The CyberWire Daily Podcast 1.8.16
Dave Bittner: [00:00:03:11] In today's show we offer an update on disruption of Ukraine's power grid. Distributed denial of service attacks increasingly service misdirection for data theft. The Juniper back door story grows a bit more complicated. Flaws in streaming TV and home security products prompt consumer worries about the internet of things, and the US government is asking Silicon Valley for help developing counter terrorism intelligence.
Dave Bittner: [00:00:29:06] This CyberWire podcast is made possible by the Johns Hopkins University Information Security Institute, providing the technical foundation and knowledge needed to meet our nation's growing demand for highly skilled professionals in the field of information security, assurance and privacy. Learn more online at isi.jhu.edu.
Dave Bittner: [00:00:52:13] I am Dave Bittner in Baltimore with your CyberWire summary for Friday, January 8th, 2016.
Dave Bittner: [00:00:59:02] ISIS follows its unforgivable murder of a journalist with a chilling intrusion into her Facebook account. Observers read the intrusion as Daesh's search for her contacts.
Dave Bittner: [00:01:10:02] Evidence tying disruption of Ukraine's power grid to Russia accumulates. Eyesight partner says, "It is a Russian actor operating with alignment to the interest of the state," and here too inspiration may conceivably have served as a stand-in for direct command and control, since Eyesight goes on to add, "Whether or not its freelance, we don't know."
Dave Bittner: [00:01:30:24] The user account compromise Linode recently sustained was accomplished by denial of service attacks that served, observers say, as a misdirection for data theft. This is a continued trend in distributed denial of service incidents. Such attacks draw the attention of security and IT staff when the real action is elsewhere.
Dave Bittner: [00:01:48:21] Cisco's Talos security takes a look at the RIG exploit and sees interesting similarities to Angler.
Dave Bittner: [00:01:55:07] Lookout finds, and Google removes, thirteen malicious brain test apps from Google Play.
Dave Bittner: [00:02:03:02] Check Point reports finding a vulnerability in the Easycast streaming television dongle that can provide attackers access to a user's home network. This flaw, together with those recently found in some Comcast Xfinity products, aroused more consumer level worries about the Internet of things.
Dave Bittner: [00:02:19:23] The US federal government mops up issues emerging from the back door Juniper networks disclosed in some products. A University of Illinois researcher reports that Juniper added the insecure algorithm that enabled the back door after it had already implemented a more secure algorithm. This raises questions of intentionality, but Juniper hasn't added much to its initial disclosure.
Dave Bittner: [00:02:43:00] Mozilla retreats from banning SHA-1, as it finds the consequences of deprecation more widespread than initially envisioned.
Dave Bittner: [00:02:52:08] In meetings today, the US government is asking for the tech industry's help against terrorism. The government is particularly interested in whether industry might be able to help find actionable early warning of attacks in social media.
Dave Bittner: [00:03:04:02] The encryption debate continues in at least three of the Five Eyes, Australia, the UK and the US. Sentiment in industry seems generally against policy proposals that would weaken encryption. Those interested in a quick summary of the industry position might look to the evidence AOL, Apple, Dropbox, Evernote, Facebook, Google, LinkedIn, Microsoft and Yahoo, jointly submitted to Great Britain's House of Commons. You'll find a link to their testimony in today's CyberWire.
Dave Bittner: [00:03:33:21] This CyberWire podcast is brought to you by the Digital Harbor Foundation, a non-profit that works with youth and educators to foster learning, creativity, productivity and community through technology education. Learn more at digitalharbor.org.
Dave Bittner: [00:03:54:07] Joining me is John Petrik, editor of the CyberWire. John, imagine I'm sitting home minding my own business when suddenly there's loud banging on the door, and the door gets swung open and I'm facing down the gun barrel of police officers, of special weapons and tactics units. What likely has happened to me here?
John Petrik: [00:04:14:17] You've just been swatted.
Dave Bittner: [00:04:16:12] All right.
John Petrik: [00:04:17:18] You know what a SWAT team is of course?
Dave Bittner: [00:04:19:18] I do know what a SWAT team is, as a matter of fact. I was a big fan of the television show SWAT when I was a young lad.
John Petrik: [00:04:26:00] Right, Special Weapons and Tactics, heavily armed police who were trained and prepared and equipped to go into very risky situations, hostage situations, active shooter situations, things like that. What Swatting is, and there's nothing funny at all about it, is for someone to spoof a call to a 911 service, let's say, in which they say something like, "Joe Smith has got a gun. He's threatening to kill his family. He's locked inside his house, here's his address." So effectively you're making a false police report, and it's dangerous because, of course, you're calling in a SWAT team, and these guys are going to come in prepared for the worst.
Dave Bittner: [00:05:07:19] So when you say "spoofing the call," are the bad guys making it look like the call is coming from inside my house?
John Petrik: [00:05:14:13] Sometimes they do. Sometimes, the more capable spoofers have done that, have actually made it look to the 911 operators that the call is coming from your phone number. This has been done in some cases by cyber criminals who have been upset with investigative journalists who have exposed them.
Dave Bittner: [00:05:34:06] So this is more than just an innocent practical joke? Lives could actually be on the line here?
John Petrik: [00:05:40:07] Lives could be at risk. There's certainly been injuries to swatting incidents. There is one that happened not far from our Baltimore headquarters earlier this summer, down in Ellicott City, Maryland, where a man was injured with a rubber bullet in a swatting incident.
Dave Bittner: [00:05:52:23] Alright, disturbing stuff but thanks for filling us in. Thanks, John.
Dave Bittner: [00:05:59:14] And that's the CyberWire. Stay tuned for our week in review coming later this afternoon. For links to all of this week's stories, along with interviews, our glossary and more, visit thecyberwire.com. The CyberWire podcast is produced by CyberPoint International, and our editor is John Petrik. Thanks for listening.