Our new subscription program, CyberWire Pro, launched this week. Designed for cyber security professionals and all others who want to stay abreast of this rapidly evolving field, CyberWire Pro is a premium news service that will save you time and keep you informed.
Time changes everything –so does the cloud. Yet, even as the cloud unlocks potential it opens the door to threats. McAfee designs security natively in the cloud, for the cloud. To protect the latest, like containers. To empower your change-makers, like developers. And to enable business accelerators, like your teams. Cloud security that accelerates business, it’s about time. Visit McAfee.com/time.
China rummages Vault 7, denounces CIA. US Government warns against Super Tuesday meddling. Covid-19 business fallout. Talent available.
Chinese security firm Qihoo 360 has outlined an eleven-year campaign by the US Central Intelligence Agency to compromise targets in China, particularly in the civil aviation sector. The report, apart from some suggestions that incursions into civil aviation extended beyond China, is mostly warmed-over Vault 7 material from WikiLeaks.
The US Government issued a terse warning to foreign adversaries in advance of today's Super Tuesday presidential primaries: "any effort to undermine our democratic processes will be met with sharp consequences." The Secretary of State, Attorney General, Secretary of Defense, Acting Secretary of Homeland Security, and the Acting Director of National Intelligence all signed the joint statement, as did the heads of the FBI, US Cyber Command and NSA, and CISA. They also stressed the citizen's role in rejecting disinformation: know where and when to vote, know what the issues are, and know what identification will be required at the polls. And they commended state and local election authorities to voters as the best source of reliable information.
Another tech conference has been affected by coronavirus concerns. DVCon has compressed its program this week to three days, as presenters from China, South Korea and Italy cancel their appearance.
The Register says Maersk is preparing to cut one-hundred-fifty jobs at its Maidenhead command-and-control center. This is the crew credited with helping Maersk ride out NotPetya in 2017, so if you're hiring in the UK and looking for people who know a thing or two about incident recovery, consider a visit to Maidenhead.
Today's issue includes events affecting China, France, India, Iran, Italy, Democratic Peoples Republic of Korea, Republic of Korea, Morocco, Russia, Singapore, United Kingdom, and United States.
Bring your own context.
Social engineering, as security people call it, is a confidence game, a way of inducing people to act against their interests. So the social engineers, like the three-card monte dealers so beloved in folklore, they're really artists, aren't they? Right, Mr. Jillette?
"But, no, no: because that's part of the lie. You know, when David Mamet writes about scams, it's always this kind of beautiful interplay that shows basic human needs and desires. That's not what's going on in three-card monte. If Teller and I were to go up and know every single move and be able to see the move - which we couldn't do anyway, but let's postulate that we could - we could see the move and therefore be able to make the bet and stop them from doing the turnover and stop all of that, there are six people working that scam, and they will pull you in the back alley, beat you up and take your money. It is not someone outsmarting you at a game. It is somebody who is a thug, a bully, a violent person operating outside of the trust of society who will hit you. So if you were able to say that's where the queen is, hold the person's hand back, turn over the queen, showed that to them, triumphantly, they are not going to go, jolly good, well played, here's our money."
—Penn Jillette, illusionist, conjurer, entertainer, and professional charlatan, on the CyberWire's Daily Podcast, 2.28.20.
Teller nodded in silent agreement.
Aerospace news worthy of attention.
If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin talks about the FCC hot water some telecommunications companies have landed in. Our guest is Stuart Reed from Nominet, with some new research on CISO stress.
And Recorded Future's podcast, produced in partnership with the CyberWire, is also up. In this week's episode, "Gamification of Incident Response in the Cyber Range," the topic is how effective incident response requires practice and training, and the more realistic the exercise, the more effective the response is likely to be. Their guest is Christopher Crummey, executive director of the X-Force Command Centers at IBM Security. He and his team create highly realistic simulations of cybersecurity incidents to help organizations evaluate how they’ll respond when the heat is on and the pressure is high.