IT Security News Blast 01-22-2018

Cybersecurity SOC as a Service

Lack of cyber workers is the forcing function for shared services

“[T]he establishment of a SOC-as-a-service (SOCaaS) capability is essential to ensure appropriate enterprise-wide visibility, incident discovery and information sharing among federal agencies. Such a capability would allow agencies currently lacking such capabilities to purchase them from those agencies with sufficient capacity to offer such a service. This could allow for the creation of specialized offerings,” the report states.

https://federalnewsradio.com/ask-the-cio/2018/01/lack-of-cyber-workers-is-the-forcing-function-for-shared-services/

 

The Five Laws Of Cybersecurity

We cannot assume that anything is off the table and completely safe anymore. State-sponsored hacking is an excellent example of this. Government intelligence has been astonishing over the years in gaining access to an opponent’s systems when they were thought to be secure. Publicly, we’ve seen a series massive data breaches over the years from corporations that spend millions annually on cyberdefense strategies.

https://www.forbes.com/sites/forbestechcouncil/2018/01/19/the-five-laws-of-cybersecurity/#227b4a622265

 

New evidence reportedly puts North Korean hackers behind a list of high-stakes bitcoin heists

  • North Korean hackers have been linked to recent attacks on a South Korean cryptocurrency exchange.
  • US cyber-security firm Recorded Future analyzed methods used in recent cryptocurrency attacks and noticed a trend.
  • The malware is linked to a North Korea-tied hacking unit called Lazarus.
  • The report comes amid recent allegations that North Korea is mining and hacking cryptocurrencies as a way to deal with crippling economic sanctions.

http://www.businessinsider.com/north-korea-lazarus-group-behind-cryptocurrency-cyber-attack-wannacry-sony-2018-1

 

A New Breed of Cyberattack Uses Remote-Control Malware to Sabotage Industrial Safety Systems

As Cyberscoop reports, deeper analysis of the attack reveals that hackers used a new kind of flaw to take control of the plant’s safety systems. More worrying, it’s the first time a so-called remote-access trojan, which provides hackers with the ability to sabotage systems from across the Internet, has hit a safety system in an industrial facility.

https://www.technologyreview.com/the-download/610022/a-new-breed-of-cyberattack-uses-remote-control-malware-to-sabotage-industrial/

 

OnePlus Confirms Credit Card Breach Impacted Up to 40,000 Customers

“One of our systems was attacked, and a malicious script was injected into the payment page code to sniff out credit card info while it was being entered,” the company said. “The malicious script operated intermittently, capturing and sending data directly from the user’s browser. It has since been eliminated. We have quarantined the infected server and reinforced all relevant system structures.”

https://threatpost.com/oneplus-confirms-credit-card-breach-impacted-up-to-40000-customers/129569/

 

DC: Shutting down cybersecurity?

As reported by Jessie Bur in the Federal Times, Congress’s bad habit of funding operations through “continuing resolutions”—instead of through budgets that cover entire fiscal years—strains agencies’ ability to make sound decisions about acquiring cybersecurity technology. As a representative of the IT industry—admittedly, not a disinterested observer—recently said in congressional testimony, “Agencies cannot begin to spend dollars until they are appropriated.”

https://thebulletin.org/dc-shutting-down-cybersecurity11441

 

Defense Dept. blocks 36M malicious emails daily, fends off 600 Gbps DDoS attacks

The agency also has thwarted distributed denial of service (DDoS) attacks as large as 600 Gbps “on internet access points, and unique and different ways of attacking us we hadn’t thought of before,” some of which are classified[.] […] The Pentagon anticipates the size of DDoS attacks to grow. “We call it the terabyte of death looming outside the door,” the report quoted Lynn as saying. “We’re prepared for it. It’s just a matter of time before it hits us.”

https://www.scmagazine.com/defense-dept-blocks-36m-malicious-emails-daily-fends-off-600-gbps-ddos-attacks/article/738292/

 

Will U.S. Corporations Ever Take Cybersecurity Seriously?

The likelihood of the proposed legislation being passed is about zero. No one should be surprised, either. The current administration isn’t particularly interested in increasing business regulation; to be fair, given the numerous past massive data breaches, previous administrations, both Republican and Democrat, weren’t overly aggressive in applying the plethora of existing legislation to penalize companies for data breaches.

https://spectrum.ieee.org/riskfactor/computing/it/will-us-corporations-ever-take-cybersecurity-seriously

 

There are other, legal ways to nab Microsoft emails, privacy groups remind Supremes

In briefs filed in the long-running dispute, IBM and international campaign groups argued that the government does have other ways of gaining the information. […] The brief said there was no existing case law that directed the result, and pointed out that there are established government-to-government channels for transfer of personal data to law enforcement, called mutual legal assistance treaties (MLAT).

https://www.theregister.co.uk/2018/01/19/microsoft_data_centre_privacy_international/

 

Can Russian cyber meddling be stopped?

