At a glance.
- Contact tracing and privacy in France.
- COVID-19 virus scams on the dark web.
- Phishing for the unemployed.
- Consequences of misinformation: 5G vandalism.
For more, see our daily update on COVID-19 and the cybersecurity community.
Most companies aren’t prepared to secure data and assets for a surge of remote employees. Whether your VPN is over capacity, new cloud services are coming on-board, or new devices need protection, we have you covered during this critical time. McAfee is offering 3-month subscriptions for Endpoint Protection, Unified Cloud Edge, and CASB to help you scale security to your remote employees. Learn more about these offers at mcafee.com/workfromhome.
For more, see our daily update on COVID-19 and the cybersecurity community.
Citing an anonymous foreign government source, the Washington Post reports that intelligence services have concluded that a recent cyberattack against the Iranian port of Shahid Rajaee was the work of Israeli operators, possibly in retaliation for earlier attacks against Israeli water treatment facilities.
DarkOwl researchers are tracking the activities of the REvil gang that's claimed responsibility for hacking celebrity law firm Grubman Shire Meiselas & Sacks. The criminals say they've received offers for information they claim to have on President Trump, and that their next offer is of data connected with Madonna. Bidding starts at $1 million.
EasyJet has disclosed a databreach that affected some nine-million customers. The Guardian writes that the airline describes the incident as the work of "highly sophisticated" criminals.
Verizon this morning released its annual Data Breach Report. This year's version is twice the length of its predecessors, covering more regions and more economic sectors. As Reuters reads it, one of the principal conclusions is that financial gain significantly outpaces espionage as a motive for hacking: 86% of the breaches covered were committed for money, not intelligence. Industry Week's takeaway is the biggest problem is people, not systems. Our own pre-briefing call with Verizon led to that same conclusion. Exploits are rarely the way breaches are accomplished. The report concludes that "error," such mistakes as incorrectly configured databases and misdelivered emails, are now about as big a problem as social engineering. There's another trend in attack technique: web app attacks, the researchers conclude, have roughly doubled.
Today's issue includes events affecting Australia, China, France, Germany, Iran, Israel, Russia, Saudi Arabia, United Kingdom, and United States.
Offense and retaliation, with lessons for defense.
"Those who live in glass houses shouldn’t throw stones. […] Assume that in cyberspace the U.S. government has the best stones, the sharpest, the shiniest stones, really great stones. But let’s also recognize that we live in the glassiest house. So sharpest stones, glassiest house."
—Michael Sulmeyer, quoted on the backward-striking possibilities of offensive cyber in The Fifth Domain by Richard A. Clarke and Robert K. Knake. You can hear an interview with author Richard A. Clarke on the CyberWire's Interview Selects, 4.24.20.
Imposition of consequences involves a cost-benefit estimation, and that estimation necessarily includes consideration of further retaliation. It's not that offensive or retaliatory operations aren't ever appropriate (they often are), but that one's own risk be taken into account during the planning. Harden your house.
Staying one step ahead of your adversaries is more challenging than ever. Fortunately, deception technology can give new visibility and intelligence in combating threat actors who seek to infiltrate your network.
Join our webinar on May 27 at 12pm EDT to learn how to optimize your deception technology investments to enhance your day-to-day security threat detection and mitigation activities.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses the ACLU's suit against the Baltimore Police Department's use of a surveillance plane. Our guest is Robb Reck from Ping Identity on a recent CISO Advisory Council meeting regarding the implications of the sudden shift to working from home.
Recorded Future's threat intelligence podcast, produced in partnership with the CyberWire, is also up. In this episode, "Making the Framework for Threat Intelligence Easy," guest Chris Cochran, threat intelligence and operations lead at Netflix, and co-host of the Hacker Valley Podcast discusses his career in cybersecurity, from his ambitious beginnings as a student, his service in the U.S. Marine Corp, and his time at U.S. Cyber Command as a member of the team pioneering threat intelligence before it was even known by that name. He also shares his thoughts on leadership, as well as his development of an intelligence framework that goes by the acronym EASY.
In this week's episode of CSO Perspectives, "Cybersecurity first principles." the CyberWire's CSO Rick Howard continues his discussion of first principles with an account of zero trust, the next infosec building block.