US Intelligence Community reports on Russia's election season influence operations. DragonOK APT is back with renewed vigor. Baltic News Agency sustains cyber attack.
The US Intelligence Community on Friday released its promised report on Russian election hacking. (The report had been expected some time this week, but it was issued soon after the President-elect was briefed on its contents.) The work of the CIA, FBI, and NSA, the report as expected is longer on conclusions than it is on evidence, evidence usually being more sensitive than conclusions, because likelier to reveal sources and methods.
Those conclusions are that the Russian government sought to influence the US presidential election, with a goal of ensuring that either major candidate would wind up either compromised, indebted, or damaged. The analysis holds that President-elect Trump was the Russians' preferred candidate, although their efforts were for some time premised on the assessment that former Secretary of State Clinton would be the eventual winner.
The Senate Select Committee on Intelligence will begin an investigation tomorrow. Initial reactions range from outrage against Russia's activities to skepticism (especially in RT, unsurprisingly, but in other quarters, too) concerning evidence in the analysis. The analysis is brief and worth reading. Two mild surprises: part of the Russian motivation seems to have been retaliation for embarrassment by the World Anti-Doping Agency, and the UK's GCHQ may have tipped US intelligence off to some Russian activity.
In other news, the Baltic News Agency, which reports on Latvia, Lithuania, and Estonia, sustained a denial-of-service attack late Friday. The DragonOK APT group, linked to China's PLA, is said to be newly active against Tibetan and Russian targets.
Today's issue includes events affecting Australia, China, Estonia, European Union, France, Germany, India, Iran, Russia, Singapore, Turkey, Ukraine, United Kingdom, and United States..
In today's CyberWire podcast we hear from our partners at Terbium Labs, as Emily Wilson discusses how law enforcement handles the dark web. Our guest is Robert M. Lee, CEO of Dragos Inc., who'll be giving us his informed take on the US Intelligence Community's report on Russian hacking.
If you've been enjoying the podcasts, please consider giving us an iTunes review.
A special edition of our Podcast is also available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Cyber Attacks, Threats, and Vulnerabilities
Wikileaks Support Account Deletes Tweet about Making Database of Verified Accounts (HackRead) The support account blame dishonest press reporting” its “speculative idea for a database of account influencing *relationships*
European Commission Suffered 20% Rise in Cyberattacks in 2016 (Infosecurity Magazine) The European Commission suffered a 20% rise in attacks on its infrastructure in 2016, it has been revealed, as fears grow over Russian attempts to influence the outcome of major elections in France and Germany
New OSCE chief visits war-torn Donbas; Kyiv cites massive Russian cyber attacks (Ukrainian Weekly) The new chairperson-in-office of the Organization for Security and Cooperation in Europe chose war-torn Ukraine for his first foreign visit as the leader of the 57-state organization
Ukraine's military denies Russian hack attack (Yahoo! News) Kiev (AFP) - Ukraine's military on Friday denied reports claiming Russia may have hacked targeting software for its heavy artillery in a breach that could have helped Moscow track and destroy Kiev's big guns
Main Baltic news agency targeted by cyber attack (AP via Fox News) The main Baltic news agency says a cyberattack that disrupted its service for 10 hours
Brazil’s largest news portals UOL and Folha hacked; redirected to RedTube (HackRead) The hack was apparently done against a proposed law that would limit pornography in Brazil
The DragonOK APT Group with Ties to China Keeps Revising Their Strategies and Tools (Socpedia) DragonOK that has been connected to China continues to revise their strategies and tools and has been targeting organizations in Tibet and Russia, among a number of other countries
Iranian Group Delivers Malware via Fake Oxford University Sites (SecurityWeek) An Iran-linked advanced persistent threat (APT) group dubbed OilRig has used a fake Juniper Networks VPN portal and fake University of Oxford websites to deliver malware to victims
US Power Grid in Imminent Danger of Cyber-Attack (Financial Tribune) The US Energy Department says the electricity system "faces imminent danger" from cyber-attacks, which are growing more frequent and sophisticated, but grid operators say they are already on top of the problem
