No Silver Bullet Will Kill
Puny but Gaining Power
Forum Hack Could Be Pain in the Butt for Troops
Year 2020 ... How is Your Cybersecurity?
Cyber Security News
about the Cyber
Security News update
The Cyber News Update is an
activity of the Cyber Research Center - Industrial Control Systems and
intended to reach out to all Cyber Security Professionals interested in
industrial / critical infrastructure threats, protection &
resilience. For more information visit the CRC-ICS website at www.crc-ics.net or www.cyber-research-center.net
May 20, 2016
Time spent on
compliance might be better spent actually doing something about security.
You want perfect data security? Dream on.
The need to protect corporate and personal
information from unauthorized and possibly nefarious eyes was front and
center this week at the MIT Sloan CIO Symposium in Cambridge, Mass.. But
experts failed to agree about whether the forces of good are prevailing
against the bad guys or even whether breaches are increasing—or are just
more public than in the past.
There was consensus among C-level executives,
however, that the hassle of complying with regulations actually diverts
resources that could be better spent bolstering security.
Regulations with a security component include
broad measures like the Sarbanes-Oxley Act governing corporate financial
disclosures and Payment Card Industry rules for credit card transactions.
But there are also a raft of mandates targeting specific industries.
Examples include the Health Insurance Portability and Accountability Act
or HIPAA covering health and medical information and the Federal
Information Security Management Act that protects federal data and assets
from “man-made threats.”
Add to that a welter of regulations from various
states and foreign jurisdictions and you can see how the workload might
get out of hand.
“Our security people spend 60% of their time
optimizing documentation and 40% of their time doing the work,” said
Anthony Christie, chief marketing officer for Level 3 Communications LVLT
-0.06% , the big telecommunications company.
chief information officer of NutriSavings,
Companies like NutriSavings,
which works with businesses to encourage healthy diets for employees,
rely on customers sharing data. But constant talk about breaches damages
the trust consumers have in that process, Jetly
said. “We have to stop these breaches but the regulations are not
helping. We preach technology as CIOs, but we spend most of our time on
It is important not to confuse complying with
security regulations with actual safety, added Roota
Almeida, head of information security for Delta Dental of New Jersey.
“Compliance does not equal security. Compliance plus X, Y, Z may equal
security, but you need to do a lot of things after you’re compliant.”
Get Data Sheet, Fortune’s technology newsletter.
The fact that more data is being generated and
collected—from appliances and cars bristling with sensors as well as cell
phones and fitness devices—in the emerging Internet of things is raising
the stakes for data security.
When company employees working at home access
corporate networks via the same Wi-Fi that connects their refrigerators,
Xboxes, and Nest thermostats, they could be exposing corporate assets to
a whole new range of threats, said Ryan Mallory, vice president of global
solutions architects for Equinix EQIX 0.24% ,
the big data center provider.
In that scenario, you have to trust that LG
protects your refrigerator, Microsoft MSFT -0.79% protects your Xbox and
Google GOOGL -0.59% protects your Nest. “That’s a lot of trust,” Mallory
Cyber Thieves are Exploiting the Backbone of
Perhaps it’s best to isolate the threat. Instead
of building one big castle surrounded by one big moat, maybe a thousand
little separately moated castles would be better.
Since it’s hard to prevent compromised hardware,
it’s best to limit what a malicious person can do if that piece of
hardware is compromised, said conference attendee Paddy Srinivasan,
general manager and vice president of Xively
LOGM -0.39% , an Internet of things technology company.
“We advise product manufacturers to limit the
surface area of exposure to minimize the threat,” he said. “With a
compromised device, it would be really bad if the hacker can listen to or
communicate with other devices on the same network. If the only thing the
hacker can do is spoof that particular device alone, then damage is a lot
As to whether the cybersecurity situation in
general has gone down hill over the past few
years and whether the balance of power will shift in favor of the good
guys going forward, there were a lot of opinions.
