Our new subscription program, CyberWire Pro, launched last week. Cyber security professionals and all others who want to stay abreast of this rapidly evolving field, will find that CyberWire Pro is a premium news service that will save you time and keep you informed.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
EU power grid coordinator business network hacked. Cablegate report declassified. Hung jury in Vault 7 case. Arrest over DEER.IO, crook vs. crook.
The European Network of Transmission System Operators for Electricity (ENTSO-E), which coordinates European electrical power markets, disclosed that it suffered "a successful cyber intrusion" into its business systems. CyberScoop says power generation and distribution are unaffected by the incident.
The National Security Archive has released US Cyber Command's declassified assessment of the damage done by the 2010 WikiLeaks' publication of sensitive State Department cables. The National Security Archive summarizes the report as "suggest[ing] that illegal release of classified State Department cables in 2010 led to a period in which the U.S. government was hindered in its ability to track the activities of at least one of the most sophisticated APTs operating on the geopolitical stage."
The trial of former CIA employee Joshua Schulte on charges connected to WikiLeaks' Vault 7 ended in New York yesterday with convictions on the minor counts of perjury and contempt, but with a hung jury on the eight far more serious charges of improperly disclosing classified information. The Washington Post says the Government will probably seek a retrial. A conference on March 26th is expected to outline the next steps.
US authorities have arrested Kiril Viktorovich Firsov on charges related to his alleged operation of the DEER[.]IO black market souk, ZDNet reports.
Cybereason researchers observe criminals hacking criminals, infecting rivals' hacking tools with njRAT.
Another test of US election security comes today, as five states (Idaho, Michigan, Mississippi, Missouri, and Washington) hold primaries and one (North Dakota) holds a firehouse caucus. NBC has a summary.
Today's issue includes events affecting Australia, Canada, China, European Union, Iran, Russia, United Kingdom, United States, and Vietnam.
Bring your own context.
CIA, but not the kind they have down at Langley.
"One of the concepts we talk to our clients about is the CIA Triad. Looking at risk from a cyber perspective in terms of confidentiality of information, the integrity of the organization and the availability of services and products that the organization may be taking to market. Using this lens to better understand cyber risk is a concept we talk to our execs about all the time. Thinking about what's going on in the market in, let's say, ransomware, how does that impact the availability of those products and services to customers of that organization? Looking at data loss and PII and what that impact would be on terms - in terms of confidentiality, those are the things that we try to educate execs and board members on in terms of looking at risk, in terms of the confidentiality, integrity and availability of services that they offer to their clients. Teaching executives about the CIA Triad, making sure that they have a good foundational understanding and provide cyber risk reports broken down by confidentiality, integrity and availability, and being able to track security metrics through that CIA Triad lens."
And a triad, but not, you know, the secret society kind of Triad.
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin updates us on the ClearView AI affair and its implications for privacy law. Our Guest is Kathleen Kuczma from Recorded Future, with a review of the 2019 Top Vulnerabilities List.
And speaking of Recorded Future, their podcast, produced in partnership with the CyberWire, is up. In this episode, "A Nuanced Approach to MSSP and MDR Services," they offer a moment of clarity concerning MSSP and MDR services. MSSP stands for "managed security service provider," and MDR is "managed detection and response." Their expert guest this week will help sort out the sometimes subtle differences between the two. Sean Blenkhorn is chief product officer at eSentire, and he shares his insights on modern threat hunting and how threat intelligence can enhance those capabilities.