WEEKLY REPORT – CYBER SECURITY (June 21, 2017)

0
17

Summary Remarks

Even as the US is releasing new information on the extent of Russian cyber penetration into American electoral systems and preparing for Congressional sanctions against Moscow, the US, China, EU, Japan and other countries are in a `horse race’ to outdo one another in higher processing power and secure communications.  Chinese scientists achieved an important breakthrough that harness enigmatic properties of matter and energy at subatomic level.  Experiments with the recently launched Micius satellite could propel China to the forefront of hack-proof global communications network.  In the wake of China’s milestone, scientific community outside of China are also pushing their governments to play catch up in the quantum space race.

The Trump administration is trying to stave off China and other countries challenging the U.S. for dominance in the next generation of the world’s fastest computers. It announced a $258 million project to develop new supercomputers that can crunch data at least 50 times faster than the nation’s most powerful systems today. By 2021, the U.S. plans to deliver at least one “exascale” system which performs one quintillion—a billion billion—calculations per second. That would be one year later than when China has said it plans to deploy its first system. Both countries are anticipated to deliver production-ready systems that can solve problems at exascale speeds by as soon as 2023.

US security agencies provided new information to the Congress stating that Russian hackers targeted 21 state election systems in 39 states during the 2016 presidential race.  The attack was broader and deeper than previously thought.  The type of targets the Russian hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections and 2020 presidential election even more effectively than did the 2016 presidential election. Homeland security also assess that Hackers allied with the Russian government have created a cyber weapon – CrashOverride malware- that could have a devastating effect on US electric systems and other utilities.

Meanwhile, Wikileaks released another set of documents revealing CIA operations hacking home, office and public wireless routers for years to carry out clandestine surveillance.

INTER-STATE CYBERWARFARE

CIA hacked Wi-Fi routers for years, reveals Wikileaks leaked documents

http://www.business-standard.com/article/international/cia-hacked-wi-fi-routers-for-years-reveals-wikileaks-leaked-documents-117061600959_1.html  Leaked secret documents posted by WikiLeaks on its website revealed that the United States’ Central Intelligence Agency (CIA) has been hacking home, office and public wireless routers for years in an effort to carry out clandestine surveillance. The documents which are part of an ongoing series of leaks released by the WikiLeaks, revealing the work of the CIA’s elite hacking unit called as Engineering Development Group, could not be immediately verified. As per the leaked documents, home routers from 10 manufacturers, including Linksys, DLink, and Belkin can be turned into covert listening posts that allow the CIA to monitor and manipulate incoming and outgoing traffic and infect connected devices.

China Makes Leap Toward ‘Unhackable’ Quantum Network

https://www.wsj.com/articles/scientists-make-leap-toward-quantum-network-1497549676   Chinese scientists have succeeded in sending specially linked pairs of light particles from space to Earth, an achievement experts in the field say gives China a leg up in using quantum technology to build an “unhackable” global communications network.  The result is an important breakthrough that establishes China as a pioneer in efforts to harness the enigmatic properties of matter and energy at the subatomic level, the experts said.

DARPA Programs Create Defense Systems for Data, Networks

https://www.defense.gov/News/Article/Article/1214297/darpa-programs-create-defense-systems-for-data-networks/source/GovDelivery/  Defense Advanced Research Projects Agency is creating technology to protect U.S. data, networks and national security, DARPA’s acting director said in Baltimore.  Its security research goals have three focus areas in the cyber security domain — hardening systems against cyber attack, operating through cyber attacks and winning in the cyber domain.

U.S. Invests $258 Million in Supercomputing Race with China

https://www.wsj.com/articles/u-s-invests-258-million-in-supercomputing-race-with-china-1497549600  The U.S. government is trying to stave off China and other countries challenging the U.S. for dominance in the next generation of the world’s fastest computers.  The Department of Energy on Thursday said it would award $258 million over three years to be shared by six tech companies, as part of a plan to develop new supercomputers that can crunch data at least 50 times faster than the nation’s most powerful systems today.