“Why does it look worse? The simple answer is
because it is,” said Mark Morrison, chief information security officer
for financial services firm State Street, STT -0.36% . He cited the
changing demographic of attackers. Hackers started out mostly as
individual actors trying to get famous or make a point but then morphed
into organized criminals trying to steal money. But more recent attacks
have come from ideological nation states and that is a change for the
worse, he said.
“We’re not dealing with War Games and the guy in
the basement any more, ” Morrison said.
Having said that, Morrison thinks things will
improve going forward since IT professionals and the public at large are
now more attuned to cybersecurity risks.
“This is an evolutionary process and it will get
better. We’re growing at a faster rate than our adversaries.”
say whether it’ll be better or worse but it’ll be very different. With
the Internet of everything, the threats and the attack surface will be
10, 100 times bigger than it is now. And the type of information
available five years from now will be different, Things will be very
different but not necessarily better.”
For one thing, she stated, hackers now realize
how valuable protected health information is and are targeting it more.
If a thief gets a credit card number the card can be cancelled, “But if I
lose private information, X-rays, fingerprints, those things don’t
change. It’s hard to get private again.”
More info http://fortune.com/2016/05/20/no-cure-for-cybersecurity-threats/
ISIS Cyberthreat: Puny but Gaining Power
May 20, 2016
The Islamic State group's cyberwar capabilities
are unsophisticated, but they won't be that way for long.
That was the conclusion of a 25-page report
released last week by Flashpoint.
The report, "Hacking for ISIS: The Emergent
Cyber Threat Landscape," found that the Islamic State's
"overall capabilities are neither advanced nor do they demonstrate
However, the severity of the attacks by the
groups supporters isn't likely to remain unsophisticated, it added.
"Their capability of hacking military or
NSA servers in the United States is far-fetched, but it's not completely
impossible," said Laith Alkhouri, Flashpoint's director of Middle East and
North Africa research and one of the authors of the report.
"Concern is high, not because they have
sophisticated hacking skills but because they're utilizing multiple ways
of bringing in new talent, utilizing all the freely available tools
online, trying to utilize malware that's already available and building
their own malware," he told TechNewsWorld.
ISIS lacks the organization and skills of other
cyber adversaries of the United States, noted another author of the
report, Flashpoint Director of Security Research Allison Nixon.
"Chinese and Russian hackers are organized
criminal gangs or nation-state supported groups," she told TechNewsWorld. "They're highly educated, highly
skilled. They use custom malware and custom tools."
"On the other hand, ISIS supporters are
more like script kiddies or hactivists. They
have a low level of sophistication and engage in behavior patterns and
use toolsets that we would see in any other attention-seeking
group," Nixon continued.
"They're using open source tools and very
old public exploits," she said. "They're only capable of
hacking sites that aren't very well maintained in the first place."
Although ISIS hackers have some similarities to hactivists, they differ from them in at least one
very important way. "Hacktivists don't threaten physical violence,"
Nixon said. "Physical violence is an important part of ISIS
"They're interested in translating these
online threats into physical attacks," she added.
Attacks of Opportunity
The hacking tools of ISIS cyberwarriors
are almost invariably going to be taken from publicly available open
source projects because of the ease of obtaining such tools along with
the fact that they can often be used successfully, the report noted.
Developing proprietary tools would require
significant effort and resources to create a completely private toolset
that is on par, or better than, what is already available publicly, it
Of course, actors may modify this publicly
available software or write simple scripts, but it is unlikely these
groups are building software from the ground up for their supporters to
use, the report said.
"As pro-ISIS cyber
attacks and capabilities have gradually increased over time but
remained relatively unsophisticated, it is likely that in the short run,
these actors will continue launching attacks of opportunity," it
"Such attacks, include finding and
exploiting vulnerabilities in websites owned by, for example, small
businesses, and defacing these websites. Other attacks may include DDoS
attacks," the report continued.
are demonstrating an upward trajectory, indicating that they will
continue to improve and amplify pre-existing skills and strategies, the
Such a trend was exemplified by the recent
merger of multiple pro-ISIS cybergroups under
one umbrella: the United Cyber Caliphate.