Turkish researcher: iOS suffering from heap overflow bug (Siberbülten) A Turkish expert who discovered a security vulnerability that Apple patched in its 10.2 update has claimed that iPhones are vulnerable to a heap overflow bug
Browser Autofill Profiles Can Be Abused for Phishing Attacks (Bleeping Computer) Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form
UK’s Largest Hosting firm 123-Reg ‘Pounded’ by DDoS Attack (HackRead) This is the second time in two years that 123-Reg suffered a series of massive DDoS attacks
Digital Shadows reveals that the Mirai Botnet isn’t going away (Security Middle East) Digital Shadows Report highlights the inherent vulnerability of basing network infrastructure around centralized DNS providers
Almost a Fifth of Companies Have No DDoS Protection At All (eSecurity Planet) And 39 percent are unclear on how to protect against DDoS attacks, a recent survey found
Insane blackhats behind world's most expensive ransomware 'forget' to backup crypto keys (Register) Only Linux victims can decrypt warped $247,000 BlackEnergy module - and then only maybe
CryptXXX Ransomware Spread Further via SoakSoak Botnet (Lifars) This year’s surge in CryptXXX ransomware infections was facilitated due to the SoakSoak botnet which has the automated ability to scan websites for vulnerabilities, researchers revealed
Merry X-Mas ransomware from Sunday 2017-01-08 (ISC Storm Center) On Tuesday 2017-01-03, BleepingComputer published an article about "Merry X-Mas Ransomware". This ransomware was first seen by people like @PolarToffee, @dvk01uk, and @Techhelplistcom. Merry X-Mas Ransomware was first reported as distributed through malicious spam (malspam) disguised as FTC consumer complaints
Ransomware to dominate cyber security landscape (SecurityBriefNZ) Ransomware will continue to dominate the cyber security landscape, with a new report from security specialists ESET forecasting the ‘year of ransomware’ will continue into 2017
How to respond to a ransomware infection (Graham Cluley) Paying the ransom should be the LAST thing you do
Hackers are having a field day with stolen credentials (SC Magazine) Luckily, we can rain on their parade by following simple, common sense industry best practices
Adobe Flash responsible for six of the top 10 bugs used by exploit kits in 2016 (Graham Cluley) So, are you ready to uninstall Adobe Flash now?
ESEA hacked, 1.5 million records leaked after alleged failed extortion attempt (CSO) More than a million players have been affected by this incident
Super Mario Run for Android Available for Download… as Malware (Softpedia) Malware attempts to steal financial info from Android phones
TV anchor says live on-air 'Alexa, order me a dollhouse' – guess what happens next (Register) Story on accidental order begets story on accidental order begets accidental order
Security Patches, Mitigations, and Software Updates
Google Patches Android Custom Boot Mode Vulnerability (Threatpost) A high-risk Android custom boot mode vulnerability was one of many bugs patched by Google as part of its January Android Security Bulletin released earlier this week. On Thursday, the IBM security team that discovered the vulnerability disclosed details about the flaw which leaves Nexus 6 and P6 model handsets open to denial of service and elevation of privilege attacks
Apache Jackrabbit 2.14.0 released (Apache Software Foundation) The Apache Jackrabbit community is pleased to announce the release of Apache Jackrabbit 2.14.0 The release is available for download at
Breaking the Rules (SIGNAL) Restrictive, locked-down mobile policies don't work
After a terrible year for cybersecurity, will 2017 be any better? (Help Net Security) From a cybersecurity perspective, 2016 was a very devastating year for companies, schools, government agencies, organizations and even presidential campaigns. What we’ve learned from a record year for breaches, hacks, phishing, malware, and ransomware is what we’ve known all along: cyber criminals are clever and they are not bound by any rules or real strategy
New year, new patches: A look back and what to expect in the future (Help Net Security) As to be expected when ringing in a new year, there are predictions galore flooding social media and that includes the cybersecurity space. Predications are more than just possibilities when it comes to landscape we now know as IoT-based on the trends that ushered out 2016
Global businesses unclear on how to combat targeted, DDoS attacks, Kaspersky survey reveals (Canadian Underwriter) Global businesses are not confident on how to protect themselves against threats like targeted cyberattacks and distributed denial of services (DDoS) attacks, according to new research from worldwide cybersecurity company Kaspersky Lab
