CYBER SECURITY – WEEKLY REPORT (August 02, 2017)

0
17

 

SUMMARY REMARKS

The United States is, undoubtedly, the leader in `weaponizing’ the information technology.  It is, therefore, interesting to know how its cyber forces function.  Based on Congressional hearings, the C4INET has published a four-part series on how the American military cyber forces are organized for active defensive and offensive operations, their capabilities and mission sets.  At the top is the Cyber Command, focused on strategic and joint force commander problem sets. It acts as an integrator and coordinator of offensive cyber activities. The cyber mission force consists of 133 teams and 6,200 persons. The services have their own separate cyber divisions but do not have offensive teams at their disposal as offensive roles and responsibilities are still held at the highest levels of government, i.e. US Cyber Command, but can be delegated down when required.

The Army, the first service to create a specific cyber branch, has set up a new Cyber Research and Analytics Laboratory to keep pace with rapid technological changes in the field and quickly support operational cyber-warriors with the latest upgrades, techniques and threats.  The new lab is specifically geared toward supporting ongoing combat operations, given the pace or trajectory of evolving cyber tactics. Its cyberattacks and electronic warfare techniques have made it very difficult for ISIS units to communicate with one another across large distances.  US cyber warriors have succeeded in disrupting or destroying ISIS social media efforts and some recruiting initiatives. The Army is also intently focused on near-peer threats such as Russia and China.  For more details, read the series and additional material included in the weekly report.

This year’s Black Hat conference at Las Vegas has a distinct message.  Cybersecurity is mainstream and at the core of geopolitics, national security, policy decisions, human rights and physical safety.  It is about responsibility of good hackers and researchers to prevent bad guys from disrupting human life by attacking critical infrastructure and financial systems.  Hence, the solution to `Hackers’ is more Hackers, but good ones. Governments, worldwide, are still wary of using `ethical’ hackers to protect the systems, but this is changing now.  India perhaps has the largest number of ethical hackers, and New Delhi is better served if it can make use of this `reserve’ force. A number of articles included in the report provide a glimpse of capabilities and exploits of these good hackers.

North Korea’s Army of hackers now has a new target: Bank Accounts, according to a South Korean report. The North’s cyberarmy has splintered into multiple groups and is unleashing orchestrated attacks increasingly focused on funneling stolen funds to the secretive nation.  The emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack seeking to obtain military information, destabilize networks or intimidate. The shift apparently is warranted by strain on the country’s finances due to international sanctions.

A new war is brewing between China and the US on control over Microchip industry.  This is somewhat reminiscent of American confrontation with Japan in 1980s, in which the former prevailed.  But, the 21st century war for semiconductor control may prove different.  The Chinese companies, despite severe fight-back from the US, Japan, South Korea and Taiwan, are marching ahead to challenge American Microchip hegemony.

INTER-STATE CYBER-WARFARE

Here’s how DoD organizes its cyber warriors

http://www.federaltimes.com/workforce/career/2017/07/25/heres-how-dod-organizes-its-cyber-warriors/  The Defense Department is posturing itself to fight and win wars and conflicts in all domains, especially cyberspace. At the top level, DoD, along with the contributions of the services, is continuing to build out the cyber mission force that makes up U.S. Cyber Command, focused on strategic and joint force commander problem sets. In addition to their CMF contributions, the services are working to stand up their own cyber forces to get at service-specific, organic mission sets. The cyber mission force consists of 133 teams and 6,200 persons.

Here’s how cyber service component mission sets differ from CYBERCOM

http://www.c4isrnet.com/cyber/2017/07/27/heres-how-cyber-service-components-cybercom-mission-sets-differ/  This is part two of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.  In addition to the work roles described in part one of this ongoing series that are distinct and separate from U.S. Cyber Command and the cyber mission force, other mission sets include providing capabilities in cyberspace and the electromagnetic spectrum to get at organic needs for their respective services.