Russian government hackers broke into voting systems in 39 states

http://www.homelandsecuritynewswire.com/dr20170615-russian-government-hackers-broke-into-voting-systems-in-39-states The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

Russian hackers targeted 21 election systems, says US official

http://www.business-standard.com/article/international/russian-hackers-targeted-21-election-systems-says-us-official-117062200992_1.html  Russian hackers targeted 21 US state election systems in the 2016 presidential race and a small number were breached but there was no evidence any votes were manipulated, a Homeland Security Department official told Congress.

Senators strike bipartisan deal to punish Russia for hacking U.S. election

https://insidecybersecurity.com/daily-news/senators-strike-bipartisan-deal-punish-russia-hacking-us-election  Senators have reached a bipartisan deal to impose additional sanctions on Russia for hacking the 2016 presidential election, with proponents of the measures saying they signal a unified congressional front in deterring future cyber attacks.  The announcement of the bipartisan deal comes amid news reports that Russia has developed a cyber “weapon” to target U.S. electric utilities, which has prompted the top Democrat on the Senate Energy and Natural Resources Committee to call for tougher actions against Russia.

US Federal officials, electric sector focus on info-sharing amid reports of Russian cyber weapon

https://insidecybersecurity.com/daily-news/federal-officials-electric-sector-focus-info-sharing-amid-reports-russian-cyber-weapon  The electric sector and government partners are focused on sharing cyber threat intelligence to enhance defenses against a newly reported cyber weapon, allegedly developed by entities close to the Russian government, that could be used to disrupt the American electric grid and other utilities. Hackers allied with the Russian government have created a cyber weapon – the “CrashOverride” malware – based on a cyber exploit used to bring down the Ukrainian power grid last year, The Washington Post reported today, citing a new report by cybersecurity firm Dragos. That tool could have a “devastating effect” on U.S. electric systems and other utilities, the report said.

Estonia sees Russia as biggest cyber threat at it assumes EU presidency

https://insidecybersecurity.com/daily-news/estonia-sees-russia-biggest-cyber-threat-it-assumes-eu-presidency  Estonia’s leading cybersecurity officials view Russia as the biggest threat to the country’s data security as it prepares to assume the European Union presidency, amid growing global concerns about Russia’s cyber influence. Estonia is generally recognized as an international leader on cybersecurity, and hosts the NATO Cooperative Cyber Defense Center of Excellence. The country’s election system has been fully digitized since 2007. with about a third of votes cast electronically in the last parliamentary election in 2014, which was discussed as offering lessons for other countries.

NHS cyber-attack was ‘launched from North Korea’

http://www.bbc.com/news/technology-40297493  Britain’s National Cyber Security Centre (NCSC) led international investigation reaffiremed that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned. The revelation of the link to North Korea will raise difficult questions about what can be done to respond or deter such behaviour in the future.

Mexican government spyware target monitoring its journalists, lawyers

https://threatpost.com/mexican-journalists-lawyers-focus-of-government-spyware/126367/  Dozens of Mexican journalists, lawyers, and even a child, had their devices infected with commercially produced spyware during the past two years as part of an overarching campaign believed to be carried out by the nation’s government. The spyware, Pegasus, came in the form of text messages masquerading as correspondence from the US government, the embassy of US to Mexico, and even emergency AMBER alerts about purportedly stolen children.  The Munk School of Global Affairs at the University of Toronto’s Citizen Lab says it is, “the clearest evidence yet that government-exclusive spyware is being used in an effort to infect and monitor Mexican journalists.

CYBER-SECURITY

South Korea formally joins APEC cross-border data rules

https://insidecybersecurity.com/daily-briefs/south-korea-formally-joins-apec-cross-border-data-rules  South Korea has decided to participate in the Asia-Pacific Economic Cooperation’s Cross-Border Privacy Rules, which set voluntary but enforceable standards for protecting data among the 21-nation economic regional group. South Korea will join Canada, Japan, Mexico, and the U.S. in using the APEC standards, which are seen as an international model for data security and privacy. The APEC CBPR system is a regional, multilateral cross-border data transfer mechanism and enforceable privacy code of conduct for businesses developed by APEC member economies.

