We're pleased to announce our new subscription program, CyberWire Pro, launching early in 2020. For cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is an independent news service you can depend upon to stay informed and save time. Learn more and sign up to get launch updates here.
AT&T Cybersecurity teamed up with 451 Research to survey organizations on their 5G security plans. Download today and see organizations’ 5G cybersecurity preparedness responses followed by gap analysis on what’s possibly being overlooked plus recommendations for strengthening 5G security efforts.
NCSC investigates possible Russian influence ops. ZeroCleare wiper in the wild. What Lazarus Group wanted. War clauses.
Another accusation of Russian-government phishing comes from UK Labour politician Ben Bradshaw, whom the Guardian describes as a frequent critic of Moscow's influence operations. Bradshaw says he received email from an "Andrei" who claimed to be a "whistleblower" inside Russian President Putin's administration. The email's attachments purported to describe Russian disinformation operations, but upon further review they appeared possibly malicious. The NCSC is investigating.
IBM researchers describe a new, destructive wiper, ZeroCleare, which is active in the wild against energy sector targets in the Middle East. IBM regards it as likely that ZeroCleare, which in some respects resembles Shamoon, is being deployed by Iranian state actors.
North Korean hackers belonging to the Lazarus Group who inserted DTrack malware into administrative systems at India's Kudankulam nuclear facility were, according to the International Business Times, after thorium reactor design information.
Big pharma giant Merck is wrangling with its insurers over the $1.3 billion in losses the company incurred as the result of the NotPetya infestation it suffered on July 27, 2017. The insurers balk at paying because it appears that the NotPetya attack, generally and credibly attributed to the Russian government, may have amounted to an act of war. The malware was initially deployed as part of Russia's hybrid war against Ukraine, but spread rapidly to targets elsewhere in the world. The matter is now being litigated, Claims Journal reports, in a Union County, New Jersey, court.
National Interest seeks to make Air Force flesh creep with accounts of F-15 hacking demonstrations.
Today's issue includes events affecting Australia, Brazil, Canada, China, Colombia, European Union, India, Jamaica, Japan, Democratic Peoples Republic of Korea, NATO/OTAN, New Zealand, Russia, United Kingdom, and United States.
Bring your own context.
Spare a thought for the Federal CISO.
"If you have fifty regulations that you're trying to adhere to and if you have an inspector general report that has thirty-two findings of areas that can be improved and if you have eight programs that you can try and sequence in which order you get to the recommendations or you get to the actions first, it's useful to have a high-level principal like that, where you can say, the things that I'm going to really seek to do first are the things that are going to help with an objective like that. And we've seen a lot of interest, increasing interest, from decision-makers in government in adopting a format like that."
—Robert Sheldon, head of technology strategy for public sector at CrowdStrike, on the CyberWire's Caveat podcast, 12.4.19.
There are bureaucratic virtues as well as the familiar vices, the red tape everyone complains about. Some of those virtues are accountability, due process, procedural equity, careful stewardship of public funds. May the virtues win.
A recommendation to our readers.
If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. It offers a monthly overview of news in this sector.
Today's summary cited the National Journal as the source for concerns about F-15 hacking. That should be the National Interest, and the text above has been corrected to reflect that.
The appearance of new threats and security challenges requires effective tools for their timely identification and in-depth analysis. Without proper contextualization, intelligence is completely useless. Context™ – Cyber Threat Intelligence Platform for enterprises and government agencies delivers cyber threat intelligence harvested from millions of data points from the Deep and Dark Web, combined with data science for objective and actionable insights.
In today's Daily Podcast, out later this afternoon, we speak with our partners at Booz Allen Hamilton, as Michael Sechrist discusses security concerns with messaging apps like Slack. Our guest is Roger Hale from YL Ventures; he shares thoughts on the CISO's changing role in risk management.
And Caveat, our weekly cyber law and policy podcast, is up. In this episode, "Moving the needle in the federal space," Ben describes US Senate Democrats' proposal for new privacy legislation. We have a story from the Supreme Court of Pennsylvania on the 5th Amendment and password privacy. And later in show we interview Robert Sheldon, Head of Technology Strategy for Public Sector at CrowdStrike, discussing Federal cybersecurity and how those efforts connect to broader IT modernization initiatives.