"We're starting to see these groups
coalesce their brand. They're increasing their ranks in number. They're
increasing their ranks in skill. They're increasing their ranks in
languages, which means they're increasing the channels on which they
operate and which they distribute their claims of responsibility," Alkhouri noted.
"That means they have a much more powerful
message and a more robust structure than before," he continued.
"They are coalescing their ranks to become a hacking a
The United States isn't ignoring the growing
threat of ISIS in cyberspace. A new campaign was designed to disrupt the ability
of the Islamic State to spread its message, attract new adherents,
circulate orders from commanders and carry out day-to-day functions, like
paying its fighters, according to a news report published last week.
While the Pentagon hasn't been shy about letting
ISIS know U.S. cyberforces will be gunning for
it, details have been in short supply.
"There doesn't seem to be any specifics on
what they intend to do or how they intend to carry it out," said
Lawrence Husick, co-chairman of the Foreign
Policy Research Institute's Center for the Study of Terrorism.
"It may be as something as simple as
finding some servers and executing an automated attack on those
servers," he told TechNewsWorld, "or
it may be something more complicated, like the use of directed malware or
the disruption of encrypted channels used by ISIS on the dark Web."
Given how the military likes to keep its cyber
cards close to its BDUs, it's a bit unusual that it's saying anything at
all about its plans for ISIS. "I'm not sure why they chose to talk
about it," said Richard Stiennon, author
of There Will Be Cyberwar.
"It's better to take advantage of your
ability to intercept and spoof messages without telling your adversary
about it," he told TechNewsWorld.
However, there could be a domestic angle to the
Pentagon's bravado about its cyberwar efforts. "There's a desire by
the branches for more dollars from Congress for their cyber
programs," Stiennon said.
On the other hand, prying money from Congress
for cyber initiatives doesn't seem to be a problem. "For many years,
Congress has pretty much given the military everything that it wants in
the way of cyber," Husick said.
"That's one area of the budget where they have really not had any
problem at all."
The Pentagon's announcement of a cyber campaign
could be an effective weapon against ISIS. "Deception and disruption
are part of the game of warfare," he said. "There are times
when you say something and do nothing, and there are other times when you
do something and say nothing."
"They may be trying to get into the head of
ISIS," said retired Rear Adm. James Barnett, head of the
cybersecurity practice at Venable.
Nevertheless, he doesn't think the Pentagon is
bluffing when it says it's going to escalate the cyberwar with ISIS.
"We may not hear about the operations for
months, but at some point we'll hear about a coordinated strike, either
in combination with conventional forces or something significant in
cyberspace," he told TechNewsWorld.
Read more at http://www.technewsworld.com/story/83468.html
May 13, 2016.
Instead of using a
private email address to gain access to the bowels of the Internet, some
members of the U.S. military apparently used their work accounts.
Three us.army.mil email
addresses are associated with accounts on a sexual fetish forum,
according to the security expert who revealed the breach this week. Email
addresses belonging to the Polish military and Brazilian government are
The breach of
RoseButtBoard.com, a site dedicated to “extreme anal dilation and anal
fisting,” is attributed to a gaping security hole caused by outdated
software, which allowed a hacker to access account information on more
than 100,000 users.
Vice News first
reported the hack on Tuesday, after Australia-based web security expert
Troy Hunt took steps to verify the authenticity of records for 107,303
Hunt provided to U.S.
News information about the .gov or .mil
accounts involved, six in total, but did not provide the specific
addresses, saying he personally avoids looking at individual account
information for privacy reasons.
The U.S. Army indicated
in a statement that using military email to register for a fisting forum
would be improper. Federal communications systems including email “can be
used for official and authorized purposes only,” the statement says.