What’s the difference between cyber and IT?

http://www.c4isrnet.com/it-networks/2017/07/27/whats-the-difference-between-cyber-and-it/   This is part three of a series exploring the differences between military cyber forces, capabilities, mission sets and needs. Confusion sometimes arises over the definition of IT infrastructure for keeping the network running vs weaponizing the network to support defensive or offensive cyber operations. DoDIN operations can be construed as classic IT work performed by a computer network defense service provider, while cyber operations — in this case on the defensive side — can be carried out by cyber protection teams. The most prominent of latter efforts is focused on a DoD-wide initiative to harden weapon systems, all of which, including legacy, rely upon some cyber-enabled element that makes them vulnerable to cyber attacks. DoD announced that it was repurposing $100 million for evaluating cyber vulnerabilities in weapon systems.

Here’s how the Air Force is fighting in the cyber domain

http://www.fifthdomain.com/dod/air-force/2017/07/28/heres-how-the-air-force-is-fighting-in-the-cyber-domain/  This is part four of a series exploring the differences between military cyber forces, capabilities, mission sets and needs. In addition to being the direct service link for U.S. Cyber Command, 24th Air Force, or AFCYBER, holds a mission set in cyberspace that is much more expansive than just the man, train and equip cyber mission force Cyber Command contribution. One of the Air Force-specific efforts their 17D cyber warriors perform is defense of specific installations. This initiative, which has undergone a series of moniker alterations, is now known as the cyber squadron initiative directed by the Air Force’s CIO office.

New Army Cyber War Lab Will Connect With Combat Operations

http://scout.com/military/warrior/Article/New-Army-Cyber-War-Lab-Will-Connect-With-Combat-Operations-105444432  The Army has set up a new Cyber Research and Analytics Laboratory to keep pace with rapid technological change in the field and quickly support operational cyber-warriors with the latest upgrades, techniques and threats, service officials said. The new lab, engineered as a subset of the larger Army Research Lab, is specifically geared toward supporting ongoing combat operations, given the pace or trajectory of evolving cyber tactics. Results from near term analysis and research will be quickly sent to Army Combatant Commanders, and operational cyber-warriors send back new anomalies, tactics and attack strategies associated with enemy cyber attacks

US Cyber Diplomacy Has Bigger Problems Than the Closure of its Coordination Office

http://www.defenseone.com/ideas/2017/07/keeping-cyber-coordinators-office-state-will-not-improve-us-cyber-diplomacy/139747/?oref=d-river  Secretary of State Rex Tillerson’s decision to close the State Department’s Office of the Coordinator for Cyber Issues and fold its responsibilities into the Bureau of Economic and Business Affairs has provoked widespread criticism. Closing the cyber coordinator’s office is consistent with the Trump administration’s marginalization of cyber issues in foreign policy.

Surveillance: German police ready to hack WhatsApp messages

http://www.dw.com/en/surveillance-german-police-ready-to-hack-whatsapp-messages/a-39830250  Germany’s security forces will have the technology to install surveillance software on cellphones. According to an internal Interior Ministry progress report published this week by the independent news outlet Netzpolitik, a new version of the German police’s Remote Communication Interception Software (RCIS) will be ready for use before the end of the year. Unlike the first version, RCIS 2.0 is not limited to the surveillance of desktop computers, but can be used on mobile devices with Android, iOS, and Blackberry operating systems. It circumvents the encryption built into services such as WhatsApp and Telegram by hacking the phones themselves and reading the messages “at source” on users’ screens.

No let-up in spying amid tit-for-tat Russian sanctions: U.S official

https://www.reuters.com/article/us-usa-trump-russia-espionage-idUSKBN1AG2JF  Russia still runs a versatile spying campaign against the United States despite sanctions and daily publicity about Moscow’s interference in the 2016 U.S. presidential election, the top U.S. counter-intelligence official said in an interview.  William Evanina, the National Counterintelligence Executive, described a wide array of challenges his agency faces: hacking of government and industry secrets; industrial espionage; government employees and contractors who share secrets with the news media and groups such as WikiLeaks and foreign acquisition of strategic U.S. industries.

Putin’s aide interviewed on cyber-security ties with US

https:Iz.ru It was reported initially after recent meeting between Presidents Putin and Trump that the leaders had reached agreement on the creation of a special working group in this sphere, however, later, the head of the Oval Office explained: it is possible that it will not actually be formed. Andrey Krutskikh, the Russian President’s Special Representative on Issues of International Cooperation in the Sphere of Information Security, spoke in an interview to Izvestiya about the state of Russo-American dialogue in this sphere, Moscow’s advancement of general rules for states’ conduct in the virtual sphere at a UN level, and also possible attempts by terrorists to cause clashes between states in cyberspace.

