Mountain View: the latest from SINET ITSEF 2018
Emerging and enduring challenges, with a call for risk management. (The CyberWire) Several trends drew the attention of panelists and speakers at ITSEF. Two of them, resilience and the burgeoning Internet-of-things, we'll consider separately. The others we'll summarize here.
Risk management, regulation, and public policy. (The CyberWire) On March 8, 2018, Robert Rodriguez (SINET CEO) moderated a discussion between Kiersten Todt (President, Liberty Group Ventures) and Joseph Sullivan (former Commissioner, US Presidential Commission on Enhancing National Cybersecurity) both of whom worked together to formulate the Presidential Commission's recommendation on cybersecurity. They offered a broadly optimistic take on the direction of US national cybersecurity policy, but the two former Commissioners agreed that we're starting to see technologies being weaponized and used in ways we're not prepared for. They also agreed that they wanted to see more Government involvement and collaboration, but not necessarily more regulation.
Next-generation deception technology: now more "must-have" than "nice-to-have"? (The CyberWire) Deception technology has recently begun to be used as a defensive tool. It's enjoyed notable success, but it's still not widely deployed commercially on a large scale. This seems likely to change. A panel discussed the benefits their enterprises had derived from including deception in their architecture.
Rick Moy (Head of Marketing, Acalvio Technologies), moderated a panel whose members included Andy Nallappan (Chief Information Officer, Broadcom), Richard Rushing (Chief Information Security Officer, Motorola Mobility), Caleb Sima (Founder, Badkode Ventures), and Abe Smith (Director, Enterprise Security, Cavium).
Cyber Attacks, Threats, and Vulnerabilities
Masha and these Bears (Securelist) Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary. They are sometimes portrayed as wild and reckless, but as seen under our visibility, the group can be pragmatic, measured, and agile.
Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia (TrendLabs Security Intelligence Blog) We discovered a new campaign targeting organizations in Turkey, Pakistan and Tajikistan that has some similarities with an earlier campaign named MuddyWater, which hit various industries in several countries, primarily in the Middle East and Central Asia.
New attacks spark concerns about Iranian cyber threat (TheHill) Experts are sounding the alarm about new cyber activity from Iran, as hackers become more emboldened and skilled at carrying out surveillance operations and other attacks outside the country’s borders.
Information Warfare: Cyber War Slaves Serve The Mighty Kim
(Strategy Page) The growing number of North Korean defectors are revealing more details of how North Korea is trying to adapt to the increasing list of economic sanctions and the opportunities for Internet based misbehavior Some of these defectors were associated with
How ISIS and Russia Manufactured Crowds on Social Media (WIRED) The Islamic State built a global brand using the power of social media. Now, Russia is following a similar playbook—and it’s all too easy.
Fake news travels faster than truth on Twitter, and we can’t blame bots (Naked Security) People prefer spreading juicy lies over the truth, according to new research from MIT.
Could AI-Driven Info Warfare Be Democracy’s Achilles Heel? (The Cipher Brief) Today, waging information warfare is a manpower-intensive effort. What if that changes?
Cryptojacking attack uses leaked EternalBlue NSA exploit to infect servers (ZDNet) RedisWannaMine is a sophisticated attack which targets servers to fraudulently mine cryptocurrency.
Telecom Egypt covertly redirecting internet users to crypto mining sites: report (Egypt Independent) Government-owned Telecom Egypt has allegedly been redirecting internet users to crypto mining sites, or displaying ads to secretly gain money, according to a report published by security researchers at the University of Toronto on Friday. According to the report titled, “Bad Traffic: Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users …
Cryptomining versus cryptojacking – what’s the difference? (Naked Security) When cryptomining is done on the sly, it turns into cryptojacking – a crime that has become a serious global problem. Here’s what to do…
Cryptomining malware a genuine threat to organizations, NTT Security says (Security Brief) There are more than 12,000 Monero mining malware samples 66% of which were submitted between November and December 2017.
Cavalry riding to the rescue of DDOS-deluged memcached users (Register) Attacks tapering, as experts argue over 'kill switch'
How Creative DDOS Attacks Still Slip Past Defenses (WIRED) While some major distributed-denial-of-service attacks have been thwarted this month, the threat remains as critical as ever.
DDoS explained: How distributed denial of service attacks are evolving (CSO Online) A distributed denial of service (DDoS) attack is when attackers attempt to make it impossible for a service to be delivered, typically by drowning a system with requests for data. They have been part of the criminal toolbox for twenty years, and are only growing more prevalent and stronger.
