Public Sector Cybersecurity Weekly Briefing 03-09-2018

German Government Hack Was Part of Worldwide Campaign: Sources
A powerful cyber attack on Germany’s government computer network was part of a worldwide campaign likely carried out by a Russian hacker group known as Snake, sources briefed on the incident said on Friday.  […] German media reported that the attackers installed malicious software on 17 computers, including one that belonged to a defense ministry official who was seconded at the time to the foreign ministry.  […] It said the attack was targeted at Ukraine and other former Soviet republics, countries in South America, the Baltic states and Scandinavia.


The Iranian Cyberthreat
On one hand, most analyses describe the Middle Eastern republic’s offensive cyber capabilities as fractured, decentralized, and inferior to those of the U.S., Russia, and China. On the other hand, Iran’s cyber forces are known to be persistent and opportunistic, and have become adept at infecting sloppy organizations whose employees and IT professionals don’t follow recommended security practices.


Millions of Office 365 Accounts Hit with Password Stealers
In this case, users are hit with the password stealer when they download and open the malicious document. When the document opens, a macro inside launches PowerShell, which acts in the background while the victim views the document. […] “What they do is they rotate the content of the email; they rotate sender information,” he continues. Signature-based systems won’t catch these messages because changing the characteristics of malicious emails changes their fingerprint.


US Senator Grills CEO Over the Myth of the Hacker-proof Voting Machine
Exhibit A in the case built by freelance reporter Kim Zetter was an election-management computer used in 2016 by Pennsylvania’s Venango County. After voting machines the county bought from Election Systems & Software were suspected of “flipping” votes―meaning screens showed a different vote than the one selected by the voter―officials asked a computer scientist to examine the systems. The scientist ultimately concluded the flipping was the result of a simple calibration error, but during the analysis he found something much more alarming―remote-access software that allowed anyone with the correct password to remotely control the system.


German Government Hacked 
“The alleged Russian cyberattack on the German government is the latest in a long line of cyber war and espionage events, with the German government reported to be hacked by Russians twice in the past three years. These continued cyberattacks teach us that the world is simply not prepared for cyberwarfare. With so much of our life and critical infrastructure online, it’s difficult to imagine the sheer magnitude of potential ways we could be attacked.



Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.