Congress asks US agencies for Kaspersky Lab cyber documents

http://www.business-standard.com/article/international/congress-asks-us-agencies-for-kaspersky-lab-cyber-documents-117073000003_1.html  A US congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out “nefarious activities against the United States,” according to letters seen by Reuters. The requests made the US House of Representatives Committee on Science, Space and Technology are the latest blow to the antivirus company, which has been countering accusations by US officials that it may be vulnerable to Russian government influence.

North Korea’s Army of Hackers Has a New Target: Bank Accounts

https://www.wsj.com/articles/north-korean-hackers-hunt-for-cash-1501128326  North Korea’s cyberarmy has splintered into multiple groups and is unleashing orchestrated attacks increasingly focused on funneling stolen funds to the secretive nation, according to a government-backed South Korean report. The emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack seeking to obtain military information, destabilize networks or intimidate. It also shows how North Korea’s fast-evolving—but costly—nuclear-missile program has accelerated its need for cash as it is subjected to financial sanctions.

China’s Next Target : U.S. Microchip Hegemony

https://www.wsj.com/articles/chinas-next-target-u-s-microchip-hegemony-1501168303  China is aiming “to take over more and more segments of the semiconductor market,” says White House trade adviser Peter Navarro, who fears Beijing will flood the market with inexpensive products and bankrupt U.S. companies. Today, the industry is riven by a nationalist battle between China and the U.S., one that reflects broad currents reshaping the path of globalization. Washington accuses Beijing of using government financing and subsidies to try to dominate semiconductors as it did earlier with steel, aluminum, and solar power. China claims U.S. complaints are a poorly disguised attempt to hobble China’s development. Big U.S. players like Intel Corp. and Micron Technology Inc. find themselves in a bind—eager to expand in China but wary of losing out to state-sponsored rivals.

U.S. Fight With China on Semiconductors Has Déjà Vu Feel

https://blogs.wsj.com/economics/2017/07/27/u-s-fight-with-china-on-semiconductors-has-deja-vu-feel/  “The battle [with China] is over who creates the next generation of semiconductor capabilities,” says Mr. Craig Mundie, who was a member of the Obama White House panel on semiconductors. That group recommended a big increase in basic research to fund what it called “moonshots”—next generation projects like quantum computers or implantable sensors to restore sight and hearing. Those devices would require futuristic computer chips. “The Chinese aren’t that far behind,” Mr. Mundie says. “Based on their efforts and their starting point, if we did nothing, it’s likely they could match U.S. capability in a decade. That’s not that long.”

China Faces Foes in Tokyo, Seoul and Beyond on Semiconductors

https://blogs.wsj.com/economics/2017/07/27/china-faces-foes-in-tokyo-seoul-and-beyond-on-semiconductors/  The U.S. isn’t the only country freaked out about China’s plans to push its way to the forefront of the global computer-chip market through rich financing and market power. So are other semiconductor powers, South Korea, Taiwan, Japan and Europe. Having been blocked from acquisitions, Chinese firms are now looking to hire foreign semiconductor executives, who can help them build a domestic industry, often picking ethnic Chinese managers. That has sometimes led to accusations of trade-secret theft.

Apple Removes Apps That Allowed China Users to Get Around Filters

https://www.wsj.com/articles/apple-removes-apps-that-allowed-china-users-to-get-around-filters-1501341653  Apple Inc. AAPL -0.70% has removed software from its app store in China that allowed users to circumvent the country’s vast system of internet filters. Several popular apps giving users access to virtual private networks, or VPNs, that tunnel through China’s sophisticated system of internet filters disappeared from the mainland China version of Apple’s App Store. Apple’s move is aimed at helping the company stay on the safe side of a raft of tough new cybersecurity regulations designed to solidify Beijing’s grip on the Chinese internet. Earlier this month, the Cupertino, Calif., technology giant announced that, because of the new rules, it planned to store all of its Chinese customers’ data on servers operated by a government-controlled company.

