The CyberWire Daily Briefing 01.02.15
US authorities warn that the Guardians of Peace may be expected to hit a media site soon (the Daily News says one of the prospective targets is thought to be CNN). The DPRK's General Bureau of Reconnaissance still figures in speculation about attribution of the Sony hack.
Lizard Squad's Christmas Eve attacks on the Xbox and PlayStation networks appear to have been a denial-of-service-as-service marketing stunt. (They've thereby attracted the ire of their playground rivals in Anonymous. Anonymous disapproves of the hack; Lizard Squad tells Anonymous to "do something" about it.) Among Lizard Squad's offerings is a reconnaissance and attack tool, "Lizard Stresser," designed to probe networks for susceptibility to DDoS, then to shut the vulnerable down. The tool's veneer of legitimacy as a white-hat testing tool will deceive few, but it was priced at between $6 and $500 per attack (payable in Bitcoin).
Lizard Stresser appears to have disappeared from the markets, at least for now, and police in Britain and Finland have arrested two Lizard Squad skids for their role in the Christmas Eve attacks. Both, demonstrating again that "criminal genius" is an oxymoron, had appeared on television as "experts" commenting on the attacks.
Security companies warn that attacks increasingly harness legitimate processes to enhance the effects of malware. The phenomenon isn't new (Cyactive calls it the "Luke Skywalker effect") but its growing prevalence is.
Enterprises are urged to look to risk management, not hermetically sealed networks, as they counter 2015's threats.
The New York Times advocates cyber-deterrence.
Notes.
Today's issue includes events affecting Finland, Iraq, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Syria, United Kingdom, and United States of America.
Cyber Attacks, Threats, and Vulnerabilities
Feds: Sony hackers' next target will be an unnamed news organization (Ars Technica) In a bulletin, FBI and DHS add "other such organizations" may be targeted, too
Sony hackers threatened to attack CNN in online message (New York Daily News) An FBI bulletin published by The Intercept claims that the Guardians of Peace, who were behind the Sony hacks, threatened to hack a news organization and possibly several others in the future
N.Korea Fingered in Email Threats to Sony (Chosun Ilbo) The North Korean Army's General Bureau of Reconnaissance has been fingered in a spate of threatening emails to Sony Pictures Entertainment, according to Kyodo News on Thursday
North Korean defector to airdrop DVD, USB copies of The Interview (Ars Technica) DPRK's "leadership will crumble if the idolization of leader Kim breaks down"
Tor Attack Pits Anonymous Against Lizard Squad: PSN and Xbox Live Back Online (TechTimes) Claiming to have discovered a zero-day exploit in the Tor network, cyber saboteur Lizard Squad again finds itself at odds with the Anonymous hacking collective
Why Microsoft And Sony Couldn't Stop Lizard Squad Attack Despite Warnings (International Business Times) Sony and Microsoft saw their online gaming networks, PSN and Xbox Live, toppled over the holidays by hackers who used a relatively simple attack to jam up the sites. The technique, known as DDoS, is so straightforward that it begs the question why two of the world's most sophisticated entertainment and computing giants were not better prepared to defend themselves
Lizard Squad to Peddle Hacking Services for Small Fee (TechTimes) Lizard Squad is now offering potential customers its hacking services which the group has started promoting through a new website. The hacking group was the one responsible for the Christmas Day cyber attacks on Microsoft's Xbox systems and Sony's PlayStation
XBox and PSN attacks were "marketing scheme" for Lizard Squad's DDoS service (WeLiveSecurity) The attack which "stole Christmas" for millions of video games players by knocking offline the PlayStation Network (PSN) and Xbox Live appears to have been a publicity stunt, designed to gain notoriety and draw attention to the hacking group which has claimed responsibility — Lizard Squad
Lizard Kids: A Long Trail of Fail (KrebsOnSecurity) The Lizard Squad, a band of young hooligans that recently became Internet famous for launching crippling distributed denial-of-service (DDoS) attacks against the largest online gaming networks, is now advertising own Lizard-branded DDoS-for-hire service. Read on for a decidedly different take on this offering than what's being portrayed in the mainstream media
Malware infection suspected at ISC, providers of the BIND DNS server software (Naked Security) The Internet Systems Consortium, better known as ISC, thinks it might have had a malware infection
WordPress Symposium Plug-In Plagued by File Upload Vulnerability (Threatpost) Since the disclosure of a serious file-upload vulnerability in WordPress Symposium and the public availability of proof-of-concept exploit code, attacks against sites running the plug-in are starting to raise concern
The Luke Skywalker Effect — When your Antivirus serves the dark side (Cyactive) With the end of 2014, we would like to note a growing phenomenon in malware development — the use of legitimate processes and applications on a victim's computer as tools to serve the malicious purpose of malware. This is not a new concept, as techniques such as API hooking are fundamentally similar, hijacking basic API processes in order to send the malicious payload different information about the computer. Yet, as this article by Jai Vijayan in Dark Reading notes, the phenomenon is growing, and malware are using not only processes, but entire applications, including apps developed for cyber-security, such as AV software and administrator control tools
In the Wake of Cyber Breaches, How Secure Are U.S. Energy Companies? (Texas Lawyer) NSA Director Admiral Michael Rogers has referred to the energy sector as the United States' "Achilles heel." In 2012, former Defense Secretary Leon Panetta warned of an advancing "cyber-Pearl Harbor." A 2012 Mandiant survey revealed that the energy industry (including oil and gas) ranks second in industries most likely to suffer a cyberattack. In 2013, for the first time in the history of Ernst & Young's survey of energy executives, cybersecurity made the top 10 list of industry concerns
Can malware and hackers really cause giant physical disasters? (Naked Security) Right back to the 1980s, when computer viruses first appeared in any number, people have been asking, "Can malware and hackers cause giant physical disasters?"