To address the problem, Watts recommended social media companies verify the authenticity of their users. “Account anonymity today allows nefarious social media personas to shout the online equivalent of ‘fire’ in a movie theater,” Watts said in his written testimony. He also suggested pulling the plug on “social bots” that can broadcast high volumes of misinformation. They “can pose a serious risk to public safety and when employed by authoritarians a direct threat to democracy,” he said.

https://gcn.com/articles/2018/01/18/cyber-meddling.aspx

 

Fighting cyber crime with neuro-diversity

The key to success is diversity of talents and perspectives. This includes neurological diversity, such as that represented by those with autism, Asperger syndrome, and attention-deficit disorder. People with Asperger syndrome or autism, for example, tend to think more literally and systematically, making them particularly adept at mathematics and pattern recognition – critical skills for cyber security.

http://www.gulf-times.com/story/578820/Fighting-cyber-crime-with-neuro-diversity

 

China flaunts quantum key distribution in-SPAAACE by securing videoconference

In a paper published at Physical Review Letters, Liao Shengkai of University of Science and Technology of China and other researchers describe the experiment in which they passed quantum-created keys between Xinglong and Graz in Austria. […] The Chinese experiment demonstrated communication with transmitted images, and followed that up with a 75-minute videoconference on 29 September 2017 secured with quantum-distributed keys.

https://www.theregister.co.uk/2018/01/22/china_flaunts_its_qkdinspaaace_by_securing_videoconference/

 

Facebook and WhatsApp malware attack is yet another stark reminder: Be wary of links

[Professionals] of all persuasions are making poor clicking decisions: military personnel, medical professionals, journalists, lawyers, and universities. The perpetrators of this recently uncovered hacking scheme have been dubbed “Dark Caracal” by the report, and the cybersecurity researchers present compelling evidence that the group has been operating out of a building in Beirut, Lebanon (which happens to be owned by the Lebanese General Directorate of General Security) since 2011.

http://mashable.com/2018/01/19/dark-caracal-hackers-phish-whatsapp-and-facebook-accounts/

 

Six More Years of Surveillance

While the surveillance system hasn’t morphed into the Orwellian nightmare that critics fear—and has served its purpose as an effective anti-terror tool—the legal safeguards penning it up still feel flimsy. And as the Senate’s privacy hawk, Ron Wyden (D-Or), has pointed out, the system is too powerful for Congress to simply sign off on for another six years. The upshot is that Americans will have to rely on the same opaque legal procedures to keep Big Brother at bay for the foreseeable future.

http://fortune.com/2018/01/20/six-more-years-of-surveillance/

 

NSA deleted surveillance data it pledged to preserve

The National Security Agency destroyed surveillance data it pledged to preserve in connection with pending lawsuits and apparently never took some of the steps it told a federal court it had taken to make sure the information wasn’t destroyed, according to recent court filings. […] “NSA senior management is fully aware of this failure, and the Agency is committed to taking swift action to respond to the loss of this data.”

https://www.politico.com/story/2018/01/19/nsa-deletes-surveillance-data-351730

 

America restarts dodgy spying program – just as classified surveillance abuse memo emerges

Just hours after the section 702 program was given the final green light before the president can sign on the dotted line, the Senate’s intelligence committee approved the release of a confidential four-page memo alleging previous abuse of the FISA spying program to the rest of Congress. The public is unable to see it. The mysterious missive was drafted by House intelligence committee chairman Devin Nunes (R-CA), and of course it could be looney-tunes nonsense.

https://www.theregister.co.uk/2018/01/19/us_congress_section_702_fisa_memo/

 

Crackas with Attitude’ hacker posed as CIA Chief to access secret data

The notorious group also managed to compromise JABS (Joint Automated Booking System), which is a secret portal responsible for managing federal arrests records of law enforcement agencies. JABS has data in relation to all the arrests carried out by FBI and also holds the records from Internet Crime Complaint Center and the FBI’s Virtual Command Center.

https://www.hackread.com/crackas-with-attitude-hacker-cia-chief-secret-data/

 

Hacker Infects Gas Pumps with Code to Cheat Customers

Authorities in Russia have broken up a widespread scheme involving dozens of gas-station employees who used software programs on electronic gas pumps to con customers into paying for more fuel than then actually pumped into their tank. The scam shorted customers between 3-to-7 percent per gallon of gas pumped. […] Under the arraignment, both gas-station employees and Zayev received a cut of the money customers overpaid for gas.

https://threatpost.com/hacker-infects-gas-pumps-with-code-to-cheat-customers/129599/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.