Most companies aren’t prepared to secure data and assets for a surge of remote employees. Whether your VPN is over capacity, new cloud services are coming on-board, or new devices need protection, we have you covered during this critical time. McAfee is offering 3-month subscriptions for Endpoint Protection, Unified Cloud Edge, and CASB to help you scale security to your remote employees. Learn more about these offers at mcafee.com/workfromhome.
For more, see our daily update on COVID-19 and the cybersecurity community.
Japan's Defense Ministry is investigating the possible theft of technical details from a proposal concerning a missile designed by Mitsubishi Electric. Reuters says that details of the cyber espionage are sparse, but that the data stolen probably included certain performance specifications. The report adds that the missile won't be produced: Mitsubishi Electric didn't get the contract.
Researchers at Broadcom's Symantec unit are attributing attacks on South Asian telecommunications companies to Greenbug, an espionage group associated with Iran, and thought to be connected to the group responsible for Shamoon. CyberScoop reports that most of the activity was directed against Pakistan's telecommunications system. Telcos are attractive targets because of the value of the data they carry; the focus on Pakistan suggests a service with a strong interest in the region.
Sources tell Reuters that Chinese intelligence services were responsible for the easyJet hack that affected some nine-million passengers. The anonymous sources say that the same threat group had tracked travelers before, and was interested in their movements, not in financial gain from credit card theft.
The Jerusalem Post, considering the recent cyberattack on an Iranian port as retaliation for a cyberattack on Israeli water treatment facilities, sees the exchange as typifying a new approach to cyber war: continuous engagement.
Some security advice for military and intelligence professionals: treat beer as a commodity and be content. See Bellingcat for the risk of using the Untappd app to rate brews: you can be tracked. And anyway, Warsteiner, Obolon, Krušovice, Brass Cannon? They're all good.
Today's issue includes events affecting Australia, Brazil, Canada, China, Iran, Israel, Japan, Malta, Nigeria, Pakistan, Ukraine, United Kingdom, and United States.
A look at the consequences of widespread remote work.
"And really, for high-profile targets and high-value victims out there in enterprises, we're seeing that adversaries are trying to track them down and get to their home machines. And the reason that we're seeing that is that more and more employees are working from home, and not everyone has a laptop. Some of them actually have - use their home workstations, and they install their VPN client. They install their email client on there. And essentially, what happens is it makes - it essentially extends the surface - the attack surface of the enterprise to cover the home as well. And the net effect of that is that you'll see more and more adversaries - or we've seen more and more adversaries that are targeting home users of enterprise employees in order to find an easier soft target, if you will."
—Justin Harvey, global incident response leader at Accenture, on the CyberWire Daily Podcast, 5.18.20.
Harden your house.
Staying one step ahead of your adversaries is more challenging than ever. Fortunately, deception technology can give new visibility and intelligence in combating threat actors who seek to infiltrate your network.
Join our webinar on May 27 at 12pm EDT to learn how to optimize your deception technology investments to enhance your day-to-day security threat detection and mitigation activities.
In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses the Thunderspy vulnerability. Our guest is James Dawson from Danske Bank on DMARC/DKIM threats and why people are susceptible to them during COVID-19.
And Caveat is up. In this episode, "The different implications of surveillance," Dave has the story of the potential expansion of the Patriot Act. Ben takes a look at hacking tools that were offered up to local law enforcement. And later in the show my conversation with Alan Z. Rozenshtein, associate professor of law at University of Minnesota. We’re discussing his recent article in Lawfare, Government Surveillance in an Age of Pandemics.
In this week's episode of CSO Perspectives, "Cybersecurity first principles." the CyberWire's CSO Rick Howard continues his discussion of first principles with an account of zero trust, the next infosec building block.
