FCW July 12,
2018
Election
system security issues are still critical, but 2018 election infrastructure
threats aren't as 'robust' as in 2016, a top Homeland Security official told
Congress. Russian online disinformation and network scanning activities
continue ahead of the upcoming U.S. midterm elections in November.
CyberScoop July 12,
2018
Amid
ongoing reports of foreign digital meddling in domestic elections, U.S.
lawmakers are butting heads with the nation’s largest voting technology
companies.
Wired July 11,
2018
A
congressional hearing Wednesday on the Meltdown and Spectre chip
vulnerabilities had all the technobabble and painful misunderstanding you'd
expect.
Nextgov July 10,
2018
The Russian
anti-virus company Kaspersky Lab is racing against time, trying to get a U.S.
appeals court to pause a governmenwide ban on its products before a portion of
it is implemented next week. The Defense Department, General Services
Administration and NASA set July 16 as the deadline in a Federal Register
notice for all new procurements to contain language officially barring
contractors and subcontractors from allowing Kaspersky products to touch any
government systems.
FCW July 10,
2018
The Justice
Department said it jumped the gun with a June press release that linked recent
bank loan fraud cases to the 2015 cyber heist of federal employee data from the
Office of Personnel Management, which is generally attributed to the Chinese
government. In a letter to Sen. Mark Warner (D-Va.), Assistant Attorney General
Stephen Boyd said the press release jumped to a "premature
conclusion" when it said data from the OPM breach was used by fraudsters
who applied for and opened bogus loans at the Langley Federal Credit Union. In
mid-June, Karvia Cross pleaded guilty in Virginia to one count of identity
theft and conspiracy to commit bank fraud in 2015 and 2016, according to the
June press release from the U.S. Attorney's Office for the Eastern District of
Virginia.
ADMINISTRATION
The New
York Times July 13,
2018
The special
counsel investigating Russian interference in the 2016 election indicted 12
Russian intelligence officers on Friday in the hacking of the Democratic
National Committee and the Clinton presidential campaign. The indictment came
just three days before President Trump is planning to meet with President
Vladimir V. Putin of Russia in Helsinki, Finland.
The U.S.
Coast Guard Academy is now offering an academic program in cyber systems, its
first new major in a quarter century. The program beginning this fall reflects
the maritime service’s evolution toward conducting operations in cyberspace as
it does at sea and by air, said Capt. =operating systems,
software design and intelligence.
AP July 13,
2018
Warning
lights about cyber threats to U.S. national security are “blinking red” and the
digital attempts to undermine America are occurring daily, not just at election
time, the nation’s top intelligence official said Friday. Russia has been the
most aggressive foreign actor, but cyber threats also are coming from China,
Iran and North Korea as well as criminal networks and individual hackers, said
National Intelligence Director Dan Coats.
Nextgov July 12,
2018
The General
Services Administration is inviting ethical hackers to break into the sign-on
portal for citizens applying for government jobs and accessing federal
programs. The agency on Wednesday added Login.gov to its sweeping public bug
bounty program, offering anyone who discovers a security gap within the site
potentially thousands of dollars in prize money.
Fifth
Domain July 12,
2018
The Army
recently commissioned its first two officers as part of a new pilot program to
attract cyber talent from the private sector and bring them into the military
ranks. As part of the pilot, mandated by Congress and stood up by the Army in
late 2017, accepted applicants will enter service as first lieutenants.
Ars
Technica July 11,
2018
In May, a
hacker perusing vulnerable systems with the Shodan search engine found a
Netgear router with a known vulnerability—and came away with the contents of a
US Air Force captain's computer. The purloined files from the captain—the
officer in charge (OIC) of the 432d Aircraft Maintenance Squadron's MQ-9 Reaper
Aircraft Maintenance Unit (AMU)at Creech Air Force Base, Nevada—included
export-controlled information regarding Reaper drone maintenance. The hacker
took the documents to a Dark Web marketplace, where he planned on selling them
for a few hundred dollars. And it's there that analysts from Recorded Future,
an information security threat intelligence company, discovered them.