The guidelines are laid
out in Army Regulation 25-2, which bans personal use of government
resources involving "pornography or obscene material,” as well as
“transmission of chain letters” and online gambling.
misconduct is inconsistent with these regulations and policies, and with
the values Army professionals are obligated to uphold," the Army
says. "The Army remains committed to ensuring all of our personnel
use government communication systems appropriately, and to preventing and
addressing actions inconsistent with these policies."
number of government email addresses is significantly smaller than the
roughly 15,000 Ashley Madison accounts registered to an address ending in
.mil or .gov. That hack last year exposed an enormous number of people
looking to have an affair, including “traditional marriage” campaigner
says affected email addresses belong to subscribers of
haveibeenpwned.com, a site he maintains that allows people to see if they
are affected by hacks. The addresses won’t be publicly searchable on that
site, but can be checked by the verified owner of an email address -- a
treatment given to Ashley Madison records and those from a handful of
other hacked sites, including Adult Friend Finder and Naughty America.
Hunt says curious people could learn if an email address is registered to
an account on the fetish site by entering it with the forum’s password
leaked account information includes usernames, email addresses, IP
addresses and passwords.
data was sent to me by someone who trades in data breaches,” says Hunt,
who authors web security courses and has repeatedly been recognized by
Microsoft for his industry contributions. “This is often the way; data is
hacked from systems then shared within select groups of people until
someone eventually then sends it to me, too.”
email seeking comment from the fetish forum’s administrator did receive a
response. Most of the site’s discussion board are inaccessible to
a review of the site content it’s unclear if the average forum user risks
any legal consequences, though members of the military are not free to do
what they please in their personal lives. Military law, for example,
still criminalizes adultery.
Army isn't alone in having employees potentially misuse online resources.
At federal agencies, in fact, there have been well-paid bureaucrats
caught watching pornography. Federal workers theoretically could lose
their jobs for doing so, but the resolution of such cases sometimes is
unclear or can be prolonged. The Environmental Protection Agency’s inspector
general reported last year that two employees earning $120,000 were
caught watching porn on the job and were given paid administrative leave
for nearly a year before attempts were made to fire them. One of the EPA
workers retired, the other remained on paid leave at the time of public
More Info http://www.usnews.com/news/articles/2016-05-13/fisting-forum-hack-bad-news-for-military-users
May 2, 2016.
What if, in 2020,
wearable devices did not care about how many steps you took, and instead
were concerned with your real-time emotional state? With networked devices
tracking hormone levels, heart rates, facial expressions, voice tone and
more, the internet could become a vast system of “emotion readers,”
touching the most intimate aspects of human psychology. What if these
technologies allowed people’s underlying mental, emotional and physical
states to be tracked – and manipulated?
blackmail, “revenge porn” or other motives, cybercriminals and hostile
governments in this world would find new ways to exploit data about
emotion. The terms of cybersecurity would be redefined, as it became more
important for people to manage and protect how their emotions and mindsets
appeared to the monitors.
This is just one
of several potential future cybersecurity scenarios dreamed up by a group
of multidisciplinary experts recently. Here at the Center for Long-Term
Cybersecurity, we asked them to think about what we could see happening in
the near future of 2020. These are not predictions – it’s impossible to
make precise forecasts about such a complex set of issues. Rather, the
scenarios paint a landscape of future possibilities, exploring how emerging
and unknown forces could intersect to reshape the relationship between
humans and technology – and what it means to be “secure.”
And they raise
pressing questions we should consider today as we lay the groundwork for a
secure information technology environment in the future: how might
individuals function in a world when they are no longer able to ignore the
fact that literally everything they do online will likely be hacked or
stolen? How could the proliferation of networked appliances, vehicles and
devices transform what it means to have a “secure” society? What would be
the consequences of almost unimaginably powerful algorithms predicting
individual human behavior at the most granular scale?