Joining Apple, Amazon’s China Cloud Service Bows to Censors

https://www.nytimes.com/2017/08/01/business/amazon-china-internet-censors-apple.html?rref=collection%2Fsectioncollection%2Ftechnology&action=click&contentCollection=technology&region=stream&module=stream_unit&version=latest&contentPlacement=5&pgtype=sectionfront  Days after Apple yanked anti-censorship tools off its app store in China, another major American technology company is moving to implement the country’s tough restrictions on online content. The Chinese company, Beijing Sinnet Technology, that operates Amazon’s cloud-computing and online services business there said on Tuesday that it told local customers to cease using any software that would allow Chinese to circumvent the country’s extensive system of internet blocks. The emails are the latest sign of a widening push by China’s government to block access to software that gets over the Great Firewall — the nickname for the sophisticated internet filters that China uses to stop its people from gaining access to Facebook, Google and Twitter, as well as foreign news media outlets.

Amazon halts sale of Android Blu Phone amid spyware concerns

https://threatpost.com/amazon-halts-sale-of-android-blu-phone-amid-spyware-concerns/127141/  Android phone maker Blu Products was dealt a blow when Amazon said it would no longer sell its phones, citing security and privacy issues.  The phone maker came under scrutiny last week by researchers at Kryptowire during a Black Hat session where they criticized the company for collecting personal identifiable information without user consent. The controversy stems from Blu’s use of a firmware updating utility called Adups in its phones. The company that makes the utility, Shanghai Adups Technology, was roundly criticized during the Black Hat session for continuing to use Adups on at least two Android handset makers’ phones

Malware found lurking behind every app at alternative Android store

https://www.welivesecurity.com/2017/07/25/malware-found-lurking-behind-every-app-alternative-android-store/?utm_source=newsletter&utm_medium=email&utm_campaign=wls-newsletter-280717  ESET researchers have discovered that CepKutusu.com, a Turkish alternative Android app store, was spreading malware under the guise of all offered Android apps. When users browsed the Turkish alternative app store CepKutusu.com and proceeded to download an app, the “Download now” button led to banking malware instead of the desired app. A few weeks after ESET researchers turned to the store’s operator with the discovery of the attack, the store’s malicious activity ceased.

Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse (free PDF)

http://www.techrepublic.com/resource-library/whitepapers/defending-against-cyberwar-how-the-cybersecurity-elite-are-working-to-prevent-a-digital-apocalypse-free-pdf/?ftag=TREe09998f&bhid=27547637924291379434650709219148 Cyberwar has evolved from the theoretical to the ominous. TechRepublic went inside one of the defenders vs. hackers war games that’s helping countries prepare to defend themselves. This download provides the magazine version of the article as a free PDF. The online version of this story is available here.

We’re Thinking about Cybersecurity All Wrong

https://www.technologyreview.com/s/608335/were-thinking-about-cybersecurity-all-wrong/  Where we are right now is that more and more countries are beginning to incorporate cyber capabilities into their tools of statecraft. We need to recognize that it is going to become a tool of statecraft, not just for the U.S. and the high-end players like Russia, China, Israel, and Great Britain, but for almost everybody. As a result, we need to begin to think through how we set up norms of behavior and rules of the road, so that this is not destabilizing.

CYBER TERRORISM

Snap joins rivals Facebook and YouTube to fight terrorism

https://techcrunch.com/2017/07/31/snap-fights-terrorism/  Snap Inc has joined the Global Internet Forum to Counter Terrorism, which sees consumer internet companies cooperating to stop the spread of terrorism and extremism online. Facebook, Google and YouTube, Microsoft and Twitter formed the GIFCT last month, and it hosted on August 1 its first workshop with fellow tech companies plus government and non-governmental organizations.