FCW July 10,
2018
For years,
security experts have warned of an impending cyber Pearl Harbor: an attack so
big and bold that it cripples U.S. infrastructure and demands a military
response. However, in interviews with former White House and executive branch
officials as well as members of Congress and staffers involved in cyber policy,
many expressed more concern about the potential for a Cyber Gulf of Tonkin: a
misunderstanding or misattribution around an event that precipitates or is used
as a justification for war.
In
closed-door meetings last March, U.S. transportation regulators and others
grappled with questions about whether police should have the power to disable
self-driving cars and whether an automatic alert that a robo-taxi had been in a
wreck could violate an occupant's privacy, a report released on Tuesday showed.
Fifth
Domain July 10,
2018
Georgia
will open a 330,000 square foot cybersecurity facility in Augusta July 10, the
first of two buildings that will make up the Georgia Cyber Center, and build on
the investment in the region from Army Cyber Command. When complete, the
facility will be home to cybersecurity research, training and operations.
CyberScoop July 9,
2018
ackers have
launched distributed denial-of-service attacks against at least two
municipal-level Democratic campaigns in 2018, according to two people familiar
with the matter. These incidents, which occurred as the campaigns were focused
on primary elections, were publicly unknown prior to this report. The malicious
cyber-activity did not appear random, sources told CyberScoop.
The State
Department’s top cybersecurity official says he is “optimistic” the United
States can strike a deal at the United Nations on norms for government behavior
in cyberspace with multiple countries, including China and Russia, two of
Washington’s biggest adversaries in the domain.
The
Washington Post July 7,
2018
Metro
officials say they plan to focus on improving security throughout the transit
system after a classified inspector general’s report concluded that the agency
remains vulnerable to hacks and attacks that could imperil safety and
day-to-day operations.
INDUSTRY
CNBC July 13,
2018
Cybersecurity
stocks present a compelling short-term bet for investors ahead of the 2018
midterm elections, Goldman Sachs advised clients Thursday. Pointing to an
expected uptick in security spending in the run-up to November, analyst Arjun
Menon told clients that the select group of stocks are likely to see upside in
the months to come.
Ars
Technica July 12,
2018
Google’s
Chrome browser is undergoing a major architectural change to enable a
protection designed to blunt the threat of attacks related to the Spectre
vulnerability in computer processors. If left unchecked by browsers or
operating systems, such attacks may allow hackers to pluck passwords or other
sensitive data out of computer memory when targets visit malicious sites. .
CNBC July 12,
2018
It would be
hard to walk into to a major business and walk away with all its sensitive
information. But sometimes that's not the case when it comes to online
networks. Q6 Cyber, a cybersecurity firm that specializes in monitoring the
dark web, showed CNBC a forum post in Russian where the cybercriminal was
offering access to a New York City law firm’s network and files, and was
willing to send screenshots as evidence he had broken in. The price for the
access was $3,500. That law firm was not alone, says Eli Dominitz the founder
and CEO of Q6, which is based on Hollywood, Florida. Q6 has found similar
information from law firms in Beverly Hills and other locations across the
country for sale. They would not name any of the law firms. “If you're a law
firm that's involved in major transactions, [mergers & acquisitions] of
publicly traded companies, you're going to have a lot of sensitive information,
inside information before it becomes publicly available,” Dominitz said. “If
I'm able to access that, I can trade around that and manipulate stocks and make
a lot of money. We've seen that kind of activity by very sophisticated
cybercriminals.”
Financial
Times July 12,
2018
The Chinese
hacking group nicknamed “Red Apollo” last year launched one of the largest ever
sustained global cyber espionage campaigns. Rather than attacking companies
directly, it targeted cloud service providers, attempting to use their networks
to spread spying tools to a wide number of companies. It was the latest warning
sign of the risks posed by so-called supply chain attacks, according to PwC,
the professional services company, which tracked the campaign. Known as
Operation Cloud Hopper, the attack targeted a small number of managed IT
service providers, giving it the potential to spread malware to all the clients
using these outsourcing companies to run their computer networks. Companies in
15 countries, including the UK, France, Switzerland, US, Canada, Australia and
Japan were targeted. This indirect approach demonstrates a new level of
maturity in cyber espionage, and is increasingly common. Symantec, the cyber
security company, says in a recent report it saw a 200 per cent increase in
supply chain attacks in 2017 compared with the previous year. National
governments are increasingly concerned about the trend.