At the heart of
our approach is scenario thinking, a proven methodology for identifying
important driving forces and unexpected consequences that could shape the
future. This approach often leads to more questions than answers, but what
we identify can help guide us toward solutions as society and technology
In our scenario
about emotion-sensing, for example, many questions arise:
How might biosensing technologies evolve, and what would be the
effect of having sensors tracking massive numbers of individuals' emotions
and mental states?
How will people
respond when their most private and intimate experiences are understood by
the internet better than they themselves understand them?
How might virtual
reality, sentiment analysis, wearable devices and other “sensory”
technologies intersect with domains such as marketing, politics and the
What are the
potential cybersecurity risks and benefits that could come with the
proliferation of sensors capable of capturing and interpreting emotions?
interdisciplinary group of experts on computer science, political science,
neuroscience and other areas came from universities, the private sector,
nonprofits and governments. They helped us develop that scenario, and four
others, for the year 2020.
imagine that two decades after the first dot-com bust, the
advertising-driven business model for major internet companies has fallen
apart. As overvalued web companies large and small collapse, criminals and
companies alike race to gain ownership of underpriced but potentially
valuable data assets. It’s a “war for data” under some of the worst
possible circumstances: financial stress and sometimes panic, ambiguous
property rights, opaque markets and data trolls everywhere.
In this world,
cybersecurity and data security become inextricably intertwined. There are
two key assets that criminals exploit: the datasets themselves, which
become the principal targets of attack; and the humans who work on them, as
the collapse of the industry leaves unemployed data scientists seeking new
jobs. The questions that arise are difficult:
cybercriminals adapt to a more open and raucous data market?
want to prevent certain datasets from having a “for-sale” sign attached to
them, what kinds of options will they have?
What new systems
or standards could emerge to verify the legitimacy or provenance of data?
What does “buyer beware” look like in a fast-moving market for data?
What role should
government play in making markets for data more efficient and secure?
What comes next?
This is just the
beginning. In one of our other scenarios, we imagine that hackers have
become so successful that the public’s default expectation about internet
transactions flips from “we are basically safe” to “we are going to have
our data stolen.” Another looks at the potential of predictive algorithms:
if those improve to be able to predict individual behavior, all sorts of
new attacks might occur. Still another looks at the Internet of Things,
suggesting that governments may lead the way in IoT
adoption – and could become both more effective and more vulnerable as a
The world in 2020
could look very different from today. Our scenarios are designed to serve
as a starting point for conversation and debate among academic researchers,
industry practitioners, and government policymakers. We invite the public
to join us as well; please read the full-text scenarios and engage with
them on Twitter (@cltcberkeley). We look forward
to building a better cybersecurity future with you.
Read more: http://www.usnews.com/news/best-countries/articles/2016-05-02/cybersecurity-in-2020-will-the-internet-read-emotion
Latest Cyber Security
Patch as Android Qualcomm Vulnerability Impacts 60 Percent of Devices: A flaw in
mobile chip maker Qualcomm’s mobile processor, used in 60 percent of
Android devices, allows attackers to take control over a targeted phone or
tablet under specific conditions. Researchers at Duo Labs said the
vulnerability is tied to Android’s problem-plagued mediaserver,
coupled with a security hole in Qualcomm’s Secure Execution Environment
(QSEE). ThreatPost, May 19, 2016
Mobile App RunKeeper acknowledges sharing user geo-location data
with advertisers, pushes updates: RunKeeper announced Tuesday that it had found a bug in
its Android code that resulted in the leaking of users’ location data to an
unnamed third-party advertising service. The blog post came four days after
the Norwegian Consumer Council filed a complaint against the Boston