CYBER CRIME

Congress Seeks Wasserman Schultz Testimony in IT Scandal Investigation

http://freebeacon.com/national-security/congress-seeks-wasserman-schultz-testimony-scandal-investigation/?utm_source=Freedom+Mail&utm_campaign=df8856c59d-EMAIL_CAMPAIGN_2017_07_28&utm_medium=email&utm_term=0_b5e6e0e9ea-df8856c59d-38360125 Congressional leaders are interested in conducting their own independent investigation into a growing scandal surrounding IT staffers working for Rep. Debbie Wasserman Schultz (D., Fla.), who are accused of stealing sensitive computer equipment from House lawmakers’ offices.  One of these IT staffers, Imran Awan, was arrested this week when trying to travel to Pakistan and charged with bank fraud after a months-long investigation that found he wired nearly $300,000 to that country. Several other staffers tied to Awan are the focus of an investigation into claims they stole sensitive equipment and illegally penetrated the House IT network.

Massive DDoS attack lasts for 277 hours, highlighting growth of extended attacks on businesses

http://www.techrepublic.com/article/massive-ddos-attack-lasts-for-277-hours-highlighting-growth-of-extended-attacks-on-businesses/?ftag=TREa988f1c&bhid=27547637924291379434650709219148 Extended DDoS attacks are back in business: Q2’s longest attack was active for 277 hours, or more than 11 days, according to a new report from Kaspersky Lab. This represents a 131% increase compared to Q1, and a current record for the year. Further, the geography of these attacks changed from Q1 to Q2, Kaspersky Lab found, with organizations with online resources located in 86 countries targeted, compared to 72 countries prior. The top 10 countries most affected by DDoS attacks this quarter were China, South Korea, the US, Hong Kong, the UK, Russia, Italy, the Netherlands, Canada, and France. Targets of DDoS attacks in Q2 included news agencies Al Jazeera, Le Monde, and Figaro, as well as Skype servers, reportedly.

New mobile banking Trojans

http://www.homelandsecuritynewswire.com/dr20170802-new-mobile-banking-trojans  In mid-July 2017, Kaspersky Lab researchers found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services. Attack data suggests this Trojan is not yet widely deployed. The Svpeng malware family is known for being innovative. Starting from 2013, it was among the first to begin attacking SMS banking. In 2016, cybercriminals were actively distributing Svpeng through AdSense using a vulnerability in the Chrome browser. This makes Svpeng one of the most dangerous mobile malware families.

`Game of Thrones’ script leaked after HBO victimized by cyberattack

http://economictimes.indiatimes.com/magazines/panache/game-of-thrones-script-leaked-after-hbo-victimized-by-cyberattack/printarticle/59856726.cms  HBO said its network was victimized by a cyberattack, and media reports said the hack resulted in the leak of a script of the popular series “Games of Thrones” and content from other productions. Hackers reportedly obtained the script of a new episode of the award ­winning fantasy series as well as unaired episodes of two other programs, “Ballers” and “Room 104.”

Pharmaceutical Giant still feeling NotPetya’s sting

https://threatpost.com/pharmaceutical-giant-still-feeling-notpetyas-sting/127130/ Merck, among the world’s largest pharmaceutical companies, said last week that it has still not fully recovered from the June 27 NotPetya attack.  The disruption affected manufacturing, research and sales operations worldwide, and that it continues to affect “certain operations.”

ShieldFS can detect Ransomware, Recover files

https://threatpost.com/shieldfs-can-detect-ransomware-recover-files/127121/  Researchers from Italy’s Politecnico di Milano unveiled at Black Hat last week an add-on Windows driver and filesystem that detects ransomware and recover files.  ShieldFS was officially unveiled during the hacker conference by researchers who said the tool was tested against more than a dozen ransomware strains-including WannaCry-and successfully detected the malware in 97 percent of occasions with zero file loss.

Breach at third party contractor affects 18,000 Anthem members

https://threatpost.com/breach-at-third-party-contractor-affects-18000-anthem-members/127139/ A month after it agreed to settle 2015’s massive data breach, Anthem Inc, the US’s largest healthcare company, has a new problem on its hands. It began notifying 18,000 members affected by an unrelated data breach last week. The breach stems from a 2016 incident involving a third-party company, LaunchPoint Vntures, that provides insurance coordination services to Anthem.

IIT graduate, his firm booked for hacking Aadhaar data

http://indianexpress.com/article/india/iit-grad-his-firm-booked-for-hacking-aadhaar-data-4772220/  The Unique Identity Development Authority of India (UIDAI) has lodged a complaint against an IIT-Kharagpur graduate and his mobile-payment company for allegedly accessing its central information depository to create and operate a private app called Aadhaar ‘eKYC Verification’. “There is a fear that somebody figured out a way through the code to get easy access to the central depository of identities,’’ said police sources.

