Our new subscription program, CyberWire Pro, launched this week. Designed for cyber security professionals and all others who want to stay abreast of this rapidly evolving field, CyberWire Pro is a premium news service that will save you time and keep you informed.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
Coronavirus misinformation: ignorance, crime, and policy. Ransomware infestations surge. Chatty crooks betray themselves.
A great deal of coronavirus misinformation continues to circulate, including descriptions of bogus cures, paranoid descriptions of secret laboratories, and oddball accounts of government conspiracies. Much, probably most of this is spontaneously generated by Internet users, and the New York Times reports that some of the larger platforms like Facebook and Twitter remain at a loss as to how they might reasonably control baseless, potentially harmful rumors.
Some of the misinformation is deliberate, as online scammers use coronavirus stories as phishbait. The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) offers commonsense advice on how to avoid swallowing it.
And some of the misinformation is state-driven disinformation (and that’s no oddball conspiracy theory). The US State Department warns, according to the Washington Post, that the familiar apparatus of Russian trolling has been at work pushing coronavirus scare stories. The goal of the information operation is, as usual, disruption and chaos, confusion to the enemy.
Ransomware continues to surge, with greater virulence and rapacity. For a look at what it can do to an organization, see the Regina Leader-Post account of a shutdown Ryuk ransomware induced at EVRAZ Regina, a major steel mill in Saskatchewan. Local governments continue to suffer from Ryuk as well: the city and county of Durham, North Carolina, were hit over the weekend, BleepingComputer reports.
How do police catch criminals? Often because criminals talk about their crimes openly in their social media accounts, Quartz reports. The crooks need to show off like everyone else.
Today's issue includes events affecting Australia, Canada, European Union, France, Georgia, Indonesia, Ireland, Israel, Republic of Korea, Malaysia, Nepal, Palestinian Territories, Philippines, NATO/OTAN, Russia, Singapore, Thailand, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States, and Vietnam.
Bring your own context.
What does it mean when stolen personally identifiable data doesn't show up for sale on the black market, or when it's not being used for theft or fraud? What value do the attackers find in the data when they're not obviously monetizing them?
"Today, you know, with the attacks that we see - Equifax, Marriott, OPM, Anthem - none of that data showed up on the dark web for sale, and that's because, you know, somebody nation-state - and I think it was just yesterday they just charged the PLA with the Equifax hack - they're looking for massive amounts of data. They need as much data as they can because then they can start - they can quite comfortably, sitting in a secure facility somewhere in China or Russia or wherever it is, start running analysis on who would be a good attack - or a good target. Who would be a good victim? Who could they turn? And it doesn't have to be that typical one where you're looking for the one person that has access to everything. You can look for somebody who has access to someone who has access to someone who has access. And, you know, it's sort of going down the line. So it's a really, really messy place that we're sitting in right now."
Intelligence services just have a different value proposition.
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.