U.S., European Union commit to greater cyber cooperation

https://insidecybersecurity.com/daily-briefs/us-european-union-commit-greater-cyber-cooperation  The U.S. and EU at a June 16 ministerial meeting on justice and home affairs in Malta agreed to “step up” joint work on cybercrime.  “The sides reaffirmed the need to step up joint work on cybersecurity and cybercrime in all its dimensions including with the private sector,” the European Council said in a statement.

EU adopts cyber sanctions as part of diplomatic strategy

https://insidecybersecurity.com/daily-briefs/eu-adopts-cyber-sanctions-part-diplomatic-strategy  The Council of the European Union has adopted a framework for a joint EU diplomatic response to malicious cyber activities, which includes new sanctions for cyber aggressors operating with the boundaries of member states. “The EU reiterates that states should not knowingly allow their territory to be used for internationally wrongful acts using Information and Communication Technologies (ICT),” states a press release issued by the EU Council on Monday.

House Homeland Security panel approves first DHS reauthorization with cyber-related revisions

https://insidecybersecurity.com/daily-news/house-homeland-security-panel-approves-first-dhs-reauthorization-cyber-related-revisions  The House Homeland Security Committee approved bipartisan legislation to reauthorize the Department of Homeland Security for the first time, with revisions that boost cybersecurity provisions for aviation and maritime transportation, as well as a requirement that DHS conduct a government-wide cybersecurity risk assessment.

Treasury calls for streamlined cybersecurity regulatory requirements

https://insidecybersecurity.com/daily-briefs/treasury-calls-streamlined-cybersecurity-regulatory-requirements  The Treasury Department is calling on state and federal regulators to harmonize and streamline cybersecurity requirements in a report that is seen as the first indication from the Trump administration on financial regulatory reforms. “In cybersecurity, financial institutions share the same goal as regulatory agencies: maintaining the safety and soundness of the financial system by mitigating and protecting financial institutions and the sector from cybersecurity risks,” according to the Treasury report issued on June 12.

U.S. Chamber issues principles for ‘fair and accurate’ cybersecurity ratings

https://insidecybersecurity.com/daily-news/us-chamber-issues-principles-%E2%80%98fair-and-accurate%E2%80%99-cybersecurity-ratings  The U.S. Chamber of Commerce has drafted a set of principles to aid in the development of “fair and accurate” security ratings that can assist cybersecurity professionals in evaluating an organization’s cyber efforts.  The Chamber issued the principles in an effort to prevent “inaccurate, irrelevant, incomplete, or unverifiable” security ratings, according to a blog post by Ann Beauchesne, senior vice president of the Chamber’s National Security and Emergency Preparedness Department.

US Senator presses Booz Allen Hamilton on alleged mishandling of passwords

https://insidecybersecurity.com/daily-briefs/mccaskill-presses-booz-allen-hamilton-alleged-mishandling-passwords  Senate Homeland Security Committee ranking member Claire McCaskill (D-MO) is probing Booz Allen Hamilton on its efforts to prevent the loss of passwords and other sensitive information, including government files following a report that the contractor mistakenly allowed passwords become publicly accessible. “It’s of vital importance that no one can gain unauthorized access to national security information–but Booz Allen Hamilton put passwords and other sensitive information out there for the world to see,” McCaskill said in a statement. “This isn’t the first serious incident involving this company, and it’s critical we understand what they’re doing to end this pattern.”

CYBER-TERRORISM

Fake news: Studying cyber propaganda and false information campaigns

http://www.homelandsecuritynewswire.com/dr20170615-fake-news-studying-cyber-propaganda-and-false-information-campaigns   A University of Arkansas at Little Rock professor has received more than $1.5 million to research ways to aid U.S. military forces in the fight against cyber propaganda campaigns.  UALR notes that in his research, Dr. Nitin Agarwal will use cyber forensics and deep web search-based methodologies to study the sources of false information on the Internet, how it is spread through social media, and how people and groups strategically use this false information to conduct cyber propaganda campaigns.

