Tuesday, July 03, 2018

Cybersecurity hitting breaking point

Corporations rarely fess up to data-breaches and identity theft. To do so might invite a public relations disaster, a run on their customer base. Do they have a choice, and will victims continue to receive secret settlements? This is an edited text of an address on identity theft prepared for the Legal Services Commission of South Australia’s annual conference on Friday.
Hobson’s choice: corporate reputation, secrecy and identity theft

Communist China Could Have the World’s Most Powerful Naval Gun by 2025

CyberScoop -June 28, 2018
During a time of rapid change for the U.S. military’s top cyberwarfare teams, the current version of the 2019 defense bill is challenging the president’s ability to exert his authority with regards to those units. The White House is protesting a series of measures in the newly Senate-approved 2019 National Defense Authorization Act that seek to legislate how and when President Donald Trump can direct generals to launch cyberattacks.

The Hill -June 28, 2018
The House Foreign Affairs Committee has approved a bill designed to call out and punish foreign actors for executing nation-state-sponsored cyberattacks that threaten U.S. national or economic security. The legislation, offered by Rep. Ted Yoho (R-Fla.), would direct President Trump to sanction designated “critical cyber threat actors” who help carry out foreign-sponsored attacks, though it offers him the power to waive sanctions if doing so is in the best interest of the United States.

Nextgov -June 27, 2018
More than two years after Congress passed a landmark bill incentivizing companies to share with the government how and when malicious hackers are trying to penetrate their computer networks, only six companies and other non-federal entities are sharing that data, according to figures provided to Nextgov. That’s compared with about 190 such entities and about 60 federal departments and agencies that are receiving cyber threat data from Homeland Security’s automated indicator sharing program, a Homeland Security official told Nextgov.

Nextgov -June 27, 2018
Democratic lawmakers are demanding answers about how Americans might have used personal information that was compromised in the 2015 hack of the Office of Personnel Management, after two people pleaded guilty to charges related to a bank fraud conspiracy.

FCW - June 26, 2018
Lawmakers are closing in on an effort to reverse a Trump administration move to sideline a cyber diplomacy function at the State Department. The Senate Foreign Relations committee voted to advance the Cyber Diplomacy Act on June 26, which includes a plan to restore the functions of the former cybersecurity office under a new name. Chairman Bob Corker (R-Tenn.) released a statement saying the U.S. is increasingly reliant on allies and partners "to maintain a secure, reliable and open internet." 
The Hill -June 26, 2018
President Trump's nominee to lead a new office at the Department of Energy agreed Tuesday to urge the administration to develop a cyber deterrence strategy. Sen. Angus King (I-Maine) asked Karen Evans, Trump's pick to lead a new energy cybersecurity office, to prod the administration to develop a cyber doctrine and select “one point of authority” at the White House to coordinate cybersecurity efforts if she is confirmed to the position.

FCW-June 26, 2018
There's concern among sponsors that the Technology Modernization Fund might not get new money in fiscal year 2019. Funding for the program, which is tabbed at $150 million by House appropriators, is eliminated in a Senate bill currently moving thorough the appropriations process.

Federal News Radio - June 26, 2018
Glaring security differences between civilian and defense networks were on full display at the nomination hearing for Lt. Gen. Stephen Lyons to take over as U.S. Transportation Command chief.

The Hill
June 25, 2018
House lawmakers approved legislation Monday aimed at securing technology used to power critical infrastructure from cyberattacks. The bill offered by Rep. Don Bacon (R-Neb.) would codify work the Department of Homeland Security is currently doing to identify cyber threats to industrial control systems and mitigate them.


ADMINISTRATION

Nextgov
June 29, 2018
How concerned should Americans be about a White House shuffle that removed the cybersecurity coordinator position? Significantly concerned, according to a collection of top cybersecurity policy experts gathered by the Atlantic Council think tank.

FCW
Two tech advisory bodies to the government have developed a new guidebook to train and educate federal cybersecurity professionals. The CISO Handbook, released June 26, is an outgrowth of the recently released President's Management Agenda and its call for agencies to tackle their tech and cybersecurity workforce challenges. Drafted by the CIO and Chief Information Security Officer Councils, it was designed to appeal both to the C-Suite executive as well as the rank-and-file fed, according to Trey Kennedy, an analyst at the General Services Administration and advisor to the CIO Council.

Nextgov
June 28, 2018
The federal government can’t legislate or mandate its way out of the risk of foreign hackers compromising its networks, the top tech official in the government’s nuclear security agency said Tuesday. Instead of banning software with a connection to China or other U.S. cyber adversaries, government tech shops should focus on installing safeguards that mitigate any risk the software poses for foreign spying or sabotage, said Wayne Jones, chief information officer at the National Nuclear Security Administration. “You can’t think about it: ‘Well, I’m not going to use that product because it came from China.’ You have to figure out: ‘How do I use that product so it’s going to protect my information,’” Jones said during a panel discussion hosted by the Armed Forces Communications and Electronics Association, a professional association.