No Computer is Safe: Now What? (LinkedIn) The quote "Technology is not the measure of a great civilization" from the first episode of The Man in the High Castle is timely given media headlines on President-elect Trump's remark that "no computer is safe." Since global critical infrastructure depends on computers for virtually everything--finance, transport, health, manufacturing, energy, military operations--his statement appears to offer a shaky start to the new year
Tech security: oldies getting it in the neck again (Naked Security) Another day, another survey – this time telling us that older people are increasingly susceptible to online fraud. According to the Daily Mirror, one million (sorry, one MILLION) older people may have fallen victim to an online scam
Worldwide IoT spending to reach $1.29 trillion in 2020 (Help Net Security) Worldwide IoT spending is forecast to reach $737 billion in 2016 as organizations invest in the hardware, software, services, and connectivity that enable the IoT
New year, new target for hackers (The New Paper) Experts weigh in on the cyber security issues that are expected to worsen this year
The Cyber State: NSA Trains CryptoKids, Tracks Angry Birds, Parents Spy (A New Domain) The NSA tracks Angry Birds, trains children to hack, and creates a society of surveillance. Parents creep along their kids’ social media. What does the future hold?
Insurers tap cyber security ratings to limit liabilities (Financial Times) New breed of start-ups aims to assess strength of companies’ defences against hackers
What’s next for Yahoo and Verizon? (Salon) The Verizon deal is still in progress, but shareholders may need to be placated after news of second data breach
Microsoft Ventures and Qualcomm Ventures Invest in Team8's Global Cyber Syndicate; Citigroup Signs Strategic Partnership (Sys-Con Media) Team8 portfolio companies generated more than $22M in sales in their first year of operations. Since launching in 2014, the group has raised over $92M, employs 180 people in Israel, the US, UK & Singapore and plans to hire 100 employees in 2017
Australia Leads $45 Million Investment in Data Security Startup (Fortune) A sovereign wealth fund owned by the Australian government has spearheaded a $45 million investment in the cybersecurity firm Bitglass, the company said Friday
Campbell cloud security startup scores $45M to fuel expansion (SIlicon Valley Business Journal) Bitglass, a startup that helps secure corporate data in the cloud, has raised $45 million in new funding to fuel global expansion
BlackBerry and Giuliani partner in cyber security venture (The Stack) BlackBerry has been selected by Giuliani Partners to support cyber security consulting services to the government and to private firms. The recently released BlackBerry Secure platform will provide the underlying software for the firm’s cyber security consulting product
2 Sizzling Hot Tech Stocks: Palo Alto Networks (PANW), Cerner (CERN) (Independent Republic) Palo Alto Networks, Inc. (PANW) ended last trading session with a change of 3.1 percent. It trades at an average volume of 1.56M shares versus 3.28M shares recorded at the end of last trading session
Why Palo Alto Networks, Inc. Stock Dropped 29% in 2016 (Motley Fool) The network security company plunged over guidance concerns late last year. Here's what investors need to know
Palo Alto Networks Will Deliver Robust Annual Upside In The Long Run (Seeking Alpha) Palo Alto's market share will triple in the coming years, which will lead to strong revenue growth as the end market expands. Its annual revenue could increase to $5.3 billion in the next three years as compared to $1.5 billion in revenue in the past year. Due to the robust revenue growth, Palo Alto could deliver annual gains of 50% going forward, based on its price-to-sales ratio. The company will also witness robust earnings growth as its revenue increases, driven by its complete suite of cybersecurity solutions as compared to rivals
Netgear Announces the Launch of a Bug Bounty Program with Bugcrowd Kudos Points and Cash Rewards (Socpedia) Netgear’s products will be the focus of a bug bounty program the networking equipment company is launching
Local talent can drive GCC’s cyber security industry (Gulf Business) Cyber security companies are now looking to develop talent locally
Products, Services, and Solutions
When anti-malware vendors get into a slap fight, users lose (Network World) No one should disable another vendor's protection, regardless of reason