Taiwan hit hard by ransomware (Taipei Times) Taiwan was one of the countries worst hit by ransomware attacks last year, falling victim to millions of attacks, according to Trend Micro Inc’s (趨勢科技) annual security roundup.
Sophisticated Cyberspies Target Middle East, Africa via Routers (SecurityWeek) Slingshot is a sophisticated cyber espionage campaign that targets entities in the Middle East and Africa via routers, and the group behind the operation apparently speaks English
Potent malware that hid for six years spread through routers (Ars Technica) Nation-sponsored Slingshot is one of the most advanced attack platforms ever.
State Spy Programs, espionage & Monero mining - fingers point at Sandvine (HackRead) Sandvine Products and Technology Used by Egypt, Turkey, and Syrian Governments to Install Spyware and Monero Mining.
Bad traffic: New Citizen Lab report finds Sandvine’s PacketLogic devices used to deploy government spyware in Turkey and redirect Egyptian users to affiliate ads (University of Toronto News) A new report by the Citizen Lab at the University of Toronto’s Munk School of Global Affairs outlines an investigation into the apparent use of networking equipment, offere
CCleaner compromise: keylogger may have been present (iTWire) Czech security company Avast says it has found evidence of ShadowPad, a specialised tool used by a specific group of cyber criminals, installed on fou...
4 Misconceptions About SQL Injection Vulnerabilities (Hacker Noon) SQL injection continues to be one of the biggest security risks that we face as developers and database professionals.
Somebody's watching! When cameras are more than just 'smart' (Securelist) The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses. This model has a rich feature list, compares favorably to regular webcams and can be used as a baby monitor, a component in a home security system or as part of a monitoring system.
Autonomous AI Phone Botnets Not A Near-Term Threat: Avast (AndroidHeadlines.com) Fully autonomous botnets comprised of AI-enabled smartphones equipped with neural processing units aren't a realistic threat in the immediate future, Avast
Thousands of gas stations online are open for hackers to hit (CNET) Researchers from Kaspersky Lab have found software vulnerabilities that give them online access more than 1,000 gas stations around the world.
Ransomware for robots is the next big security nightmare (ZDNet) Researchers found they were able to infect robots with ransomware; in the real world, such attacks could be highly damaging to businesses if robotic security isn't addressed.
Password manager maker Keeper hit by another security snafu (ZDNet) The exposed server contained the company's downloadable software -- including a code-signing certificate.
U.S. More Vulnerable To Weaponized Cyberattacks Than You Think (Fast Company) Experts on a panel at SXSW warn major hacking onslaughts of our infrastructure, personal data, and businesses are coming—and we’re not ready.
Security Patches, Mitigations, and Software Updates
March Patch Tuesday forecast: In like a lamb, out like a lion (Help Net Security) The March Patch Tuesday forecast promises a lot of work since we are expecting many releases. Will we see this in March's Patch Tuesday? Let's take a look.
Cisco Patches Hard-coded Password in PCP Software (SecurityWeek) Cisco has released software updates to address a hard-coded password vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software.
Verizon rolls out Android 8.0 Oreo to LG V30 whereas LG G6 gets February security patch (The Droid Guru) LG, one of the smartphone manufacturers, that has been having tough times in the smartphone industry recently same as the other Android manufacturers released the latest smartphones in the LG G series and the LG V series last year. These smartphones were named as the LG G6 and the LG V30 respectively. Now, it is …
PlayerUnknown's Battlegrounds Rolls Back Anti-Cheat Patch (WWG) The new anti-cheat patch that was recently deployed for PlayerUnknown’s Battlegrounds has now [...]
Cyber Trends
Platform power is crushing the web, warns Berners-Lee (TechCrunch) On the 29th birthday of the world wide web, its inventor, Sir Tim Berners-Lee, has sounded a fresh warning about threats to the web as a force for good,..
Merlin International & Ponemon Institute Cybersecurity Study Signals Dangerous Diagnosis for Healthcare Industry (BusinessWire) Merlin International, in partnership with the Ponemon Institute, released the results of its healthcare cybersecurity study.
IoT attacks, ransomware, and steganography? Fortinet looks at the latest cybercrime trends (Security Brief) Fortinet says that stenography as an attack vector hasn’t had too much visibility in the last several years but it could be the start of a resurgence.