ISIS Threatens Albuquerque Residents: 'Christmas Will Never Be Merry Any Longer' (Inquisitr) The good citizens of Albuquerque were threatened en masse on Wednesday when someone affiliated with ISIS, also known as the Islamic State, hacked the Albuquerque Journal's mobile app
ISIS threatening, hacking into more than U.S. news sites? (OneNewsNow) Accustomed to the world's most formidable terrorist group, ISIS, making headlines overseas for its wrath in the Middle East, Europe and Africa, many Americans were shocked to see the militant Islamic organization force its way into their living rooms last week through their computer screens and electronic devices with the chilling message: "We are already here"
Milwaukee police website taken down after hack attempt (WISN ABC12) Tweets imply cyber attack linked to Dontre Hamilton's shooting death
How much money do cyber criminals make? (BusinessTech) Cyber criminals could be earning as much as 20 times more than the cost of their attacks, according to figures compiled by Kaspersky Lab
Cyber Trends
Seven Things to Watch for in 2015 (Threatpost) P4ssw0rds got you down? POODLEs Bashing you over the head giving you Heartbleed? Well, bad puns aside, 2014 was a rough year and you can surely expect more of the same in 2015 — with a few new twists. Hackers will still chase credit card numbers and point-of-sale systems, but they've got their eye on health care data and you can bet on more commodity cybercrime tools showing up in APT attacks. Your best response? Encrypt everything, win with privacy — and for heaven's sake, stop shaming victims. Here's a look at seven things to watch in 2015
The Great Cyber Convergence in 2015: AFCEA Speaks (Breaking Defense) Technology is moving too fast to keep track of everything, but there's one overarching trend that policymakers must not miss in 2015. Call it "convergence"
Sony and the New Normal in Cyber-Security (Epoch Times) For Sony Pictures, the gift of litigation came early this year
In the Aftermath of Sony Hack: What's the Real Cybercrime Geography? (The Hosting News) When Sony Pictures was the target of a recent cyber-attack, computer experts were quick to speculate that North Korea was behind the digital infiltration. Things happen quickly in the digital world and now many experts are doubting the original idea that North Korea walked around inside Sony servers in reprisal for the movie, "The Interview," which imagines an assassination attempt against North Korea?s chubby leader, Kim Jong Un
2014 Cyber Security News Was Dominated By The Sony Hack Scandal And Retail Data Breaches (Forbes) When looking back on the cyber security stories of 2014, there is one type of event that clearly stands out above all others: data breaches against major corporations, particularly retail operations. "While 2013 was a bad year for IT security, there's no disputing that 2014 was the worst," said Kevin Jones, senior IT security architect for Thycotic. "Whether it was insider threats, anonymous, or nation-state hackers, 2014 was a bad year for anyone whose job is to protect sensitive data from unsanctioned access"
2014 was the year hacking became the norm (Mahsable) Information security — or the lack thereof — was one of the biggest stories of 2014. From Heartbleed to Kmart to JPMorgan to Snapchat to iCloud to Sony Pictures to countless others, data breaches and software vulnerabilities made news nearly every single week
The top cyber risks for NZ in an interconnected world (CIO) New Zealand organisations lead in awareness of cybersecurity risks, and bringing these to the attention of the board, according to the 2015 Global Information Security Survey. But they need to scale up on key areas to keep constantly evolving cybersecurity threats at bay
Marketplace
Company Update (NYSE:IBM): IBM's Sales Slide: Is Ginni Rometty's Job in Jeopardy? (Bloomberg via the Jutia Group) Bloomberg Intelligence's Anurag Rana and Bloomberg?s Alex Barinka discuss IBM?s sales numbers. They speak on "Street Smart"
