The CyberWire Daily Podcast 12.21.15
Dave Bittner: [00:00:03] Anonymous versus Turkey. Cyber rioting in the Caucasus. Countering Da'esh info ops. And reactions to US cyber law.
Dave Bittner: [00:00:13] This CyberWire podcast is made possible by the Johns Hopkins University Information Security Institute, providing the technical foundation and knowledge needed to meet our nation's growing demand for highly skilled professionals in the field of information, security, assurance, and privacy. Learn more online at isi.jhu.edu.
Dave Bittner: [00:00:35] I'm Dave Bittner in Baltimore with your CyberWire summary for Monday, December 21st, 2015. Anonymous looks at Da'esh and sees Turkey, the hacktivist collective claims responsibility for a large distributed denial-of-service attack on Turkish servers. Anonymous's declared motive is Turkey's alleged – according to Anonymous – support for ISIS.
Dave Bittner: [00:00:58] NATO assesses ISIS/Da'esh threats to its networks as low, but other challenges are tougher. Most concerns internationally focus on Da'esh online recruitment and inspiration, with secondary worries about ISIS's use of the Internet for command-and-control of terrorist attacks against soft targets. The United Nations Security Council promises a move against ISIS in cyberspace, and US authorities work on their own information operations' responses to Da'esh's online presence. For what ISIS opponents are up against in this regard, see the recent New York Times piece on how the group attracts recruits.
Dave Bittner: [00:01:34] The Wall Street Journal reports that Iran gained access to the controls of a small downstate New York dam in 2013. In itself, not serious. The incursion was seen as an alarming bellwether.
Dave Bittner: [00:01:47] Cyber rioting in the Caucasus flares as Armenian hackers release sensitive information taken from the Azerbaijani ministerial servers.
Dave Bittner: [00:01:56] The now-patched Juniper firewall's vulnerability is seen as having national security implications. It's also regarded as an object lesson in the risks of installing backdoors. The FBI is said to be investigating.
Dave Bittner: [00:02:08] A now-fired staffer in Senator Sanders's US presidential campaign improperly accessed rival Clinton campaign data on the Democratic National Committee servers. The DNC had barred Sanders from its resources, but over the weekend, the Sanders team threatened to sue the DNC, and access was restored before Saturday night's televised Democratic debate.
Dave Bittner: [00:02:32] Xbox and PlayStation may be in the crossfire of a skid civil war between Lizard Squad and Phantom Squad adherents.
Dave Bittner: [00:02:40] President Obama signed cybersecurity legislation over the weekend. Observers' reactions seem to turn upon whether they prefer more liability protection as opposed to more privacy guarantees.
Dave Bittner: [00:02:54] This CyberWire podcast is brought to you by the Digital Harbor Foundation, a nonprofit that works with youth and educators to foster learning, creativity, productivity, and community through technology education. Learn more at digitalharbor.org.
Dave Bittner: [00:03:15] Joining me is John Petrik, editor of the CyberWire. John, ransomware appears regularly in our news and it seems to be getting more sophisticated. So let's start at the beginning. What is ransomware and how do I protect myself from it?
John Petrik: [00:03:28] Ransomware is a kind of malware, and it can end up on your system in the same way that any other kind of malware might end up there. You might be phished. You might click on a vicious link in some email. You receive. You might visit a contaminated website in a waterhole attack. But ransomware is a particular kind of malware, that what it does is it encrypts your files. So all of your documents, all of your emails, all your family photographs, whatever you've got on your device can be encrypted. And as long as they're encrypted and you don't have the key – and you won't have the key, because the criminals have got the key – you're not going to be able to use, see, or do anything with those files. They become useless to you. What they're going to do is they're going to try to encrypt your files, then they're gonna send you a ransom message, that if you pay me $100, $200, however much they're asking. And the evidence seems to be that the asks are not much higher than that in most retail hacking. If you pay them the ransom, they promise to send you the key.
Dave Bittner: [00:04:27] Now, suppose I have backups. Is that going to protect me from ransomware? Can I restore the files that I've backed up somewhere? Or does the ransomware root those out and encrypt those as well?
John Petrik: [00:04:38] No. Backing up your files is the best single protection you can take against ransomware. If you've got your files well and completely backed up, you're probably going to be safe from the effects of ransomware. It's going to be a nuisance, but you're not going to lose your data a
Dave Bittner: [00:04:52] And do the ransomers have overall integrity? If I pay the ransom, in general, do you get your files back?
John Petrik: [00:04:59] You know, that's a funny thing. They appear to – it's, you know, we hesitate to give any credit to any criminal – but there are even some figures in law enforcement who've suggested that if you're hit with ransomware, the best thing you could do is pay the ransom. That's a controversial position, but the fact that it's been said by some people in the FBI and elsewhere indicates that it's not exactly a crazy solution.
Dave Bittner: [00:05:22] John Petrik, editor of the CyberWire. Thanks for joining us. We'll talk again soon.
Dave Bittner: [00:05:28] And that's the CyberWire. For links to all of today's stories, along with interviews, our glossary, and more. Visit thecyberwire.com.
Dave Bittner: [00:05:36] The CyberWire podcast is produced by CyberPoint International, and our editor is John Petrik. Thanks for listening.