IT Security News Blast 3-20-2017

Information security spending to reach $90bn in 2017

According to Gartner, spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020. “The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years,” said Sid Deshpande, principal research analyst at Gartner. […] The rising number of point solutions in the security market that address detection and response is creating sprawl and manageability issues for chief information security officers (CISOs) and security managers[.]

Military demanding all defense contractors keep up pace on cybersecurity

From the largest contractors to the smallest, all have just nine months left to get up to speed on cybersecurity if they haven’t already. And if they have, some critics bet they’ve spent a lot to do so. The regulations, in the works since 2013 and in a final form since October 2016, apply to protecting covered defense information – or unclassified “controlled technical information.” […] The new regulations have teeth, said Heather Engel, Sera-Brynn’s risk management vice president.

Automating security? Robots can’t replace humans in decision loop

Security has almost reached an innovation apex where some reversion is required. For years vendors depended so much on the technological innovation of solutions for determining the existence of malware from endpoint to network and how to automate remediation, which is critical and continues to evolve. But with the automation and machine learning discussion now going a bit too far, there are discussions in the industry, in the same vein of, “Back the truck up, we still need people.”

Machine learning can also aid the cyber enemy: NSA research head

As one example, an organisation may decide to use machine learning to develop a so-called “sense of self” of its own networks, and build a self-healing capability on top of that. But what if an attacker gets inside the network or perhaps was even inside the network before the machine learning process started? “Their behaviour now becomes part of the norm. So in a sense, then, what I’m doing is that I’m protecting the insider. That’s a problem,” Frincke said.

National Security expert Mike Rogers explores the dangers of life in the digital age in World War E. [Video]

Rogers draws upon his experience at the highest levels of the intelligence community to explain why cyberspace is the new battlefield between nations, citing specific examples where China and Russia and other countries have cyber-meddled in U.S. Affairs. He details the billion-dollar-a-year business of digital extortion, one that threatens to destroy or disrupt critical infrastructure like medical and police records and even your own personal information.

Reining In Warrantless Wiretapping of Americans

Soon, there will be an opportunity to rein in some of this surveillance. In December 2017, one of the laws enabling the National Security Agency (NSA) to warrantlessly wiretap Americans’ international communications and to gather foreigners’ private messages from top Internet companies will expire. The expiration forces Congress to decide whether to renew the law, reform it, or kill it. Because the surveillance law allows spying so far afield of national security interest, critics argue that it should be markedly curtailed, or allowed to end.

Reporting ransomware attacks to the FBI: Pros and cons

Reporting ransomware attacks reflects negatively on the organization, and its customers and partners may question why it did not take sufficient measures to prevent such a breach, especially if the impact would have been significant if the ransom hadn’t been paid. If a company notifies the FBI about a successful ransomware attack against it, there’s no guarantee that the information won’t be leaked or made public in some other manner. There could be financial implications of such disclosures, especially if the company is publicly traded.

Bruce Schneier on New Security Threats from the Internet of Things

In his talk, Schneier explained this idea of a world-sized robot, created out of the Internet, that has no single consciousness, no single goal, and no single creator. You can think of it, he says, as an Internet that affects the world in a direct physical manner. This means Internet security becomes everything security. And, as the Internet physically affects our world, the threats become greater. “It’s the same computers, it could be the same operating systems, the same apps, the same vulnerability, but there’s a fundamental difference between when your spreadsheet crashes, and you lose your data, and when your car crashes and you lose your life,” Schneier said.

Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that bills itself as “the choice provider of cyber security services to the federal government” — told all employees that their W-2 tax data was handed directly to fraudsters after someone inside the company got caught in a phisher’s net. […] Among Defense Point’s more sensitive projects is the U.S. Immigration and Customs Enforcement (ICE) Security Operations Center (SOC) based out of Phoenix, Ariz. That SOC handles cyber incident response, vulnerability mitigation, incident handling and cybersecurity policy enforcement for the agency.

Challenges and implications of cybersecurity legislation

But despite the benefits that such legislation may bring to data security, the reality is that there are various tensions, positions and counterpoints, which mean that setting it up is not an easy task. In this section, we will look at some of the most significant legislation, in international terms, and some of the current and future challenges facing states, companies and users/ citizens around the world.

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

XSS is easy to test for. In fact, it is probably one of the most common vulnerability types found in software. However, XSS can be really hard to fix. When maintaining a large web application that was written 10 years ago using servlet technology, there may be thousands of places where XSS lays dormant. Newer technologies using rich, client-side user interfaces (UIs) are not spared, either.

It’s Time for America to Protect its Cyber Borders

Instead of internal reviews, moving forward, the U.S. might want to think about assembling a team of experts inclusive of U.S. government elements, academia and corporate America, and allow those parties to define a strategy unencumbered from political influence. At least then, the nation would have a clear view of what is truly possible. From there, it could make informed decisions, apply political considerations and solidify around a set of root problems, goals, objectives and tactics.