Booz Allen Hamilton Holding Downgraded to "Neutra" at Zacks (BAH) (InterCooler) Booz Allen Hamilton Holding (NYSE:BAH) was downgraded by Zacks from an "outperform" rating to a "neutral" rating in a report released on Tuesday. They currently have a $29.90 target price on the stock. Zacks's price target would indicate a potential upside of 10.91% from the company's current price
Cyber security presents an opportunity for Symantec (Market Realist) Cyber security is in great demand due to increased mobile and cloud adoption
Radware Given Consensus Recommendation of "Buy" by Brokerages (NASDAQ:RDWR) (Legacy) Shares of Radware (NASDAQ:RDWR) have earned an average recommendation of "Buy" from the nine brokerages that are currently covering the company
Options Check-Up: Check Point Software, FireEye, LifeLock (Schaeffer's Daily Option Blog) Among the stocks attracting attention from options traders lately are cybersecurity specialists Check Point Software Technologies Ltd. (NASDAQ:CHKP), FireEye, Inc. (NASDAQ:FEYE), and LifeLock, Inc. (NYSE:LOCK). Below, we'll break down how option buyers are positioning themselves, and how much speculators are willing to pay for their bets on CHKP, FEYE, and LOCK
Cyber security groups use fake computers to trap hackers (Financial Times) A new breed of cyber security company is trying to lay traps to catch hackers and prevent damage, as old ways of preventing attacks are failing
Danville: Native son of San Ramon Valley prospers in Silicon Valley, helps youngsters follow his path (San Jose Mercury News) James Brear is viewed by many as a pioneer in Silicon Valley's digital frontier, but while growing up on a 15-acre farm in Danville, his biggest claim to fame was the prizes he won at the county fair for raising sheep, steer and pigs
Old BlackBerrys came to the rescue after Sony hack (Columbus Dispatch) If there's one company that's gotten a bit of good press from the Sony Corp. hacking scandal, it's BlackBerry Ltd
Hacking scandal exposes a corporation in decline (Philly.com) "Why pick on Sony? They haven't had a hit since the Walkman"
Growing European Issues Imperil U.S. Tech Business Models (SecurityWeek) Apple, Google, and Facebook are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations
UK.gov: Sod SIGINT, let's turn GCHQ into a TECH CRECHE (Register) Israel-style 'grad trainee' scheme mooted by ministers
Products, Services, and Solutions
Elijah Ltd Announces the Release of eDiscovery Integrator 5.0 Litigation Project Management Platform (PRWeb) Elijah has announced the release of eDiscovery Integrator 5.0, an industry leading project management platform that helps clients take control of the entire litigation life cycle and manage costs
This Hobbit-inspired sword can help you find unsecured WiFi hotspots (WeLiveSecurity) Like many others, I was enchanted by The Hobbit (and later Lord of the Rings) at a young age — long before Peter Jackson turned J R R Tolkien's middle-earth fantasy books into a series of blockbuster movies.
Zoho email difficult to crack for National Security Agency (The Hindu) City-based Zoho Corp's email and chat services are one of the handful of services, which the U.S. National Security Agency (NSA) has found it difficult to crack under its mass surveillance programme
Technologies, Techniques, and Standards
The Difference Between Risk and Loss (WIllis WIre) Risk management has caused many people to substitute one four-letter word for another. They will use the word RISK when they should be saying LOSS. And there is a world of difference between the two. It is the difference between the gleam in eye of the loving newlyweds and the cry of the babe in the middle of the night. (Really dating myself there. That is one from a 1950′s movie)
This Cybersecurity Medicine Might Be Tough To Swallow (TechCrunch) Imagine you're the CEO of a thriving company and you've been horrified by the news of the Sony hack, the Target breach and the litany of security issues that have plagued big companies in recent years. You swear you're going to do whatever's necessary to make sure it won't happen to your company. But do you realize what that really means?