Spotlight: How a Social Media Expert Finds Website Security (Sucuri Blog) With the new year upon us, it makes sense to reflect on how things have changed. Our Malware Research and Incident Response teams just published their latest report on trends in website security, and in the coming weeks we plan to write about the latest upgrades to the Sucuri dashboard
Security firms unveil ultra-secure routers to protect ‘smart’ homes (Market Business News) Security companies have unveiled ultra-secure routers which essentially act as a firewall for an entire network to protect smart household gadgets from being hacked
Amazon Echo, Alexa Dominates Artificial Intelligence Industry While Google, Microsoft Painfully Watching [VIDEO] (University Herald) Amazon is taking artificial intelligence to the next level through digital assistant Alexa when the company has made surprising moves in the CES technology show in Las Vegas with the introduction of products that run Android system but can access Alexa. Is this a sign that Amazon is dominating the industry while Google is painfully watching? See full details here!
Technologies, Techniques, and Standards
Top obstacles and benefits of security framework adoption (Help Net Security) 95 percent of organizations face significant challenges when implementing leading cybersecurity frameworks, according to Tenable Network Security and the Center for Internet Security (CIS)
Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems (Techdirt) Techdirt has been worried by problems of e-voting systems for a long time now. Before, that was just one of our quaint interests, but over the last few months, the issue of e-voting, and how secure it is from hacking, specifically hacking by foreign powers, has become a rather hot topic. It's great that the world has finally caught up with Techdirt, and realized that e-voting is not just some neat technology, and now sees that democracy itself is at play. The downside is that because the stakes are so high, the level of noise is too, and it's really hard to work out how worried we should be about recent allegations, and what's the best thing to do on the e-voting front
A Step-by-Step Guide for Responding to and Protecting against Identity Theft (No Identify Theft) This step-by-step guide will help you to regain control of your financial life at a time when people feel helpless and are uncertain what to do. We will go over every aspect of identity theft, including websites to visit, organizations to contact, forms to fill out, samples of the kinds of letters to send, prevention, and more
Design and Innovation
Mattel Finds Voice In Aristotle With Help From Microsoft Bing, Cortana (MediaPost) Mattel has developed a voice-activated connected kids room hub similar to Amazon Echo and Google Home, with technology from Microsoft, Qualcomm Technology and Silk Labs
Legislation, Policy, and Regulation
France blocks 24,000 cyber attacks amid fears that Russia may try to influence French presidential election (Telegraph) rance is to beef up cyber-security amid growing fears that Russian hackers could try to influence its upcoming presidential election following claims that Moscow orchestrated US computer attacks to help Donald Trump
It's official: US election systems designated as critical (Ars Technica) Move comes after US says Russian hackers attempted to influence 2016 election
Statement by Secretary Jeh Johnson on the Designation of Election Infrastructure as a Critical Infrastructure Subsector (US Department of Homeland Security) I have determined that election infrastructure in this country should be designated as a subsector of the existing Government Facilities critical infrastructure sector. Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law
What is happening with Russia and the USA? (Affairs Today) It’s no secret that Russia and the US have always had a slightly strained relationship, often stemming from their different ideologies. This relationship has steadily worsened in recent years due to the crisis in Ukraine, Russia’s annexation of Crimea and the differing opinions over Russian military intervention in the Syrian Civil War. It appears as if relations have reached an all-time low, especially, with the recent on-going hacking scandal
Russia’s election intervention is ‘new reality, new weapon’ (PBS News Hour) One day after top U.S. intelligence officials showed him the classified evidence that Russian President Vladimir Putin ordered a hacking campaign to influence the election in his favor, President-elect Trump said Russia could become an ally during his administration. In a series of tweets this morning, Mr. Trump said in part, quote, “When I am president, Russia will respect us far more than they do now, and both countries will perhaps work together to solve some of the many great and pressing problems and issues of the world”