FCW
June 28, 2018
The federal government is moving to expand emergency procurement authority for purchases used to respond to or recover from a cyberattack, according to a new proposed rule in the Federal Register. The change places cyberattacks against the United States in the same category as nuclear, biological, chemical or radiological attacks. It would allow federal procurement officials to spend up to $20,000 for domestic purchases and $30,000 for international purchases under micropurchasing rules, as well as $750,000 and $1.5 million for simplified acquisition purchases, provided the work has "a clear and direct relationship to the support of a contingency operation."

Wired
June 28, 2018
California lawmakers unanimously passed a new privacy bill on Thursday that would give residents of the state more control over the information businesses collect on them and impose new penalties on businesses that don’t comply. It is the first law of its kind in the United States. The so-called California Consumer Privacy Act of 2018 (AB 375) was introduced late last week by state assemblymember Ed Chau and state senator Robert Hertzberg, in a rush to defeat a stricter privacy-focused ballot initiative that had garnered more than 600,000 signatures from Californians.

CyberScoop
June 27, 2018
Last year was a “seminal year” for nation-state-backed cyberattacks from American adversaries, a top Department of Homeland Security official said Wednesday, adding that companies may need U.S. government support to cope with such advanced threats. “We’ve known for years that there are primarily four nation-state actors that are most active in the cybersecurity space, but push really came to shove” in 2017, Christopher Krebs said Wednesday, referring to China, Iran, North Korea, and Russia. American companies can handle most cyberthreats through their own security investments, but a “military-grade level of investment” is needed to cope with nation-state hackers, Krebs, DHS’s top infrastructure security official, said at a conference in Washington, D.C.

Fifth Domain
June 27, 2018
Air Force Brig. Gen. Timothy Haugh has assumed command of U.S. Cyber Command’s Cyber National Mission Force. As one of CYBERCOM’s four main headquarters elements, the CNMF is in charge of deterring and disrupting cyberspace operations to defend the nation. CNMF components include cyber support teams that provide intelligence support, cyber protection teams that specialize in defending the Department of Defense Information Network, and national mission teams that help protect the DoDIN and, when ordered, other U.S. cyberspace.

CyberScoop
Eight men across the U.S. and Ghana have been arrested and charged with a $15 million hacking and fraud scheme. The indictments against the group are noticeably short on details, but do provide some small insight into how U.S. law enforcement says these schemes unfold. Prosecutors allege the conspiracy worked when the accused used virtual private networks to mask their locations in Africa, spoof identities to send emails and open fraudulent bank accounts to handle the funds.

Motherboard
June 25, 2018
Earlier this month, Apple confirmed it was introducing a new security feature that could make hacking iPhones harder, especially for companies such as Grayshift that unlock devices for law enforcement. USB Restricted Mode, as the feature is called, will turn an iPhone’s lightning port into simply a ‘dumb’ charging interface if the phone has not been unlocked within the last hour. That ticking clock is causing law enforcement officials to at least explore the possibility of using warrantless unlocks to more quickly download data from a device, although they may then obtain a warrant to examine the data itself, according to a document obtained by Motherboard.


INDUSTRY

Gov Info Security
June 29, 2018
An Equifax software engineer has settled an insider trading charge with the U.S. Securities and Exchange Commission, after he allegedly earned more than $75,000 after he made a securities transaction based on his suspicion that the credit bureau had suffered a data breach. Sudhakar Reddy Bonthu, 44, of Cumming, Georgia, was a product development manager of software engineering within Equifax's Global Consumer Solutions business unit. Equifax fired Bonthu on March 12 after he refused to cooperate with internal investigation into violations of the company's insider trading policies.

CyberScoop
June 28, 2018
BitSight, a company that provides cybersecurity ratings for other companies, announced on Thursday that it has raised $60 million in its Series D funding round. The company provides a platform that evaluates customers’ cybersecurity posture. The service comes in handy as companies look for ways to manage risk, underwrite cyber insurance policies and conduct due diligence when doing business with third parties. Customers can use the platform gain a window into the cybersecurity posture of potential partners along with their own

Fifth Domain
June 28, 2018
When the cybersecurity firm Mandiant detected Chinese hackers were infiltrating networks of their clients sometime around 2013, the company did not stand idly by, according to a new book by David Sanger. In “The Perfect Weapon,” released June 19, the national security correspondent at The New York Times describes how Mandiant’s investigators “reached back through the network to activate the cameras on the hackers’ own laptops.” Sitting with the Mandiant investigators, Sanger watched how the Chinese hackers “carried on like a lot of young guys around the world.” They wore leather jackets, Sanger wrote. They checked sports scores.

The Hill
June 28, 2018
Athletic-wear maker Adidas is alerting some U.S. customers that hackers may have accessed their information, including usernames and encrypted passwords. The statement did not specify the number of customers affected by the breach, though a spokesperson later told The Hill that  “a few million" consumers could be affected.

