We conclude or coverage of last week's SecurityWeek ICS Cyber Security Conference with some notes and observations. The conference (organized by SecurityWeek) will be posting video of the presentations on its site, and they'll be well-worth your time. You can conveniently browse the conference's interactive agenda here.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
Iranian info ops. Content moderation, post-outrage. IBM buys Red Hat. DMCA exceptions. What not to expect from attribution.
On Friday Twitter took down a number of inauthentic accounts run from Iran. Earlier Iranian influence operations were artlessly direct in following the Islamic Republic's domestic and international line, but this latest round of trolling was effectively indistinguishable from the familiar St. Petersburg style. The content pushed was opportunistically divisive, directed against fissures in both American and British culture. St. Petersburg's Internet Research Agency apparently referred traffic to bogus pages operated by Iran. This could be a sign of collusion, but simple alignment of interests and recognition of good work ("good" from Moscow's point-of-view) are at least as likely.
Gab goes down after the Pittsburgh synagogue killings.
IBM announced its intention to acquire Red Hat for $34 billion, a bet that IBM's future lies in hybrid cloud and subscription-based software.
On Friday the Librarian of Congress and the US Copyright Office added more exemptions to Digital Millennium Copyright Act enforcement. The exemptions are intended to reduce the risk that legitimate security research would run afoul of the DMCA.
The FBI has glumly warned companies not to expect simple attribution to do much to deter North Korean hacking. Pyongyang really doesn't have much to fear when it comes to reputational risk alone, which shows how having nothing to lose can sometimes amount to a position of strength.
The Chinese government's policy of stationing loyal citizens, mostly ethnic Han, in the households of mostly Muslim Uighurs may remind Americans why their Bill of Rights has a Third Amendment to preclude such dragonnades.
Today's issue includes events affecting Canada, China, Iran, Japan, Democratic Peoples Republic of Korea, Russia, Ukraine, United Kingdom, and United States.
According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.