ew
York-based L3 Technologies announced on Wednesday that it is acquiring Azimuth
Security and Linchpin labs, two cybersecurity companies that specialize in
selling exploits to governments. The deal was for a combined price of about
$200 million, L3 said. L3 is a contractor that provides communication,
electronic, aerospace and sensor systems to military, homeland security and
commercial clients. The company said that the acquisitions will strengthen its
cybersecurity, intelligence and surveillance capabilities. Based in Australia,
Azimuth says on its website that it provides security assessments and
penetration testing on software services. Linchpin Labs, also based in
Australia with offices in the U.S., the United Kingdom and Canada, describes
itself as a “custom software development company” that serves corporate and
government clients.
The Wall
Street Journal July 11,
2018
Broadcom
Inc. agreed to buy software company CA Technologies for $18.9 billion, a
surprise move that would take the chip-making giant in a new direction.
Broadcom is to pay $44.50 a share in cash for CA, formerly known as Computer
Associates, Broadcom said late Wednesday. CA shares closed at $37.21 Wednesday,
so the price represents a 20% premium.
Israeli
industrial and critical infrastructure cybersecurity company Radiflow has
announced that it took in an $18 million investment, led by the Singapore-based
multibillion dollar engineering giant ST Engineering. Boasting of doubling
sales of its threat detection tools in the last year, Radiflow has over 50
worldwide customers. The company collaborates with partners, including U.S.
cybersecurity firms Palo Alto Networks and RSA. ST Engineering will also enter
into a partnership with Radiflow that will include access to the Israeli firm’s
defensive tools. Radiflow’s customers include critical infrastructure operators
in power generation, electricity supply and water facilities. Earlier this
year, the company released a case study on a cryptocurrency miner attack
against a water facility.
Ars
Technica July 10,
2018
Criminals
recently stole code-signing certificates from router and camera maker D-Link
and another Taiwanese company and used them to pass off malware that steals
passwords and backdoors PCs, a researcher said Monday. The certificates were
used to cryptographically verify that legitimate software was issued by D-Link
and Changing Information Technology. Microsoft Windows, Apple’s macOS, and most
other operating systems rely on the cryptographic signatures produced by such
certificates to help users ensure that executable files attached to emails or
downloaded on websites were developed by trusted companies rather than
malicious actors masquerading as those trusted companies.
AT&T is
pulling out its wallet again. The company said Tuesday it has signed a deal to
acquire AlienVault, a software security company based in San Mateo, California,
that specializes in detecting threats. The buyout will expand AT&T's
security services to small and medium-sized companies. "AlienVault's
expertise in threat intelligence will improve our ability to help organizations
detect and respond to cybersecurity attacks," Thaddeus Arroyo, CEO of
AT&T Business, said in a statement. "The current threat landscape has
shifted this from a luxury for some, to a requirement for all." The deal
comes amid continuing concerns over cyberattacks, with corporate giants from
Yahoo to Equifax suffering devastating breaches that exposed people's personal
information over the past several years.
The Hill July 9,
2018
Timehop,
the application that resurfaces old photos and posts on Facebook, on Sunday
revealed that hackers had compromised the personal data of millions of its
users. The attackers, according to a preliminary investigation of the breach,
stole roughly 21 million email addresses and names from Timehop during an
attack last Wednesday, which took place on the Fourth of July. From those
affected users, the hackers also gained access to roughly 4.7 million phone
numbers, the company wrote in a Sunday blog post.
It just
keeps happening. A hacker has targeted a company selling Android spyware
marketed to monitor children, employees, and previously romantic partners. This
data breach is the latest in an ever increasing list of vigilante hackers
focusing on the consumer spyware industry, some parts of which have been linked
to illegal stalking and spying by abusive partners.
INTERNATIONAL
In what
appears to be a case of highly focused social engineering against a small group
of iPhone users, malicious actors managed to get 13 iPhones registered on their
rogue mobile device management (MDM) servers and then pushed out applications
that allowed the hackers to track the locations of the phones and read victims'
SMS messages.