McClatchy
The United States pioneered the use of cyberweapons when it shattered Iran’s nuclear centrifuges in 2010 but such devastating cyber tools have spread and are now boomeranging to make industrial digital sabotage a growing concern to the United States.

CyberScoop
June 27, 2018
San Francisco enterprise threat management company Preempt Security earned $17.5 million in its Series B funding round, the company announced on Wednesday. Preempt says that it uses information about identity, behavior and risk within a company to proactively catch insider threats and prevent breaches. Management of such threats is a constant struggle for enterprises, as they need to ensure that employees don’t willingly or inadvertently expose sensitive information.

Reuters
Ticketmaster UK said it had identified malicious software on a customer support product hosted by an external supplier, and some of its customers' personal or payment data may have been accessed by an unknown third-party. Less than 5 percent of Ticketmaster's global customer base has been affected by the incident, while North American customers have not been affected, it said in a statement.


INTERNATIONAL

Gov Info Security
"This is not a crazy state; this is a rational state pursuing rational objectives." So said Robert Hannigan when describing North Korea's cybercrime activities during a keynote speech at the recent Infosecurity Europe conference in London. .

Computer Business Review
Eight EU member states have signed a Declaration of Intent to form a European Cyber Rapid Response Force. Lithuania was the first to propose the initiative to create the cyber-attack response teams, which has now been signed onto by seven member states. Croatia, Estonia, France, Finland, Netherlands, Spain and Romania will participate in the project which will be led by Lithuania.

SC Magazine
June 28, 2018
The Government has set out a series of minimum cyber-security standards which will now be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply. The Standards comprise 10 sections, covering five broad categories: Identify, Protect, Detect, Respond and Recover, and also set expectations for governance, such as obliging government departments to create "clear lines of responsibility and accountability to named individuals for the security of sensitive information and key operational services".

Reuters
Hackers from Russia are infecting Ukrainian companies with malicious software to create “back doors” for a large, coordinated attack, Ukraine’s cyber police chief told Reuters on Tuesday. The hackers are targeting companies, including banks and energy infrastructure firms, in a roll out that suggests they are preparing to activate the malware in one massive strike, cyber police chief Serhiy Demedyuk said.

The Hill
June 26, 2018
The rapidly expanding number of satellites transmitting GPS locations, cellphone signals and other sensitive information is creating new opportunities for hackers. It's a risk exacerbated by the growing number of aging satellite systems in circulation.

Bloomberg
Cyber attacks against Mexican financial institutions and reports of alleged election interference around the world are fueling concerns among analysts that the nation’s presidential vote on Sunday may become a target for hackers. While Mexicans will cast their vote July 1 by paper ballot, electronic systems will be used to tally and transmit the results, which the electoral authorities will then release to trusted media outlets.

AP
Romania faces Russian aggression on a daily basis in the Black Sea, and is fending off a wave of cyber-attacks and political interference, the defense minister said Monday. But even amid such uncertainty, Mihai Fifor told The Associated Press that the country of 19 million aims to be the region’s main security provider and early warning outpost for threats to fellow NATO allies.


TECHNOLOGY

Ars Technica
June 29, 2018
The Long Term Evolution mobile device standard used by billions of people was designed to fix many of the security shortcomings in the predecessor standard known as Global System for Mobile communications. Mutual authentication between end users and base stations and the use of proven encryption schemes were two of the major overhauls.

AP
June 29, 2018
Is the web browser on your phone slower than usual? It could be mining bitcoin for criminals. As the popularity of virtual currencies has grown, hackers are focusing on a new type of heist: putting malicious software on peoples' handsets, TVs and smart fridges that makes them mine for digital money.

Nextgov
June 26, 2018
The federal government doesn’t understand cybersecurity and won’t be able to respond to a digital disaster such as a destructive hack aimed at the energy or financial sector, according to a survey of cybersecurity researchers released Tuesday. Only 13 percent of researchers “believe that Congress and the White House understand cyber threats and will take steps for future defenses,” according to the poll of attendees at the Black Hat cybersecurity conference.

Wired
June 26, 2018
There are more Wi-Fi devices in active use around the world—roughly 9 billion—than there are human beings. That ubiquity makes protecting Wi-Fi from hackers one of the most important tasks in cybersecurity. Which is why the arrival of next-generation wireless security protocol WPA3 deserves your attention: Not only is it going to keep Wi-Fi connections safer, but also it will help save you from your own security shortcomings.

Bloomberg Businessweek
June 25, 2018
As night fell in Taipei on July 10, 2016, most people in the city were hunkered down to ride out the end of a typhoon. Not Sergey Berezovsky and Vladimir Berkman.

Ars Technica
June 25, 2018
Last week, developers on OpenBSD—the open source operating system that prioritizes security—disabled hyperthreading on Intel processors. Project leader Theo de Raadt said that a research paper due to be presented at Black Hat in August prompted the change, but he would not elaborate further.