Cyber War Also Spreads Paranoia Inside Russian Tech World

Many of the specialists working in firms on the West Coast of the U.S. are of Russian origin, a country long renowned for the quality of its computer engineers and mathematicians. “On both sides of the ocean, insanity prevails nowadays,” says says Alexander Lyamin, whose Qrator Labs used to collaborate with American colleagues. “It’s hard to imagine how this confrontation will end. I thought tensions would decrease after the American election, but that’s not what’s happening. At some point, we will have to start talking to one another again.”

Judge Says Insurer Doesn’t Owe For $11M Cyberattack [Subscription]

A Georgia judge Thursday found a Great American Insurance Co. policy against computer fraud does not cover $11.4 million in fraudulent debit card redemptions made over the phone. District Court Judge William S.Duffey Jr. found InComm Holdings Inc.’s GAIC policy does not cover for losses incurred from unauthorized redemption of debit cards it administered, finding both that the redemptions were not made through computers and that the redemptions were not the direct cause of its losses.

FCC: Your cybersecurity isn’t our problem

New Trump appointee FCC Chairman Ajit Pai has suspended the agency’s consumer data privacy rules indefinitely. Before they even went into effect. He’s basically holding the safeguards underwater while two Republican-backed congressional resolutions come in for the kill. This neatly lays the groundwork for companies to spy, track and profit off our private viewing and browsing habits. You see, ad industry trade groups absolutely hated those privacy rules, which were established under former Chairman Tom Wheeler.

Russia Denies Involvement After Yahoo Cyber-Attack Charges 

The Kremlin on Thursday denied any official Russian involvement in cyber-crimes after the US indicted two FSB intelligence agents over cyber-attacks on Yahoo that compromised 500 million accounts. “As we have said repeatedly, there can be absolutely no question of any official involvement by any Russian agency, including the FSB, in any illegal actions in cyberspace,” Kremlin spokesman Dmitry Peskov told journalists.

Intelligence chairman: Justice report shows no evidence for Trump’s claims of wiretapping during campaign

The Republican chairman and ranking Democrat on the House Intelligence Committee said Sunday thatnew documents provided to Congress by the Justice Department provided no proof to support President Trump’s claim that his predecessor had ordered wiretaps of Trump Tower. “Was there a physical wiretap of Trump Tower? No, but there never was, and the information we got on Friday continues to lead us in that direction,” Rep. Devin Nunes (R-Calif.), the chairman, said on “Fox News Sunday.”

Man who triggered seizure in Newsweek’s Kurt Eichenwald on Twitter arrested by FBI

“This attack on courageous journalist Kurt Eichenwald was no different than someone who mails a bomb or someone who sends an envelope filled with Anthrax spores. It’s not the meaning of the words that was the weapon, it was the electronic communication itself that was intended to be used as a weapon that would cause a specific physical reaction to prey on the vulnerability of someone with a medical condition that made him susceptible to this sort of attack. You can’t get more cowardly than this.”

ISPs say your Web browsing and app usage history isn’t “sensitive”

“Web browsing and app usage history are not ‘sensitive information,'” CTIA said in a filing with the Federal Communications Commission yesterday. CTIA is the main lobbyist group representing mobile broadband providers such as AT&T, Verizon Wireless, T-Mobile USA, and Sprint. […] The privacy rules are unlikely to survive, as they are opposed both by the new FCC chairman, Republican Ajit Pai, and Republicans in Congress. What’s less clear is whether the FCC will have any authority over ISPs’ privacy practices after the rules are eliminated.

21 Million Decrypted Gmail, 5 Million Yahoo Accounts Being Sold on Dark Web

Last week HackRead exclusively reported on a Darb Web vendor “SunTzu583” selling millions of decrypted Gmail, Yahoo and PlayStation Network accounts. Now, the same vendor is offering a trove of data containing more of Gmail and Yahoo accounts with decrypted passwords. The total number of Gmail accounts being sold are 4,928,888 which have been divided into three different listings. All three listings contain 2,262,444 accounts including emails and their clear text passwords.

Abandoned calls clog 911 in Dallas and may have led to baby’s death [Updated]

Update on Friday, March 17: After this article published, the City of Dallas and T-Mobile said that the problem was not with “ghost calls,” in which a phone makes repeated calls to 911 without the phone’s owner realizing it, but rather with abandoned calls that occur when a caller hangs up before reaching a 911 dispatcher. These abandoned calls, combined with technology shortcomings, apparently caused the severe 911 backlogs. […] Dallas officials previously said the problem was with ghost calls, and blamed T-Mobile for not fixing it.