When the
authorities closed down cyber attack website Webstresser and arrested its
administrators in April, it was the culmination of a complex international
investigation. Operation Power Off was led by the Dutch police and the UK’s
National Crime Agency, supported by Europol and a dozen other law enforcement
agencies around the world. It was the latest example of increased global
co-operation between police forces, as law enforcement agencies search for
better ways to counter cyber crime.
CyberScoop July 10,
2018
In the run-up to Cambodia’s general election on July 29, a hacking group
tied to China has been breaking into multiple organizations that share a
connection to either the country’s main opposition party, voting process or
human rights movement, according to new research and additional analysis
provided by U.S. cybersecurity firm FireEye. The findings — made possible
through a glaring operational security mistake where hackers left their attack
servers exposed on the open internet — help illustrate how governments are
leaning on cyber-espionage capabilities to learn about foreign elections.
FireEye collected this intelligence by directly accessing the attack servers,
which weren’t protected with a password. The firm was able to identify breaches
through established lines of communication that existed between the servers and
victims.
A legal
proposal to overhaul the EU’s cybersecurity rules passed a major hurdle on
Tuesday (10 July) as the European Parliament’s Industry Committee (ITRE)
approved a plan to create a voluntary system for certifying the security level
of technology products. The bill sharpens measures in a European Commission
proposal from last September to set up the first EU-wide labelling scheme to
measure cybersecurity standards of items sold in EU countries. Angelika
Niebler, the German centre-right MEP who authored the committee’s report, said
after the vote that the legislation would “increase consumers’ trust in
internet-connected products and IT solutions”.
Reuters July 9,
2018
Mexico’s
financial authorities on Friday warned local banks to be on alert for potential
cyber attacks and to strengthen security systems, activating protocols
established in the wake of recent bank hacks. Mexico’s central bank, Finance
Ministry and banking regulator said in a statement that the measure is
preventative, and that the country’s financial system is functioning normally.
The statement did not detail the reason behind the alert. Mexican authorities
on Thursday had detected the threat of a potential cyber attack to occur the
next day, said a financial official with knowledge of the matter who requested
anonymity because he was not authorized to speak with the press. In May, the
central bank said a cyber attack had tapped into payment system connections at
five entities, sucking out around 300 million pesos ($15.33 million). Mexico’s
attorney general along with financial authorities and associations formed an
“Immediate Response Group,” meant to coordinate fast alerts on information
security incidents.
China-based
hackers have successfully infiltrated the IT systems at the Australian National
University, potentially compromising the home of Australia's leading national
security college and key defence research projects. Federal government cyber
security officials have been working with the university since detecting the
cyber attack, assessing the scale of any information theft and who in China
could be responsible for it.
TECHNOLOGY
Financial Times July 12,
2018
Connecting
buyers with sellers via the internet — the so-called “platform” economy — has
enabled companies such as Amazon, eBay, Uber and Airbnb to build vast global
businesses. Now cyber criminals are using the same technique, and even the same
platforms, to buy and sell their tools. Surrey University criminologist Michael
McGuire estimates that more than $1.5tn in profits a year are acquired,
laundered, spent and reinvested by cyber criminals through “platform
criminality”.
Ars Technica
July 10,
2018
When the
Spectre and Meltdown attacks were disclosed earlier this year, the expectation
was that these attacks would be the first of many, as researchers took a closer
look at the way that the speculative execution in modern processors could be
used to leak sensitive information and undermine the security of software
running on those processors.
UK hands Facebook the maximum fine over insufficient privacy and oversight in the Cambridge Analytica scandal.
At the time my wife and I were beginning to date, I owned a broken bed. The box spring had a biggish crack on one side, which caused you to feel like you were being gradually swallowed in the night—an effect seriously exacerbated by the presence of a second person. I had not bothered to buy pillows when I moved to Milwaukee, reasoning that old pants stuffed in a pillowcase could not possibly feel that different. I did, however, have a desk, which I had carried from the Salvation Army, a mile and a half, on my shoulders, in August. I should mention here that I have never been what anyone would consider macho. It simply hadn’t occurred to me that I was allowed to live any other way.
“Democracies erode slowly, in barely visible steps” these days, Steven Levitsky and Daniel Ziblatt write in 