an Act of Cyberwar? (Townhall) No consensus exists between the U.S. government and cyber security experts as to whether North Korea is responsible for the online dumping of Sony Pictures Entertainment's confidential business data and emails. Even if it could be proven beyond any doubt with uncontestable forensic evidence that this theft is also, in fact, an act of computer hacking, it still wouldn't technically constitute an act of cyberwar — regardless of the identity of the perpetrator. So then, when would it?
How Should U.S. Respond to Sony Breach? (BankInfoSecurity) Weighing in on how U.S. should retaliate against North Korea
Military Response Should Be Limited to Threats to Infrastructure (New York Times) All the fiery, yet contradictory, rhetoric over how to classify the Sony attacks is a strong indicator that the American government is operating in uncharted territory. President Obama, who has identified North Korea as the orchestrator, has called the attack an act of "cybervandalism" — a fairly strong label that would seem to prompt a law enforcement response. Senators John McCain and Lindsey Graham, on the other hand, have called the attacks "a new form of warfare" and an "act of terrorism," respectively. Those even stronger designations would seem to warrant a military response
International Law Permits a Measured Military Response to Cyberattacks (New York Times) The military plays a direct role in preventing cyberattacks only on its own networks. Otherwise, the military can share threat information to allow governmental and non-governmental actors to defend their networks, and it can deter some cyberattacks through the threat of a military response
Our Best Cyber Defense Is Silicon Valley, not the Pentagon (New York Times) It's natural, but generally wrong, to look to the military to protect us from warfare online
International Consensus on Cyberattacks Is Blurry (New York Times) There are few satisfying responses to North Korea's "cyberattack" on Sony. Military action is not one of them. Under international law, a nation against whom force has been used has the right to use force in response, in self-defense. If a cyberattack has an equivalent effect to a kinetic attack — resulting in destruction or casualties — it qualifies for the use of force. What happened to Sony was not the use of force, terrorism or war
Sony Hack: No Good Options for U.S. on Private Sector Cybersecurity (World Politics Review) When they set out to make "The Interview," a comedic movie about assassinating the leader of North Korea, actors Seth Rogen and James Franco likely did not realize they would spark a massive cyber attack, lead the White House to dub those attacks a national security problem or inadvertently trigger a First Amendment crisis in the United States. When Sony and theater owners bowed to hacker demands that they cancel the movie's Christmas Day release, followed shortly by Paramount's refusal to allow movie theaters to run "Team America: World Police" — another comedy made at North Korea's expense — in its place, they highlighted a much bigger national security problem than many have realized: Not only can adversaries use cyberspace to steal and spy on a massive scale, or threaten critical infrastructure, they can also threaten the very freedoms that Americans take for granted
Romanian version of EU cybersecurity directive allows warrantless access to data (IDG via CIO) More than a dozen Romanian non-governmental organizations are protesting new cybersecurity legislation passed by the parliament last week that would force businesses to provide the country's national intelligence agencies with access to their data without a court warrant
Litigation, Investigation, and Law Enforcement
S Korea seeks Chinese help over nuclear cyber-attack (BBC) South Korea is seeking the help of China over a cyber-attack on its nuclear power network after the IP address of a suspected hacker was traced to a north-eastern Chinese city
In Holiday Document Dump, NSA Declassifies Compliance Errors (TechCrunch) The National Security Agency (NSA) on Christmas Eve released a grip of compliance reports that detail its own admitted failures to always operate inside the orbit of the law
NSA Reports Show Agency May Have Violated Laws For A Decade By Spying On Americans (International Business Times) The National Security Agency may have violated U.S. law for over a decade with the unauthorized surveillance of U.S. citizens' overseas communications, according to new reports on the agency's intelligence collection practices released by the NSA on Wednesday
IT Security Suffers from Noncompliance (Office of the Inspector General, Department of Homeland Security) The Department of Homeland Security (DHS) has made progress to improve its information security program, but noncompliance by several DHS component agencies is undermining that effort, according to a new report by the DHS Office of Inspector General (OIG)
Evaluation of DHS' Information Security Program for Fiscal Year 2014 (Office of the Inspector General, Department of Homeland Security) DHS has taken steps to improve its information security program. For example, DHS expanded the ongoing authorization program to improve the security of its information systems through a revised risk management approach. Additionally, DHS developed and implemented the Fiscal Year 2014 Information Security Performance Plan, which defines the performance requirements, priorities, and overall goals for the Department. DHS has also taken actions to address the President's cybersecurity priorities, which include the implementation of trusted internet connections, continuous monitoring of the Department's information systems, and strong authentication
Suit over Facebook’s practice of scanning users’ messages to go forward (Ars Technica) Company's TOS "does not establish that users consented" to the practice, court rules
Oviedo 'swatting' case unsolved, while others end in arrests (Orlando Sentinel) They call 911 in hysteria — describing gory scenes of gunfire, murders and death threats