To counter Russian ‘information war,’ DNI advocates rebuilding U.S. Information Agency (Federal News Radio) A declassified report the intelligence community is set to release to Congress and the public next week on alleged Russian interference with the 2016 presidential election will assert that cyber attacks were only one part of a complex and adeptly executed information campaign — one that the nation’s top intelligence officer says the U.S. is inadequately equipped to counter
Obama admits underestimating impact of Russian hacking (India Today) "I think the report (of the intelligence community on election hacking) is very clear," Obama said about the report which alleged that the Russian President Vladimir Putin had ordered for hacking and interfering into the US election system
Aide says Trump 'accepts' U.S. intel blaming Russia for hack (Military Times) President-elect Donald Trump accepts the conclusion by U.S. intelligence agencies that Russia tried to interfere in the election that will soon put him in the White House, a top aide said Sunday
Questions about Russia swirl as Trump enters critical week (Press of Atlantic City) Donald Trump and his aides are entering a crucial week in his presidential transition as he and his Cabinet nominees undergo public questioning about their approach to Russia and potential conflicts of interests
Trump plans to form anti-hacking team (Kuwait News Agency) US President-elect Donald Trump said his meeting with intelligence chiefs on Friday was "constructive" and that he would be forming a team to "aggressively" combat cyberattacks
America’s Spies Need to Watch Their Backs (Foreign Policy) Donald Trump’s disparagement of the CIA and apparent plans to shake up the intelligence community are a serious threat to American security
Donald Trump Has the Keys to the Most Invasive Surveillance State in History (Foreign Policy) Will he use it to impose absolute power?
Two Senate Republicans to Seek Added Sanctions on Russia Over Hacking (Wall Street Journal) The move by Lindsey Graham and John McCain threatens to deepen the divide between Capitol Hill and Donald Trump over relations with the Kremlin
Air Force Wants a ‘Nerd Cyber Swat Team’ at Pentagon (DoD Buzz) Engineers walking around in hoodies and jeans may become a common sight at the Pentagon as part of an Air Force initiative to create its own “nerd” cyber squad, according to the service’s top civilian
New OPM guidance updates IT, cyber job coding (Federal Times) A Jan. 4 memorandum from the Office of Personnel Management explains updated procedures for identifying and coding federal positions with information technology and cyber-related functions
A Few States Now Actually Help You Figure Out If You’ve Been Hacked (Wired) Thousands of US companies were hacked last year, and each time people’s private data was taken. Was yours? You may not know because it’s hard to keep track, much less do anything about it when there are so many incidents all the time. But if the data collected on breaches in the US were available to you, it would be a lot easier to check whether you’ve interacted with compromised businesses and institutions. That data exists. In fact, nearly every US state (47 to be exact) requires companies to disclose when a breach affects their citizens, and most track this data internally. That data is usually a public records request away from you, the consumer, who could actually use it to inform your digital habits. But, recently a small group of states have decided to make breach information freely available to the public. This week, Massachusetts joined them
Digital India’ Needs To Be Cybersecurity Ready (BW Disrupt) “Sometime ago, I assisted Melissa Hathaway, who was a cybersecurity advisor to Obama and Bush, in preparing a Cyber Readiness Index for India… It states that India faces a herculean task of improving upon all markers of its cyber health like national strategy, incident response, e-crime and law enforcement, information sharing, investment in R&D, diplomacy and trade, and defence crisis and response”
Litigation, Investigation, and Law Enforcement
ODNI Statement on Declassified Intelligence Community Assessment of Russian Activities and Intentions in Recent U.S. Elections (IC on the Record) On December 9, 2016, President Barack Obama directed the Intelligence Community to conduct a full review and produce a comprehensive intelligence report assessing Russian activities and intentions in recent U.S. elections. We have completed this report and briefed President Obama as well as President-elect Trump and Congressional leadership. We declassified a version of this report for the public, consistent with our commitment to transparency while still protecting classified sources and methods