CISO Spotlight: Robb Reck on Security Strategies for Financial Services (DarkMatters) The financial sector has been and will remain at the forefront of cybersecurity and risk management, but today's increasingly complex and globally-coordinated attacks present a tremendous challenge for even the most mature information security programs
Lawsuits, more funding can help deter hack attacks (Des Moines Register) There have been an endless parade of serious hacks of private, corporate and government data. The latest, unless another one happened in the last 24 hours, was Staples
Academia
'Born at the Right Time': How Kid Hackers Became Cyberwarriors (NBC News) A few years ago, when Greg Martin was in his mid 20s and teaching a computer security course for NASA engineers, he stumbled on an arcane bit of information that stopped him cold: the original set of rules governing the Internet, created in September 1981, the month he was born
Legislation, Policy, and Regulation
Deterring Cyberattacks From North Korea (New York Times) The recent cyberattack on Sony Pictures, which the Obama administration said was committed by North Korea, shows how far the United States still has to go to deter such intrusions, despite warnings by officials and experts about cybersecurity dangers. Countless assaults on America's computer networks by China and other foreign governments, hackers and criminals have demonstrated the urgent need for safeguards
Sony Incident Sets Dangerous Precedent, Cyber Expert Fears (Voice of America) When cyber journalist and author Shane Harris heard that President Barack Obama was promising the United States would make a "proportional response" against North Korea over the recent hacks at Sony Pictures Entertainment, his first response was alarm
Litigation, Investigation, and Law Enforcement
If the Supreme Court tackles the NSA in 2015, it'll be one of these five cases (Ars Technica) How a church, terror suspects, and some lawyers are pushing privacy on the legal front
The noose tightens on Lizard Squad, as police apprehend suspects (Graham Cluley) The notorious Lizard Squad hacking gang who brought down the PlayStation Network and Xbox Live over the Christmas holiday, ostentatiously courted the media about their antics, and recently launched a DDoS service, may have bitten more than it can chew
Two alleged members of Lizard Squad arrested following Xbox Live/PSN Christmas attacks (PCWorld) Did you spend Christmas mildly annoyed because you bought a new console, only to find that Xbox Live/ PlayStation Network had been downed by a "nefarious" group known as Lizard Squad? Yes, I know it sounds like a bad episode of 24, but at least now you can revel in a bit of Schadenfreude: Two alleged members have been arrested this week
Snapchat’s privacy practices to be monitored for the next 20 years (Ars Technica) FTC: No more saying that your secret sexy snaps can't be saved
Police suspect fraud took most of Mt. Gox's missing bitcoins (IDG via CSO) Nearly all of the roughly US$370 million in bitcoin that disappeared in the February 2014 collapse of Mt. Gox probably vanished due to fraudulent transactions, with only 1 percent taken by hackers, according to a report in Japan's Yomiuri Shimbun newspaper, citing sources close to a Tokyo police probe
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Cybersecurity World Conference (New York, New York, USA, Jan 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting the information of today's enterprises and government agencies, respectively. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, cyber security in the Internet of Things age, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks
U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market (Washington, DC, USA, Jan 12, 2015) Join the U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market. The value of the global cyber security market is expected to grow by 11.3% each year, reaching $120 billion by 2017. The Western Europe region alone is estimated to contribute $28.1 billion to this industry, driven by changing threats and technologies. These briefings aim to provide the latest information on Cyber Security & IT markets in Europe
FloCon 2015 (Portland, Oregon, USA, Jan 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
National Cybersecurity Center Of Excellence (NCCOE) Speaker Series: Security In A Cyber World (Rockville, Maryland, USA, Jan 14, 2015) The National Cybersecurity Center of Excellence (NCCoE) Speaker Series showcases global thought-leaders to highlight critical cybersecurity issues of national importance. The keynote speaker will be Chris Inglis, former Deputy Director of the National Security Agency
California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, Jan 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation
FIC 2015 (Lille, France, Jan 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a priority for the European Union as stated in the Stockholm Programme for 2010–2015. Its objective is to open up the cybersecurity debate by bringing together security and risk management experts with non-specialists to enable them to compare viewpoints and lessons learnt
IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, Jan 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015, in anticipation of the release of a new solicitation in support of the Program. The Conference will be held from 9:00 AM to 4:00 PM EDT in the Washington, DC metropolitan area. The purpose of the Conference will be to provide introductory information on CAUSE and the research problems that the Program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, Jan 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human behavior within and across networks. The conference will bring together subject matter experts to discover and share new means of recognizing human related cyber indicators, and the evolution of these human indicators in the coming decades. The Human Cyber Forensics Conference will focus on such topics as insider threat, next generation social engineering, progressive communications, neuroscience, social cognition, social media, and neuro-ethics
Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, Jan 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives from USA and beyond. They are coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy. These policies will after all protect the critical assets needed to safeguard their company assets
Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, Jan 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues facing consumers and business, including in-depth panel discussions on privacy, the Internet of Things (IoT), and many other critical topics