Facebook Boosts AI to Block Terrorist Propaganda

https://www.wsj.com/articles/facebook-boosts-a-i-to-block-terrorist-propaganda-1497546000  Facebook has expanded its use of A.I. in recent months to identify potential terrorist postings and accounts on its platform—and at times to delete or block them without review by a human. In the past, Facebook and other tech giants relied mostly on users and human moderators to identify offensive content. Even when algorithms flagged content for removal, these firms generally turned to humans to make a final call.

YouTube Sets New Policies to Curb Extremist Videos

https://www.nytimes.com/2017/06/18/business/youtube-terrorism.html?hpw&rref=technology&action=click&pgtype=Homepage&module=well-region&region=bottom-well&WT.nav=bottom-well&_r=0  YouTube has struggled for years with videos that promote offensive viewpoints but do not necessarily violate the company’s guidelines for removal. Now it is taking a new approach: Bury them. The issue has gained new prominence amid media reports that one of the London Bridge attackers became radicalized by watching YouTube videos of an American Islamic preacher, whose sermons have been described as employing extremely charged religious and sectarian language. Google, YouTube’s parent company, announced a set of policies aimed at curbing extremist videos on the platform.

VULNERABILITIES / PATCHES / R&D

Protecting auto computer systems from hacks

http://www.homelandsecuritynewswire.com/dr20170616-protecting-auto-computer-systems-from-hacks  When you and your family are zooming along the freeway, the last thing you’re worried about is the security of your car’s computer systems. That’s one reason researchers work hard on protecting vehicles from cyberattacks. Computer engineering research team is focused on the security of wireless interfaces utilized by vehicles, the number of which will only grow as autonomous cars and trucks roll closer to reality.

Certified ISAO group launches system for info-sharing across sectors, forms election ISAO

https://insidecybersecurity.com/daily-news/certified-isao-group-launches-system-info-sharing-across-sectors-forms-election-isao The International Association of Certified ISAOs has developed a platform that allows its members to easily share cyber-threat intelligence across industry sectors as well as with the government, and has formed an info-sharing group for the nation’s election system, which is planning its first meeting this fall. “We’re breaking down the long-standing barriers and brick walls” between critical industry infrastructure sectors, said IACI President Deborah Kobza in announcing the launch of the “IACINet” info-sharing platform at the group’s quarterly meeting Thursday in Arlington, VA.

Big data, big dangers

http://www.thehindu.com/opinion/op-ed/big-data-big-dangers/article19050181.ece?homepage=true  The government has approved the “Digital India” Plan that aims to connect 2.5 lakh villages to the Internet by 2019 and to bring Wi-Fi access to 2.5 lakh schools, all universities and public places in major cities and major tourist centres. This is indeed a very desirable policy step. But unless we evolve appropriate policies to counter the side effects of the Digital Plan, this could also lead to the unforeseen eColonisation of India.

Disney, Depp and the cyber supply chain risk management problem

https://www.welivesecurity.com/2017/06/15/disney-depp-cyber-supply-chain-risk-management-problem/?utm_source=newsletter&utm_medium=email&utm_campaign=wls-newsletter-160617  Multimillion dollar movies and TV shows – like Orange is the New Black – are now being targeted by bad actors of the digital kind, black-hatted hackers – in other words, cybercriminals. These plunderers of IP are trying to find the best business model by which to monetize their ability to get their hands on pre-release copies of major productions. So, every movie studio and TV production company needs to be thinking about what they can do to protect their digital assets, not just on location and in the studio, but in every other place to which those assets travel during the production process.