Assessing Russian Activities and Intentions in Recent US Elections (Office of the Director of National Intelligence) “Assessing Russian Activities and Intentions in Recent US Elections” is a declassified version of a highly classified assessment that has been provided to the President and to recipients approved by the President
ODNI Releases Report on "Assessing Russian Activities and Intentions in Recent US Elections" (Lawfare) The Office of the Director of National Intelligence has published a declassified version of the intelligence community's report on "Assessing Russian Activities and Intentions in Recent U.S. Elections," written by CIA, FBI, and NSA. President Barack Obama and President-elect Donald Trump have now been briefed on the classified version of the report
DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton (KrebsOnSecurity) Russian President Vladimir Putin directed a massive propaganda and cyber operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday
Russian cyberattacks influenced by WADA investigation (ABC News) Intelligence officials believe that Russian hacking efforts made against the United States were done in part as retaliation for a World Anti-Doping Agency (WADA) investigation that led to dozens of Russians being banned from the Rio de Janeiro Olympics
U.S. intelligence report says Putin targeted presidential election to 'harm' Hillary Clinton's chances (Los Angeles Times) Russian President Vladimir Putin personally ordered an intelligence operation against the U.S. presidential campaign and ultimately sought to help Donald Trump win the White House, according to a new U.S. intelligence report released Friday, shortly after the president-elect appeared to dismiss its key findings
US intelligence report: Vladimir Putin 'ordered' operation to get Trump elected (Guardian) Declassified assessment says Russia ‘had clear preference’ for Trump, who met with US intelligence chiefs on Friday but refused to endorse their findings
U.S. Spies to Trump: Putin Ordered Hacking to Boost Your Chances (Foreign Policy) Russian President Vladimir Putin “ordered an influence campaign” targeting the 2016 American election to “undermine public faith in the US democratic process” and to “help President-elect Trump’s election chances,” according to a newly declassified report released Friday
U.S.: Putin Personally Tried to Elect Trump (Daily Beast) A declassifed report from the U.S. intelligence community, released Friday, moments after a meeting with President-elect Trump, said that Russian President Vladimir Putin personally ordered a campaign to disrupt the U.S. presidential election. “We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election, Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency,” the report which included conclusions from the FBI, NSA and CIA read. “We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.” The report continued: “Moscow’s approach evolved over the course of the campaign based on Russia’s understanding of the electoral prospects of the two main candidates. When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign began to focus more on undermining her future presidency”
Intelligence agencies reveal Putin plan to back Trump (Christian Science Monitor Passcode) An Office of the Director of National Intelligence briefing reveals the fullest picture yet of claims Russia attempted to influence the presidential vote. Trump, however, says the operation had 'absolutely no effect on the outcome of the election'
RT stars in ODNI report on 'Russian activities and intentions' in US presidential election (RT) The US intelligence community has released the unclassified findings of its investigation into what it says was Russian meddling in the 2016 presidential election, hours after President-elect Donald Trump received a briefing on the probe
‘No new evidence of Russian hacking, contractors behind initial claims must be probed’ (RT) The “evidence” of alleged 2016 Russian election hacks, provided to the US government by private contractors of questionable credibility, contains only baseless assumptions and creates international tensions, ‘Inside Cyber Warfare’ CEO Jeffrey Carr told RT
Putin Ordered 'Influence Campaign' To Help Trump, U.S. Intelligence Report Says (NPR) The intelligence report on Russia's interference in the U.S. elections concludes that Russian President Vladimir Putin personally ordered an "influence campaign" that aimed to help President-elect Donald Trump