company. ars technica, May 17, 2016
PORN APPS BEHIND WAVE OF ANDROID LOCKSCREEN ATTACKS: Incidents of
Android lockscreen malware masquerading as porn
apps are a growing concern to security analysts who are forecasting an uptick
in attacks. Once infected, Android users bitten by this malware appear to
be locked out of their device and are forced to undergo a complex
extraction of the app to win back control of their phone or tablet. ThreatPost, May 14, 2016
RANSOMWARE ON THE RISE, FUELED BY DRIDEX BOTNETS: Starting in
April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave
of spam. Researchers there link the Cerber
outbreaks to the fact that attackers are now leveraging the same spam
infrastructure credited for making the potent Dridex
financial Trojan extremely dangerous. ThreatPost, May 13, 2016
IT departments to patch actively exploited critical SAP Java vulnerability: A
vulnerability in SAP Java platforms is being actively exploited, despite
having been patched in 2010, DHS reported. The alert noted three dozen
global enterprises have been breached by attackers using the unmitigated
vulnerability, which was reported by the Boston-based application security
firm Onapsis Inc. SearchSecurity, May 13, 2016
get-out-of-jail-free card for CryptXXX ransomware
victims: For the past
month, people infected with the CryptXXX ransomware
had a way to recover their files without paying the hefty $500 fee to
obtain the decryption key. On Tuesday, that reprieve came to an end. ars technica, May 11, 2016
PATCHES BRUTE-FORCE AUTHENTICATION FLAWS: Facebook on
Thursday patched a pair of vulnerabilities that enabled brute-force attacks
against Instagram passwords, and also hardened its password policy. ThreatPost, May 20, 2016
67 bugs in OS El Capitan, refreshes Safari and iTunes: Apple
yesterday updated OS X El Capitan to version 10.11.5, patching nearly 70
vulnerabilities as it began to wind down changes prior to the next
iteration launching later this year. ITWorld, May 17, 2016
Management in the Organization
Management – C Suite
Too much time
spent on compliance paperwork rather than on cybersecurity management: The need to
protect corporate and personal information from unauthorized and possibly
nefarious eyes was front and center this week at
the MIT Sloan CIO Symposium in Cambridge, Mass.. But experts failed to
agree about whether the forces of good are prevailing against the bad guys
or even whether breaches are increasing—or are just more public than in the
past. Fortune, May 20, 2016
Berkeley’s Center for Long-Term Cybersecurity: Five 2020 Scenarios
Suggest Bleak Future: Cybersecurity
is a fast-morphing technology, meaning that making any assumptions about
what will be needed six months from now is difficult at best. Yet, a group
of researchers at the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) are looking
even further ahead to the year 2020. TechRepublic, May 17, 2016
Company Probes Breach Claims: Noodles &
Company [NASDAQ: NDLS], a fast-casual restaurant chain with more than 500
stores in 35 U.S. states, says it has hired outside investigators to probe
reports of a credit card breach at some locations. KrebsOnSecurity, May 19, 2016
Then there were
117 million. LinkedIn password breach much bigger than thought: Login
credentials for as many as 117 million LinkedIn accounts have been put up
for sale online by someone who is seeking more than $2,200 for the haul, a
security researcher said. ars technica, May 18, 2016
Intellectual Property Breaches: Typically, the
measuring stick for the size and severity of a breach lies in exactly how
many personally identifiable information (PII) records were exposed. With
well-established legislation mandating transparency to customers and
citizens when their information is lost by an organization, these stats are
always made public, and such numbers are easily comparable between
incidents. DarkReading, May 12, 2016
Affected 5% of Restaurants: Wendy’s said
today that an investigation into a credit card breach at the nationwide
fast-food chain uncovered malicious software on point-of-sale systems at
fewer than 300 of the company’s 5,500 franchised stores. The company says
the investigation into the breach is continuing, but that the malware has
been removed from all affected locations. KrebsOnSecurity, May 11, 2016
Comments on Data Breach at British Retailer Kiddicare: British
retailer Kiddicare has suffered a data breach in
which the personal details of nearly 800,000 customers have been stolen.