Malware attack on MTNL broadband in Delhi

http://timesofindia.indiatimes.com/business/india-business/malware-attack-on-mtnl-broadband-in-delhi/articleshow/59811812.cms  Several broadband connections of state-run MTNL have been impacted in the national capital after a malware attack. The issue, which company officials claim is “under control now”, impacted services at many households with malfunctioning of the broadband services. The impact on enterprise connections is still not clear, though sources say that operations were also impacted there.

Cybercrime spiked in India after demonetisation, say experts

http://www.livemint.com/Industry/M8z9KNBBPbN6AFc8j0NF5M/Cybercrime-spiked-after-demonetisation-say-experts.html  “The last eight months have been the most fertile months in the history of independent India for the growth of cybercrime,” Pavan Duggal, president at Cyberlaws.Net and an advocate in the Supreme Court, said at a panel discussion on ‘Risk and Regulation in FinTech World’. “As a country we are clueless as to how to address cyber security barring coming up with National Cybersecurity Policy of 2013 which has primarily remained a paper document. Till this point in time, there is no dedicated law for cyber security,” said Duggal.

Instagram posts will soon help sniff out Tax evaders in India

http://economictimes.indiatimes.com/news/economy/policy/instagram-posts-will-soon-help-sniff-out-tax-evaders/printarticle/59801097.cms  A photo of your shiny new car on Instagram or the Facebook post about your chic holiday cottage may lead India’s taxman to your door. Starting next month, Prime Minister Narendra Modi’s government will begin amassing a warehouse of virtual information collected not just from traditional sources like banks but also from social media sites, as it looks to match residents’ spending patterns with income declarations, said people familiar with the matter. Countries including Belgium, Canada and Australia are already using big data to unearth tax evasion that may have gone undetected without technology. India’s efforts resemble the U.K.’s ‘Connect.

CYBER-SECURITY

Black Hat 2017 – Las Vegas  

Will the real Security Community please stand up

https://threatpost.com/will-the-real-security-community-please-stand-up/127156/  The message of Black Hat 2017 at Las Vegas was pretty simple when you cut right to it: It’s time to grow up.  Hackers and researchers and pundits – all the good guys – are suddenly on the front page every day, above the fold.  Cybersecurity is mainstream and at the core of geopolitics, national security, policy decisions, human rights and physical safety.  It’s about responsibility and practicality, and it’s about giving back for real and solving problems.

Protecting the power grid from low-budget attacks

http://www.homelandsecuritynewswire.com/dr20170802-protecting-the-power-grid-from-lowbudget-attacks  Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. Last week, at the Black Hat USA 2017 conference in Las Vegas, a team of researchers challenged that notion by disclosing vulnerabilities in a component that combined with publicly available information provide sufficient information to model an advanced, persistent threat to the electrical grid.

Hacker Cracks Voting Machine in Less Than 2 Hours

https://www.wsj.com/articles/hacker-cracks-voting-machine-in-less-than-2-hours-1501357973  A touch-screen voting machine used in a 2014 election in Virginia was hacked in about 100 minutes by exploiting a Windows XP flaw that was more than a decade old as part of a demonstration on security vulnerabilities in election technology. The hacker was Carsten Schürmann, an associate professor with IT University of Copenhagen. He was one of the computer hackers invited to the Defcon convention in Las Vegas to test the security and integrity of common pieces of voting technology, many of which were purchased more than a decade ago and are rapidly becoming obsolete.

A Solution to Hackers? More Hackers

https://www.nytimes.com/2017/08/02/technology/a-solution-to-hackers-more-hackers.html?rref=collection%2Fsectioncollection%2Ftechnology&action=click&contentCollection=technology&region=stream&module=stream_unit&version=latest&contentPlacement=2&pgtype=sectionfront  The topic of ethical hacking was on everyone’s mind at Def Con, the hacker convention last week in Las Vegas. It’s the security community’s annual gathering, where thousands of hackers gathered to show their latest exploits, discuss new security research and swap cyberwar stories. The problem is that the government doesn’t make it easy for well-meaning hackers to pitch in on defense. Laws like the Computer Fraud and Abuse Act make poking around inside many government systems, even for innocent research purposes, a criminal offense. The private sector has already discovered the benefits of hackers. Most major tech companies — including Facebook, Apple and Microsoft — offer “bug bounty” programs. The only thing that stops a bad guy with a hack is a good guy with a hack.