Was It a 400-Pound, 14-Year-Old Hacker, or Russia? Here’s Some of the Evidence (New York Times) In recent weeks, President-elect Donald J. Trump has taken to Twitter to cast doubt over a United States joint intelligence assessment that Russian intelligence services are responsible for hacking into Hillary Clinton’s presidential campaign, the Democratic National Committee, and the email account of Mrs. Clinton’s campaign chairman, John Podesta
British spies alerted America to Russia's cyber attack on US election (Mirror) GCHQ had prevented a breach of every Whitehall server in 2015, including the Home Office, Foreign Office and Ministry of Defence
Feds’ Damning Report on Russian Election Hack Won’t Convince Skeptics (Wired) On Friday, the Office of the Director of National Intelligence finally released a declassified report on Russia’s role in influencing the US election. And though it offers the most detailed official analysis yet of Russia’s operations, critics in the cybersecurity community say it lacks the still-secret evidence needed to persuade skeptics that analysis is true
FBI Says the Democratic Party Wouldn’t Let Agents See the Hacked Email Servers (Wired) Questions about the Democratic National Committee hack and Russia’s alleged involvement have been swirling for months, and have intensified as the intelligence community prepares to brief president-elect Donald Trump about its conclusions on Friday and release a declassified report next week. Ahead of this announcement, the DNC told Buzzfeed on Wednesday that neither the FBI nor any other intelligence agency ever did an independent assessment of the organization’s breached servers. Instead, they alleged, the FBI relied exclusively on information from private digital forensics company Crowdstrike. Now the FBI is refuting this account of the events
Rolling out the red carpet for hackers (Washington Times) Whether Sen. John McCain and Democrats on the Senate Armed Services Committee intended for Thursday’s Russian hack hearings to be used to undermine the U.S. presidential election, one thing is for sure: The hearings WILL be used to undermine the election — precisely as the Russians wanted
On Intelligence And Russian Hacking, Are Trump And His Team Missing The Point? (NPR) After casting doubt on the legitimacy of U.S. intelligence (even referring to it as "intelligence"), President-elect Donald Trump was briefed Friday by the nation's top intelligence officials on their investigation into Russia's hacking attempts and interference in the U.S. presidential election
Not all cybersecurity experts believe U.S. allegations of Russian hacking (Charlotte Observer) Experts on the malicious computer codes commonly used by Russian hackers are far from united behind the Obama administration’s accusations against Moscow, with a few echoing President-elect Donald Trump’s mistrust and asking for more information
Was Friday's declassified report claiming Russian hacking of the 2016 election rigged? (Fox News) Friday night, during her last show on Fox News, Megyn Kelly asked former House Intelligence Committee Chairman Pete Hoekstra whether he accepted the conclusion by 17 intelligence agencies in a recently released declassified report that Russia interfered in the 2016 presidential election and that this interference came at the direction of Russian President Vladimir Putin
Trump says cyberattacks had "no effect" on election outcome after briefing (CBS News) Top intelligence officials briefed President-elect Donald Trump Friday on Russia’s hacking efforts to interfere with the U.S. election
DHS slammed for report on Russian hackers (CyberScoop) The hacker groups known as Fancy Bear and Cozy Bear have been tracked for years by cybersecurity specialists — almost all of whom long accepted the detailed, public pattern of evidence linking them to Russian intelligence, including technical indicators-of-compromise
Cyber experts report ‘chasing ghosts’ after U.S. warning (WWLP) A Homeland Security Department official, speaking on condition of anonymity, defended the recent warnings
WashPost Is Richly Rewarded for False News About Russia Threat While Public Is Deceived (Intercept) In the past six weeks, the Washington Post published two blockbuster stories about the Russian threat that went viral: one on how Russia is behind a massive explosion of “fake news,” the other on how it invaded the U.S. electric grid. Both articles were fundamentally false. Each now bears a humiliating editor’s note grudgingly acknowledging that the core claims of the story were fiction: The first note was posted a full two weeks later to the top of the original article; the other was buried the following day at the bottom
Eight Facts on the “Russian Hacks” (Sharyl Attkisson) There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts. So what are the allegations and facts as we know them?