The company said that the data had been taken from a version of its website
that had been set up for testing purposes at the end of 2015. Customers
have reported suspicious text messages that have not been sent by Kiddicare, suggesting that the hackers are using the
personal details for targeted scams. Here to comment on this news are
security experts from QA, Blancco Technology
Group and WhiteHat Security. Information Secuirty Buzz, May 10, 2016
five ‘major incidents’ of cybersecurity breaches since fall: The Federal
Deposit Insurance Corp. (FDIC) on Monday retroactively reported to Congress
that five additional “major incidents” of data breaches have occurred since
Oct. 30. FDIC also is launching “a new initiative to enhance security.” The Washington
Post, May 9, 2016
Enterprises Still Worry About Cloud Security: The notion
that the cloud is less secure than traditional networks and infrastructure
is still a fear for many despite a recent survey that found that 55% of
respondents had not experienced a cloud-related security incident in the last
12 months (survey was conducted from March – April 2016). DarkReading, May 19, 2016
dangers for CMS-based websites: Over a third
of all websites on the Internet are powered by one of these four key open
source platforms: WordPress, Joomla!, Drupal and Magento.
HelpNetSecurity, May 19, 2016
CLOUD APIS CRITICAL TO MITIGATING TOTAL COMPROMISE: When it comes
to cloud computing, APIs more or less drive everything, but in the eyes of
some researchers, existing security controls around them haven’t kept pace.
ThreatPost, May 19, 2016
Master Key to TeslaCrypt Released by Ransomware Gang: There’s rarely
good news in the world of cybercrime. But for victims of the TeslaCrypt ransomware, there’s been a surprising twist,
and one that provides relief. BankInfoSecurity, May 19, 2016
Disables Dangerous Wi-Fi Sense on Windows 10: Microsoft has
disabled its controversial Wi-Fi Sense feature, a component embedded in
Windows 10 devices that shares access to WiFi
networks to which you connect with any contacts you may have listed in Outlook
and Skype — and, with an opt-in — your Facebook friends. KrebsOnSecurity, May 18, 2016
Automatic Chrome Support For Flash: Google’s
Chrome browser will begin to display HTML5 video and animation, when
they’re available, on all but 10 websites starting in the fourth quarter of
this year. It’s another serious blow to the Adobe Flash platform. InformationWeek,
May 16, 2016
crack new version of CryptXXX ransomware: Researchers
from Kaspersky Lab have developed a method of decrypting files affected
with the latest version of CryptXXX, a malware
program that combines ransomware and information-stealing capabilities. CIO, May 16, 2016
Cyber Security in
phone logs can reveal deeply personal information, researchers find: The mass
collection of telephone records by government surveillance programs poses a
clear threat to the personal privacy of ordinary citizens, according to US
researchers who used basic phone logs to identify people and uncover
confidential information about their lives. TheGuardian, May 16, 2016
Who Will Own
Your Data If the Tech Bubble Bursts?: Imagine that
Silicon Valley’s nightmare comes true: The bubble bursts. Unicorns fall to
their knees. The tech giants that once fought to attract talented
developers with mini-golf and craft beer scramble to put out fires. TheAtlantic, May 13, 2016
Networks Gear Used by ISPs Targeted By Worm: ISP equipment
maker Ubiquiti Networks is fending off a stubborn worm targeting its
networking equipment running outdated AirOS
firmware. According to security experts, the worm is already being blamed
for crippling networking gear in the Argentina, Brazil, Spain and the
United States. ThreatPost, May 19, 2016
malware discovered in Ukraine: ESET
researchers have discovered malware that has eluded the attention of
anti-malware researchers since at least 2008. Detected by ESET as Win32/Prikormka, the malware is being used to carry out
cyber-espionage activities in Ukraine, primarily targeting anti-government
separatists in the self-declared Donetsk and Luhansk People’s Republics. ITProPortal, May 20, 2016
Kit: $100K monthly revenue installing Locky
Ransomware on vulnerable computers: The Check
Point Research team has uncovered the entire operation of one of the
world’s largest attack infrastructures. Exploit Kits are a major part of
the Malware-as-a-Service industry, which facilitate the execution of
ransomware and banking trojans, among others.
