Pages

Thursday, March 29, 2018

Senate Intel committee releases election security recommendations

Historically, the claim of consensus has been the first refuge of scoundrels; it is a way to avoid debate by claiming that the matter is already settled...
~Michael Crichton



A touch of gloss: bankers prefer spin to plain-speaking



Report slams NSW EPA over waste industry




Russian envoy threatens world could plunge into Cold War



Kristina Keneally uses maiden speech to defend record as NSW Premier


Labor seizes on Business Council leaked tax cuts letter

Fair Work orders Teys to bargain with workers on pay rise



On world stage, Kim Jong-un says denuclearisation is 'our position'


Beijing: The young couple, Kim Jong-un and his wife Ri Sol-ju, waved goodbye eagerly out the car window to Chinese President Xi Jinping and his wife Peng Liyuan.




George Pell committal: Police accused of 'single-mindedly' pursuing charges, court told





Here’s what Geoffrey Berman, U.S. attorney for the Southern District of New York, said when announcing charges against a group of Iranian “cyber attackers”:

“We have worked tirelessly to identify you,” Berman said. “You cannot hide behind a keyboard halfway around the world and expect not to be held to account. Together, along with our law enforcement partners, we will work relentlessly and creatively to apply the legal tools at our disposal to unmask and charge you. We will do all we can to bring you to justice. While the defendants remain at large, they are now fugitives from the American judicial system.

So what are these horrendous people being charged with? Stealing unreleased scripts of Game of Thrones and a bunch of academic articles. I am not making this up.

…members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, through which they then exfiltrated intellectual property, research, and other academic data and documents from the systems of compromised universities, including, among other things, academic journals, theses, dissertations, and electronic books.

(That is from the press release and here is the earlier press release on GOT, with which this has been combined in many news accounts. The full indictment is here).

In other words, the Iranians were running something like Sci-Hub, the website that some of you have probably used to bypass publisher paywallsto read articles linked to on MR that you haven’t paid for. I don’t defend such actions but neither do I want the federal attorney  working tirelessly to identify you. As crimes go this is a yawner.

Indeed, since Sci-Hub is already used in Iran, one wonders how useful the additional Iranian hacking was. A few companies are also listed as targets, although they turn out to be publishers, a stock image company, two online car companies etc. A few government agencies are thrown in for good measure although that appears to be window dressing.

The federal attorney claims the hacking (hacking not attacking) cost billions which they estimate because:

Through the course of the conspiracy, U.S.-based universities spent over approximately $3.4 billion to procure and access such data and intellectual property.


That’s just DoJ making up some number to make them look good. The direct losses in this scheme almost certainly amount to zero, bupkiss, nada. Universities certainly haven’t lost anything – the data was copied, not taken. The publishers might have lost a bit, but even then it would only be the revenue they would have got from papers that would have been bought if they hadn’t been copied. A useful estimate of the size of that loss still being zero, bupkiss, nada.

Frankly, this is a joke of an indictment. But headlines like “US Charges 9 Iranians With Massive Cyberattack” are certainly fortuitously timed for new national security designate John Bolton and others who want to take a hardline on Iran.

Even in the witness stand, bank executives can't resist the spin. Over the past two weeks, a parade of bankers - mostly dull men in sharp suits - have trooped through the financial services royal commission to answer questions about a dizzying array ...




FCW March 20, 2018
The Senate Select Committee on Intelligence released a set of recommendations to combat efforts by hostile states to interfere with U.S. elections. The move comes a day ahead of a panel hearing on election security. "We’re now at a point where we have wrapped up one piece of our investigation which deals with election security," Chairman Sen. Richard Burr (R-N.C.) 

saintechapelle

The Hill March 19, 2018

House lawmakers on Monday passed legislation that would codify into law the Department of Homeland Security’s cyber incident response teams that help protect federal networks and critical infrastructure from cyberattacks. Lawmakers passed the bill, sponsored by House Homeland Security Committee Chairman Michael McCaul (R-Texas), in a voice vote Monday afternoon. The legislation would authorize the “cyber hunt and incident response teams” at Homeland Security to help owners and operators of critical infrastructure respond to cyberattacks as well as provide strategies for mitigating cybersecurity risks. The bill would also allow Secretary of Homeland Security Kirstjen Nielsen to add cybersecurity specialists from the private sector to the response teams.



