We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
For more, see our daily update on COVID-19 and the cybersecurity community.
Tensions between China and its neighbors are finding more expression in cyberspace. As FireEye reported last week, Vietnam is thought to have conducted a recent cyber espionage campaign against Chinese targets, mostly targets that might yield information about the origins and transmission of COVID-19. Now Chinese threat actors are engaged in spearphishing officials in Da Nang. Anomali sees strong indications that the Pirate Panda group is behind the attacks. Da Nang is a coastal city relatively close to the Paracel Islands, ownership of which is disputed among China, Vietnam, and the Philippines. CyberScoop says that the spearphishing campaign seems linked to the territorial dispute, especially since Da Nang was recently visited by the USS Theodore Roosevelt and the USS Bunker Hill, on a diplomatic good will mission. The US regards those waters as international; China says it owns them.
While the best available information indicates that Kim Jong-un is still running North Korea, and isn't under any serious immediate challenge, the recent scare about his health and the realization that the DPRK's succession plans are vague at best have led the Atlantic Council to warn that North Korean offensive cyber capabilities could become a loose cannon in the event of a leadership crisis in Pyongyang.
The attacks on Israeli water and wastewater treatment facilities were conducted by hackers who knew how to affect programmable logic controllers, SecurityWeek reports.
The CBC says the Royal Canadian Mounted Police are investigating a ransomware attack against Northwest Territories Power Corporation website and email services.
Today's issue includes events affecting Australia, Canada, China, Czech Republic, European Union, India, Indonesia, Israel, Japan, Democratic Peoples' Republic of Korea, New Zealand, Nigeria, Russia, Singapore, United Kingdom, United States, and Vietnam.
What does the FBI do with respect to cyber threats?
"I think if you look historically at the perception of the FBI, there's the sense that we're slowly, methodically collecting evidence to hold in a vault until one day when we can put handcuffs on someone. That's certainly always a goal - to bring someone to that kind of judicial outcome - but it's not the only goal. Really, our primary objective is to impose risk and consequences on our cyber-adversaries, and we do that in a number of ways. And what we're doing during the COVID pandemic is one example."
—Tonya Ugoretz, deputy assistant director in the FBI's Cyber Division, on the CyberWire's Daily Podcast, 4.29.20.
Establish risk and impose costs on the adversary.
Financial organizations are on the frontline of COVID-19 pandemic. Financial organizations are seeing a drastic spike in online transactions during this new normal of working, banking, and shopping from home. With a huge surge in online payments and massive increases in the volume of financial transactions, the potential for fraud, phishing, and other threats is more severe than ever. Join our webinar on May 13, to hear from Olga Polishchuck, LookingGlass’ Senior Director of Threat Analysis and Investigations on:
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the SANS Institute, as Johannes Ullrich talks about issues with Excel 4 Macros. Our guest is Tina C. Williams-Koroma, from TCecure, whos shares views on leadership in cybersecurity, and why it’s important.
In this week's episode of CSO Perspectives, "Metrics and risk," we consider the related issues of metrics and the models that use them. All models are more-or-less accurate approximations of reality. The good ones, however, have some very valuable uses. Our CSO has some perspective on those uses.