Their creators rent them to cybercriminals who use them to attack
unsuspecting users. Nuclear is one of the top Exploit Kits, both in
complexity and in spread. CheckPoint, May 17, 2016
business model vulnerable to intervention: Cybercrime may
be booming but its business model is vulnerable on many fronts, according
to a new report. ITWorld, May 17, 2016
Olympian hacking mission to test utilities, trains, telcos
for 2020 Olympics: Japan will
from next year conduct mock hacking exercises with governments including
the United States and private sector organisations ahead of the 2020
Olympic games. TheRegister, May 20, 2016
Tom Kellermann says cybersecurity vendors unable
to morph with cybercrime problem: Today’s threat
actors are more focused, funded and disruptive than ever. But the
cybersecurity defense industry is not built to
respond appropriately, says thought leader Tom Kellermann.
What are security leaders overlooking? BankInfoSecurity, May 19, 2016
One Year After
OPM Breach, KPMG Report Shows Federal Cybersecurity Continues to Struggle: Despite
repeated high-profile breaches, federal government continues to struggle
with its job of keeping personal data and public infrastructure safe. GovernmentTechnology, May 19, 2016
intelligence: Foreign hackers spying on campaigns: WASHINGTON —
The United States sees evidence of hackers, possibly working for foreign
governments, snooping on the presidential candidates, the nation’s
intelligence chief said Wednesday. Government officials are assisting the
campaigns tighten security as the race for the White House intensifies. FederalTimes, May 19, 2016
Says It Lost $12 Million in Swift 2015 Cyber Hack; Sues Wells Fargo for
Cyber-criminals stole about $12 million from an Ecuadorean bank in a 2015
heist that bears all the hallmarks of later attacks against Bangladesh’s
central bank and a small Vietnamese lender. Bloomberg, May 20,
Old ATM malware is back and infecting
machines everywhere: An old piece
of ATM malware is back, and reportedly more dangerous and harder to detect
than ever. According to security researchers from Kaspersky Labs, an
updated piece of malware dubbed Skimer has
infected numerous Windows-based ATMs across all corners of the globe. BGR, May 19, 2016
Regulators React to SWIFT Hack: Banks and
regulators have begun reviewing SWIFT-related information security
practices following the online heist of $81 million from Bangladesh Bank.
Authorities say much of that money is still missing. BankInfoSecurity, May 19, 2016
SEC Chair Says
Cybersecurity Is No. 1 Risk Facing Financial System: Cybersecurity
is the biggest risk facing the financial system, says Mary Jo White, chair
of the U.S. Securities and Exchange Commission. BankInfoSecurity, May 18, 2016
Secure the Village
intelligence sharing can help deal with cybersecurity challenges: In the
ever-shifting landscape of cyberthreats and
attacks, having access to timely information and intelligence is vital and
can make a big difference in protecting organizations and firms against
data breaches and security incidents. TechCrunch, May 15,
Forum: Fight Cybercrime Through Increased Public-Private Collaboration: The rising
incidents of cybercrime could be easily checked if the private and public
sectors learnt to trust each other and share relevant information regarding
combating the vice, experts have said. The New Times, May
investment to reach $400 million due to IoT
cybersecurity industry could see a boost in venture capital, thanks to new
threats the Internet of Things (IoT) provide to
smart homes, autonomous cars, and future factories. ReadWrite, May 19, 2016
The content of this CRC-ICS Cyber
News Update is provided for information purposes only. No claim is made
as to the accuracy or authenticity of the content of this news update or
incorporated into it by reference. No responsibility is taken for any
information or services which may appear on any linked websites. The
information provided is for individual expert use only.
Founded in 2015, the Cyber Research
Center - Industrial Control Systems is a not for profit research & information
sharing research center working on the future state of Physical &
Cyber Protection and Resilience. CRC-ICS goals are to inform industries /
critical infrastructures about the fast changing threats they are facing
and the measures, controls and techniques that can be implemented to be
prepared to deal with these cyber threats.