GM Hires Jeep Hackers as Detroit Battles Silicon Valley for Tech Talent

https://www.wsj.com/articles/gm-hires-jeep-hackers-as-detroit-battles-silicon-valley-for-tech-talent-1501531273  Chris Valasek and Charlie Miller made names for themselves a couple of years ago when they remotely hacked into a Jeep made by Fiat Chrysler Automobiles NV. Now they are going to work for General Motors Co. GM 0.59%. GM’s self-driving-vehicle subsidiary, Cruise Automation, has hired the cybersecurity experts from two major ride-sharing firms, the latest salvo in a war for tech talent between Silicon Valley and Detroit. Mr. Valasek was working as Uber Technologies Inc.’s top cybersecurity expert, and Mr. Miller had worked at Uber before leaving in March to join Didi Chuxing, China’s largest ride-hailing firm. GM is looking to move into a leading position on autonomous vehicles that are connected to the internet and can be updated over the air.

George Mason’s new Center of Excellence for Criminal Investigations and Network Analysis

http://www.homelandsecuritynewswire.com/dr20170802-george-mason-s-new-center-of-excellence-for-criminal-investigations-and-network-analysis  The U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has selected George Mason University in Fairfax, Virginia to lead a consortium of U.S. academic institutions and other partners for a new Center of Excellence (COE) in Criminal Investigations and Network Analysis (CINA). S&T will provide CINA with a $3.85 million grant for its first operating year in a 10-year grant period.

Is it safe to store corporate information on Google Drive (or similar services)?

https://www.welivesecurity.com/2017/07/26/safe-store-corporate-information-google-drive/?utm_source=newsletter&utm_medium=email&utm_campaign=wls-newsletter-280717  Using file sharing and storage solutions in the cloud is secure so long as they comply with a series of norms and international regulations, and we ourselves also implement certain additional security policies. Nonetheless, we must never be careless about the security of information stored both within and outside of our company, nor believe that it is someone else’s responsibility. We need to apply all the additional security measures available to us in order to protect it sufficiently.

Homograph attacks: Don’t believe everything you see

https://www.welivesecurity.com/2017/07/27/homograph-attacks-see-to-believe/?utm_source=newsletter&utm_medium=email&utm_campaign=wls-newsletter-280717  Existing precautions are no longer enough, because cybercriminals are using increasingly complex techniques to trick the user. Using HTTPS and certificates isn’t a security consideration on the part of the attacker; after all, if they’re stealing your credentials, what do they care whether they are encrypted or not? It is recommended that you look carefully at the security certificates, avoid accessing websites through links sent in emails, and add an extra layer protection to your accounts by using two factor authentication.

Election Officials, Homeland Security Begin to Formalize Cybersecurity Efforts

https://www.wsj.com/articles/election-officials-homeland-security-begin-to-formalize-cybersecurity-efforts-1501268605  Officials from a dozen states and the federal government took preliminary steps this week toward more formal cooperation regarding election-security efforts at a two-day meeting near Albany, N.Y. They discussed coordinating information-sharing about potential cyberthreats among the U.S. Election Assistance Commission, the Department of Homeland Security and state and local election offices. The meeting followed months of sometimes contentious back-and-forth between federal and state officials. State election officials of both political parties have criticized the Department of Homeland Security’s decision in January to formally designate election systems “critical infrastructure.”

Report: The top 5 cybersecurity threats of 2017

http://www.techrepublic.com/article/report-the-top-5-cybersecurity-threats-of-2017/?ftag=TRE684d531&bhid=27547637924291379434650709219148  A report from Accenture has examined key threats that have emerged in the first half of 2017. Here’s how businesses can stay safe. Properly training employees to recognize emerging threats can help an organization head off potential problems earlier and mitigate potential damage. Spam filters should be present and authentication should be robust to make sure email is protected. Companies should also scan emails for potential threats. Patch your apps and operating systems when necessary, make sure firewalls and virus scanners are configured, and check your admin rights. A strong resilience plan that includes backups and it regularly updated can help hedge your bets against paying for ransomware.