Marketplace
Deception Technology Market Innovation including key players Javelin Networks, Allure Security Technology (Industry Today) The in-depth information by segments of Deception Technology market helps monitor future profitability & to make critical decisions for growth.
The CEO behind the firm tipped to be the UK's next unicorn (City A.M.) In the heart of London, in the middle of the Strand, the office of Darktrace sits almost like a fortress; a sea of calm in the chaos and uncertainty
BioCatch closes $30M round for its ‘behavioral biometrics’ tech for banks and other transaction businesses (TechCrunch) BioCatch, the U.S./Israeli startup that has developed “behavioural biometric authentication and threat detection” tech to enable banks and other high..
Is Zscaler's IPO Overvalued? (Seeking Alpha) We will use a comparable multiples method to get an intrinsic valuation of Zscaler. We believe that the IPO is being sold at a very expensive price, as competit
CyberArk Acquires Cloud Security Provider Vaultive (Infosecurity Magazine) Deal will see CyberArk advance privileged account security for the cloud
McAfee acquires TunnelBear VPN Company (Gizbot) McAfee acquires TunnelBear VPN Company. TunnelBear added that Well also continue to collect the minimum amount of data possible to operate our service and document everything in our privacy policy.
Peter Thiel’s data company Palantir will develop a new intelligence platform for the US Army (The Verge) The platform, built in conjunction with Raytheon, will replace the Army’s aging Distributed Common Ground System
The Army turns to a former legal opponent to fix its intel analysis system (Defense News) The U.S. Army has selected both Raytheon and Palantir to build new intelligence analysis capabilities that could be worth up to nearly a billion dollars in an attempt to save the Distributed Common Ground System-Army.
Products, Services, and Solutions
U.S. Department of Defense Validates ForeScout for IoT Security (NASDAQ.com) SAN JOSE, Calif., March 12, 2018-- ForeScout Technologies, Inc., a leading Internet of Things security company, today announced that the U.S..
Microsoft Australia prepares cyber-awareness micro-credential (ARN) Microsoft Australia has partnered with the University of Adelaide and the Defence Teaming Centre to pilot and launch a cyber-awareness micro-credential.
Technologies, Techniques, and Standards
Ransomware is a growing threat, but there are things you can do to protect your firm (ABA Journal) Ransomware is a growing, $1 billion-a-year industry—and one that has already proven to be devastating to other multibillion-dollar industries around the world.
Thwart Cyber Attackers by Inverting Your Strategy (LookingGlass Cyber Solutions Inc.) When it comes to your organization’s cybersecurity, there is no “one size fits all” solution. In the face of today’s dynamic threats – bad actors constantly find new and innovative ways to circumvent existing security apparatuses – many organizations are struggling to get ahead of an attack. Yes, the more you know –, March 7, 2018
Latvian mobile operator invites cyber attackers to have a go (CSO Online) Security researchers wanting to test the kind of malware that could break public networks now have a place to do so in safety.
Checked Your Credit Since the Equifax Hack? (KrebsOnSecurity) A recent consumer survey suggests that half of all Americans still haven’t checked their credit report since the Equifax breach last year exposed the Social Security numbers, dates of birth, addresses and other personal information on nearly 150 million people. If you’re in that fifty percent, please make an effort to remedy that soon.
Design and Innovation
When should humans step aside and let AI make decisions? (C4ISRNET) The Navy's unmanned expert says autonomous systems are the future. But questions remain about what exactly that future will look like.
Progress Slows On Once-Hot Ethereum Privacy Projects (CoinDesk) The promise of private ethereum smart contracts remains undiminished, though a conference this week showcased that challenges that persisting today.
4 Things That Made Blockchain The Most Disruptive Tech In Decades (Inc42 Media) Blockchain, the revolutionary technology behind Bitcoin, has been slow to receive the fame it deserves. Hailed as one of the most disruptive technologies in decades, blockchain technology is at the heart of the shift from centralised server-based internet system to a cryptographic transparent network.
Quantum Blockchain: How Physicists Will Stage a Cryptoworld IT Revolution (Sputnik) The mastermind of the first ever quantum blockchain, Alexei Fyodorov, has detailed who might be interested in such a blend of IT innovations, as well as how quantum technology will drastically change the whole digital world.
Research and Development
Google thinks it’s close to “quantum supremacy.” Here’s what that really means. (MIT Technology Review) It’s not the number of qubits; it’s what you do with them that counts.