  





  







 




 




  


The Hill March 20, 2018
Travel website Orbitz on Tuesday disclosed a possible breach that may have resulted in hackers making away with personal information on 880,000 customer payment cards. Orbitz, which is now owned by Expedia, described the episode as a “data security incident,” saying that an internal investigation revealed that hackers may have accessed card information stored on a consumer and business partner platform between October and December of last year. The company said the Orbitz website was not involved in the incident and that there is no “direct evidence” of information actually being stolen. In total, the company said hackers may have gained access to personal information on roughly 880,000 payment cards, including payment card information, names, birth dates, phone numbers and email and billing addresses.



The Financial Times March 19, 2018
US drugmaker Merck was hit by a massive cyber attack on June 27 last year. Manufacturing, research and sales operations around the world were all gummed up. At one point the company had to borrow supplies of a vaccine for the human papilloma virus from a US government stockpile in order to meet demand. The after-effects of the incident lasted for months. The company lost $260m of sales last year and incurred $320m of costs for additional marketing and production. Merck says it will lose another $200m of sales this year because of the attack. The good news for Merck is that it will not have to pick up the full bill because of the insurance policy it had taken out before the attack. The company has already received $45m from its insurers, and Verisk PCS, an analytics group, thinks the final total could be much higher — potentially up to $275m.  Cyber cover has become one of the fastest-growing parts of the global insurance industry. Attacks such as NotPetya — which hit Merck — along with WannaCry and individual incidents such as the huge data loss at Equifax reported last September, have brought home to companies the potential costs of a cyber attack. They are responding by buying insurance in ever greater numbers.



  




Retired Mossad chief Tamir Pardo said he has assembled a team of more than 30 hackers from Israel’s security and intelligence services into a startup called XM Cyber that seeks to keep companies’ networks safe by imitating how real hackers work. Pardo, who headed the Israeli spy agency from 2011-2016, started XM Cyber two years ago and serves as its president. “I thought there are so many companies with great products but they are not focusing on the right question,” Pardo told Reuters. “The real question is are my crown jewels really protected.” Pardo brought with him hackers that were on the offence teams of Israel’s security services, including the Mossad, the Shin Bet and the army’s elite 8200 unit.
 









Fifth Domain March 19, 2018
Sometimes in the alphabet soup of military parlance, an acronym emerges that actually hits the mark. Take, for instance, C-RAPID, a product of the Army’s Program Executive Officer - Enterprise Information Systems. The Cyberspace Real-time Acquisition Prototyping Innovation Development promises to do just what it says: Generate cutting-edge solutions to evolving cyber threats. Unlike other military efforts to partner with industry for real-time solutions, C-RAPID will be an actual place, a “forge” where cyber troops will test emerging defenses for quick deployment. The cyber forge is slated to open at Fort Belvoir, Virginia, in April and to be fully operational by June. Early trials of the C-RAPID approach suggest it could dramatically speed delivery of cyber solutions. In one test case, a team was able to remediate an emerging network threat in just eight days, a task that normally takes weeks. “We can do it. But it takes a revolutionary approach in terms of how we look at the problem and look at the tools we can use,” said LTC Scott Helmore, the product manager for Defensive Cyber Operations (DCO) at PEO EIS.




The Daily Beast  March 22, 2018
Guccifer 2.0, the “lone hacker” who took credit for providing WikiLeaks with stolen emails from the Democratic National Committee, was in fact an officer of Russia’s military intelligence directorate (GRU), The Daily Beast has learned. It’s an attribution that resulted from a fleeting but critical slip-up in GRU tradecraft. That forensic determination has substantial implications for the criminal probe into potential collusion between President Donald Trump and Russia. The Daily Beast has learned that the special counsel in that investigation, Robert Mueller, has taken over the probe into Guccifer and brought the FBI agents who worked to track the persona onto his team. While it’s unclear what Mueller plans to do with Guccifer, his last round of indictments charged 13 Russians tied to the Internet Research Agency troll farm with a conspiracy “for the purpose of interfering with the U.S. political and electoral processes, including the presidential election of 2016.” It was Mueller’s first move establishing Russian interference in the election within a criminal context, but it stopped short of directly implicating the Putin regime.