Employees have “low cyber IQ” despite high corporate confidence

https://www.welivesecurity.com/2017/06/14/low-cyber-iq-corporate-confidence/?utm_source=newsletter&utm_medium=email&utm_campaign=wls-newsletter-160617  Employees on both sides of the Atlantic lack a basic understanding in cybersecurity, in stark contrast with businesses’ high confidence in their cybersecurity capabilities. That is the main finding of a new survey conducted by Willis Towers Watson, which found that 63% of UK businesses believe their systems to be highly protected with the necessary processes in place for dealing with potential breaches. However, the survey uncovered a lack of basic knowledge among the employees themselves, nearly half of whom said it was “safe to open any email on their work computer”.

Former US security advisor: Cyberattacks damage society as much as physical infrastructure

http://www.techrepublic.com/article/former-us-security-advisor-cyberattacks-damage-society-as-much-as-physical-infrastructure/?ftag=TRE684d531&bhid=27547637924291379434650709219148   In an interview at this week’s Global Cybersecurity Summit in Kiev, Ukraine, former deputy national security advisor and deputy secretary of state Tony Blinken said that the threat posed by cyberattacks to human infrastructure, meaning what we think and believe, is as important as the threat to physical infrastructure. The best defense against the threat to human infrastructure, Blinken said, is a population of educated consumers with strong critical thinking abilities.

Private Sector Cyber Defense: Can Active Measures Help Stabilize Cyberspace?

http://carnegieendowment.org/2017/06/14/private-sector-cyber-defense-can-active-measures-help-stabilize-cyberspace-pub-71236? The cyber revolution and ever-growing transfer of human activities into the virtual world are undermining the social contract between modern states and their citizens. Most governments are becoming unable and unwilling to protect citizens and private enterprises against numerous, sophisticated cyber predators seeking to disrupt, manipulate, or destroy their digital equities. Inevitably, states are focused on protecting governmental assets and national infrastructure, leaving themselves with modest residual capacity and resolve to underwrite other cybersecurity risks. Faced with this reality, private entities are reluctantly but increasingly complementing their passive cybersecurity practices with more assertive “active cyber defense” (ACD) measures.

Cyber researcher cites need for vulnerability disclosure legislation

https://insidecybersecurity.com/daily-news/cyber-researcher-cites-need-vulnerability-disclosure-legislation  A top cybersecurity researcher who helped set up “bug bounty” programs at the Pentagon and Microsoft said that legislation offering protections for “white-hat” hackers might be needed to incentivize the disclosure of cyber vulnerabilities to companies.

Cisco 2017 Annual Cybersecurity Report

http://www.cisco.com/c/dam/m/digital/1198689/Cisco_2017_ACR_PDF.pdf  Cisco in June 2017 issued a report detailing key threat intelligence and cybersecurity trends. The report reveals that most companies use more than five security vendors and more than five security products to protect their systems from cyber threats. However, most organizations can only investigate a little more than half of the security alerts they receive on a given day, the report finds.

Uncovering Password Habits: Are Users’ Password Security Habits Improving?

https://digitalguardian.com/blog/uncovering-password-habits-are-users-password-security-habits-improving-infographic Passwords are an integral component of security hygiene, but beyond password strength requirements, it’s largely a user-driven initiative. The Digital Guardian surveyed 1,000 internet users to gain some insight into current password habits, how frequently users implement best practices for password hygiene, what methods users rely on to remember the abundance of passwords they manage, and other details that shed some light on the current state of password hygiene.

Ghosthook Attack Bypasses Windows 10 Patchguard

https://threatpost.com/ghosthook-attack-bypasses-windows-10-patchguard/126462/  A bypass of PatchGuard kernel protection in Windows 10 has been developed that brings rootkits for the latest version of the OS within reach of attackers. Since the introduction of PatchGuard and DeviceGuard, very few 64-bit Windows rootkits have been observed; Windows 10’s security, in particular its mitigations against memory-based attacks, are well regarded. Researchers at CyberArk, however, found a way around PatchGuard through a relatively new feature in Intel processors called. The bypass, which has been nicknamed GhostHook, is a post-exploitation attack and requires an attacker already be present on a compromised machine and running code in the kernel. As a result, Microsoft said it will not patch the issue, but may address it in a future version of Windows, CyberArk said.

LEAVE A REPLY