Academia
Thales and Indian Institute of Technology Madras sign Memorandum of Understanding (India Education Diary) Thales and the Indian Institute of Technology Madras (IIT Madras) today signed a Memorandum of Understanding (MoU) to create a jointly supervised PhD fellowship programme in coordination with CNRS. Thales and IIT Madras look forward to strengthening Indo-French scientific collaboration while contributing towards the development of highly specialised technical skills in India. The MoU …
With The Aim Of Supporting 10K Student Innovators By 2021, Gujarat University Launches Its Startup And Innovation Policy (Inc42 Media) Stepping forward in the startup ecosystem, Gujarat University recently launched its Startup and innovation policy. The launch event was attended by Union Commerce and Industry Minister Suresh Prabhu and Bhupendrasinh Chudasama, Minister of Education for Gujarat.
10 free online cybersecurity courses you should take (TechRadar) You've got nothing to lose except your data
Legislation, Policy, and Regulation
Sergei Skripal: Theresa May set to hit back at Russia over spy attack (Times) Theresa May is on the verge of publicly blaming Russia for the attempted murder of Sergei and Yulia Skripal and ordering expulsions and sanctions against President Putin’s regime. An announcement...
Growing threat of cyber wars demands strengthening of our capabilities (Times of India Blog) Today cyber space occupies a crucial position in national security system. It is an interactive domain made up of digital networks that is used to store, analyse, modify and communicate information. Our dependence on cyber...
U.S. military ineffectively prepared to counter Russian cyber threats: NATO Europe commander (The Washington Times) The top U.S. general in Europe has become the latest high-ranking official to acknowledge weaknesses in the country’s ability to effectively counter Russian cyber threats.
Two votes against, three abstentions: Xi secures power in perpetuity (Asia Times) China's rubber-stamp parliament passes a constitutional amendment removing presidential term limits – thereby giving Xi Jinping almost total authority
Australia's Defence Department bans WeChat (Financial Review) The Department said it did allow limited use of Facebook.
How China Interferes in Australia (Foreign Affairs) Australia is pushing back against a campaign of political interference orchestrated by China.
Fear the great tech armoury of China (Times) If you’re reading this while commuting to the office this dank Monday, be grateful you’re not working for a “nine-nine-six” company. “Nine-nine-six”, I learnt at the Beijing smartphone maker Xiaomi...
India to set up special agency to battle cyber terrorists (DNA) India to set up special agency to battle cyber terrorists - The Internet has expanded rapidly at a global scale and has been the most powerful technological revolution known in the history of mankind.
5 things Trump could do to stop Russia’s meddling (The Columbian) Recently, the Pentagon’s cyberdefense commander was asked whether the government has done enough to protect the 2018 congressional election against Russian hacking. “We’re not where we need to be,” Ad
Susan Rice reportedly told the White House cyber team to 'knock it off' when they floated options to combat Russian meddling (Business Insider) Susan Rice did not want to "box in" then President Barack Obama if news of Russia's cyberattacks leaked.
Does the U.S. government need to protect American tech companies? (San Diego Union Tribune) A recent decision by the federal government's Committee on Foreign Investment in the United States to review the bid by Broadcom to take over Qualcomm highlights national security concerns about advancements in the tech sector.
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is (Dark Reading) Proposed new connected-product repair laws will provide hackers with more tools to make our lives less secure.
UK government delays erection of age-checks for p[0]rn sites (Computing) Concern over security and privacy of third-party age-verification for p[0]rn sites forces delay
Litigation, Investigation, and Law Enforcement
What now for UK and Russia after spy row? (BBC News) If Russian involvement is confirmed, will the UK take action and will Russia retaliate?
Sergei Skripal: ‘Forthwith’ gave MI6 telephone directory of Russian agents (Times) Sergei Skripal was a highly paid, highly valued MI6 spy codenamed “Forthwith” who provided important material to British intelligence over a ten-year period, including the entire telephone...
All of Russia’s enemies have lived in fear of the assassin (Times) After the death of Stalin, a letter was found under a newspaper in his desk drawer. Written in 1950, it was from Marshal Tito, the independent-minded Yugoslav communist leader who had consistently...
Tories break Theresa May’s vow to ban Russian donors (Times) Russian oligarchs and their associates have registered donations of more than £820,000 to the Conservative Party since Theresa May became prime minister, The Sunday Times can reveal. May promised...
Sauna security camera hacked; n[*]de videos of Dutch Women’s Handball Team leaked (HackRead) The stolen videos from hacked security cameras were leaked even when the system was removed from the sauna.