Intel officials: China still hacking U.S., albeit at reduced rate (SC Magazine) Despite dominating the headlines lately, Russia is not the only foreign cyberthreat endangering U.S. digital assets
FBI let alleged pedo walk free rather than explain how they snared him (Register) 'Tor pedo' torpedo torpedoed
The FTC's IoT security case against D-Link will test its power (PCWorld) The agency faces a hard fight in its suit alleging D-Link routers and cameras aren't secure
Man who says he invented e-mail sues Techdirt for disputing claim (Ars Technica) Libel case brought by lawyer who represented Hulk Hogan in Gawker lawsuit
Martin Shkreli harasses Teen Vogue writer, has Twitter account suspended (Ars Technica) Before suspension, Shkreli describes his Duca-related posts as "unrequited love"
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Crimestoppers Conference (Eden Project, Bodelva, St Austell , Apr 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances
SANS Security East 2017 (New Orleans, Louisiana, USA, Jan 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!
S4X17 ICS Security Conference (Miami Beach, Florida, USA, Jan 10 - 12, 2017) Three Days of advanced ICS cybersecurity on three stages with the top 500 people in ICS security. Main Stage - The big names (Richard Clarke, Renee Tarun, ...) and forward looking topics (ICS certification, machine learning, ExxonMobil project, securing IoT, industrial drones, cyber PHA, workforce development). Stage 2: Technical Deep Dives - the classic S4 sessions in gory technical detail. If you ever said you wanted more at an ICS event, this is where you get it. Sponsor Stage - the sessions on this stage alone rival what you would see at most other ICS security events. They are the same speakers you might see at other events, but they up their game for the advanced S4 crowd. Social Events - We all attend conferences as much to establish and renew relationships with our peers as to see the sessions. The people you want to meet and know in ICS cybersecurity are all at S4.
Suits and Spooks DC 2017 (Arlington, Virginia, USA, Jan 11 - 12, 2017) “What we are creating now is a monster whose influence is going to change history, provided there is any history left.” (John von Neumann) When John von Neumann said those words in 1952, he didn’t mean the Atomic bomb that he helped create as a scientist with the Manhattan Project. He was referring to his revolutionary work in high speed computing. Over sixty years later, the computer has revolutionized every aspect of our life – from currency to medicine to warfare. Our almost total reliance upon insecure software and hardware has made the world less safe, and has fundamentally changed the power equations between State and Non-State actors. Suits and Spooks 2017 will focus on identifying the world’s most valuable new technologies, who the threat actors are that are looking to acquire them, and what can be done to stop them.
Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, Jan 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations. For Chief Security Information Officers, Chief Information Officers, and Chief Risk Officers, by invitation only (apply to attend).
Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, Jan 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats to critical infrastructures. This summit will focus on two sectors that are among those at greatest risk, the energy and manufacturing sectors. Highlighting emerging technologies and policy initiatives, this event will foster the development of high impact strategies to address the many interrelated cybersecurity challenges we face in the protection of our nation’s critical infrastructures.
ShmooCon 2017 (Washington, DC, USA, Jan 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
BlueHat IL (Tel Aviv, Israel, Jan 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, Jan 25 - Feb 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks
Blockchain Protocol and Security Engineering (Stanford, California, USA, Jan 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.
National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, Jan 31 - Feb 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community! Protecting the Credit Union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.