Adopting a resilient cybersecurity posture

http://www.livemint.com/Opinion/G1dbWT1Xa99gs2CAV5UeyO/Adopting-a-resilient-cybersecurity-posture.html  A new age vendor risk management solution requires an organization to continuously monitor and quantify the cyber risk of third parties. The continuous monitoring approach adopted under these solutions over the prevalent practice of a snapshot-based security audit makes it possible to reduce exposure to serious data breaches from third parties in addition to the organization itself. This risk is especially important in case of the third-party provider storing personally identifiable information (PII) or other sensitive information on a public cloud in order to deliver a business service.

RESEARCH & DEVELOPMENT AND MISCELLANEOUS

Applied cybersecurity research for better protection of critical national infrastructure sectors

http://www.homelandsecuritynewswire.com/dr20170727-applied-cybersecurity-research-for-better-protection-of-critical-national-infrastructure-sectors  DHS S&T awarded a five-year Other Transaction Agreement (OTA), with a maximum value of $70 million, to Arlington, Virginia-based Cyber Apex Solutions, LLC, to facilitate applied research of prototype cyberdefenses for critical national infrastructure sectors. Through this OTA contract, S&T will fund testing, evaluation and transition of prototype cybersecurity technologies that will reduce risk of cyberattacks to critical infrastructure sectors, beginning with the financial services industry.

Facebook shuts down AI system after creating its own language

http://www.business-standard.com/article/companies/facebook-shuts-down-ai-system-after-creating-its-own-language-117073100229_1.html  Days after Tesla CEO Elon Musk said that artificial intelligence (AI) was the biggest risk, Facebook has shut down one of its AI systems after chatbots started speaking in their own language defying the codes provided. According to a report in Tech Times on Sunday, the social media giant had to pull the plug on the AI system that its researchers were working on “because things got out of hand”.  In June, researchers from the Facebook AI Research Lab (FAIR) found that while they were busy trying to improve chatbots, the “dialogue agents” were creating their own language. Soon, the bots began to deviate from the scripted norms and started communicating in an entirely new language which they created without human input, media reports said.

Brexit is distracting political parties from the real threat facing the UK – digital inequality

http://www.independent.co.uk/voices/data-robots-automation-ippr-brexit-is-distracting-a7869261.html  Crucially, we risk sleepwalking into a world in which the infrastructure of the digital economy, its rules, and the power that resides in that control, is shaped and controlled by a few dominant American companies. This is the new dominant economic position that progressives need to understand and respond to. How can we build a democratically governed and owned data infrastructure that can produce greater equity and genuine innovation? Can platforms be governed in more co-operative approaches to ensure labour enjoys security and voice alongside flexibility? And how should we regulate unaccountable, private algorithms, laced through with questions of economic power?

Bitcoin’s Civil War: What You Need to Know

https://www.wsj.com/articles/bitcoins-civil-war-what-you-need-to-know-1501508664  This week, after years of industry infighting, the digital currency bitcoin is set to get a new competitor: itself. A splinter group of bitcoin developers is launching a new version of the currency with a different configuration, the latest twist in a political quarrel for control over the network that controls bitcoin’s trading. But the new experiment, known as Bitcoin Cash, is causing confusion as exchanges and brokerages scramble to deal with the new currency. The new bitcoin is slated to be launched Tuesday, a retaliation against a somewhat controversial July agreement in the industry that concerned expanding the bitcoin trading network. As a result, there will now be two competing versions of bitcoin, both vying for the support of investors, developers, and miners.

Legislation proposed to secure connected IOT Devices

https://threatpost.com/legislation-proposed-to-secure-connected-iot-devices/127152/ A Senate bill introduced on Aug 1 would prioritize security in connected devices, requiring providers who sell to the US government to implement measures that would have been an impediment to the IoT botnet-fueled attacks against DNS provider Dyn and webhost OVH.

LEAVE A REPLY