2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.
WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.
December 21, 2018.
By the CyberWire staff
Authorities in the Five Eyes yesterday said, in coordinated announcements, that China's Ministry of State Security had attacked managed service providers with a view to using the MSPs' as an avenue of approach into their customers' enterprises (Washington Post). They didn't say which MSPs were so attacked (the campaign is the one known for some time as Operation Cloudhopper) but Reuters reports that its sources say IBM and Hewlett Packard Enterprise were two of the them. IBM says its customers weren't harmed, and HPE has declined comment.
For its part China has dismissed the allegations as "slander" (Reuters), but it seems increasingly likely that Beijing won't find many takers in the developed world for its claims of innocence and ill-use. (Tu quoque maybe, but even that's stretching it.)
Blind, the anonymous social networking app that had appealed to whistleblowers, malcontents, and others who wished to discuss their employers without fear of retribution, proves to be less blind than thought. One of its servers was left exposed, without so much as password protection (TechCrunch).
Companies continue to suffer social engineering attacks from criminals working through Google cloud (ZDNet). The tactic is believed to help them cover their tracks and lend credibility to their come-ons (Dark Reading).
Today's issue includes events affecting Australia, Bangladesh, Canada, China, Iran, New Zealand, Russia, Saudi Arabia, Singapore, United Kingdom, United States.
A note to our readers: the CyberWire takes its annual holiday break next week, with Christmas and New Year's Day coming up. This is our last Daily News Briefing for 2018. We'll resume regular publication on January 2nd, in the new year. Our best holiday wishes to all of you, and thanks for reading.
How Are You Responding to Threats? Find Out Now in the SANS 2018 Incident Response Survey
What new and continuing threats were uncovered in investigations and how are organizations dealing with those threats? In this SANS 2018 Incident Response Survey, learn how IR teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment. Find out how they have structured their incident response functions, what systems they’re conducting investigations on, the threats they’re uncovering and how they're uncovering them. Then apply these findings in your 2019 programs.
Later in this same CyberWireX podcast we'll hear from Jason Hart, CTO for enterprise and cybersecurity at Gemalto, the program sponsor.
Cyber Security Summits: 2019(United States, January 1 - December 31, 2019) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Darktrace and more at the 2019 Cyber Security Summits. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).
DreamPort Event: The Red Hat OpenShift Container Platform Bootcamp(Columbia, Maryland, United States, January 3, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting the Red Hat OpenShift Container Platform Bootcamp. This is all about Containers, DevOps, & Agile Development. Attendees will learn, hands on, how to create, develop, use, deploy, and access containers as DevOps & Agile Development tools.
Rapid Prototyping Event: The Wolf in Sheep's Clothing(Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.
Russian Operation Targeted U.S. Business Owners (Wall Street Journal) The Russian operation to influence Americans through social media included an effort to convince business owners to buy into a marketing campaign and turn over private information.
What if your VPN is spying on you?(Mighty Gadget Blog: UK Technology News and Reviews) A VPN is supposed to keep you safe online. But what if the VPN itself is compromised? Free and bundled VPNs aren’t always all they’re cracked up to be. And
Why is my laptop fan so loud? Malware could be to blame(Security Boulevard) Has your laptop started running hotter than usual? Find out why your laptop is overheating and what you can do to fix the problem. The post Why is my laptop fan so loud? Malware could be to blame appeared first on Emsisoft | Security Blog.
Maybe we have the cybersecurity we deserve(CSO Online) Companies have focused more on making the consumer recovery process from fraud and data breaches easier than on better security. Most people seem OK with that.
Up Next for Huawei: a Cybersecurity Push | PYMNTS.com(PYMNTS.com) In a rare press conference inside its Dongguan facilities, Huawei Technologies said it would spend $2 billion over the next five years to concentrate on cybersecurity initiatives, according to a report by Reuters. This would include hiring more people and enhancing lab operations, as the company tries to counteract some of the negative publicity that’s […]
DEVCON Raises $4.5M to Fight Growing Epidemic of Cyber Fraud and Ad Theft(AP NEWS) DEVCON , a cybersecurity software company dedicated to defeating ad fraud and preserving independent journalism, today announced it has closed a seed round of funding led by Las Olas VC with participation from individual investors including Paul Judge, cofounder of TechSquare Labs and executive chairman of Pindrop, and Adam Ghetti, founder of Ionic Security. The round comes as DEVCON attacks the growing epidemic of global ad fraud and theft, a problem estimated to account for $19 billion in losses this year, ballooning to $44 billion by 2022.
Needham: Zscaler heading for $1B in reveneu; ZS +2%(Seeking Alpha) Needham reiterates Zscaler (NASDAQ:ZS) at Strong Buy and a $47.50 target after meeting with the company.Analyst Alex Henderson says ZS "is poised to be a major leading cloud security company"
Avast and Wind Tre Join Forces to Provide Parental Control Apps to Families in Italy(AP NEWS) Avast (LSE:AVST), the global leader in cybersecurity products, today announced the market launch of the new Wind Family Protect application in Italy. Avast and Wind Tre, a top Italian mobile operator and among the main operators in the fixed-line market, partnered to create a simple and effective app that helps parents manage their children’s access to the internet and keeps track of their whereabouts.
CynergisTek and Protenus Join Forces as Partners to Protect Patient Privacy(AP NEWS) \CynergisTek, Inc. (NYSE AMERICAN: CTEK), a leader in healthcare cybersecurity, privacy, and information assurance, today announced it has formed a preferred partnership with Protenus, a healthcare compliance analytics platform that protects patient privacy, to help health systems nationwide enhance patient privacy monitoring programs.
Is quantum computing a cybersecurity threat?(San Francisco Chronicle) Cybersecurity researchers and analysts are rightly worried that a new type of computer, based on quantum physics rather than more standard electronics, could break most modern cryptography. The effect would be to render communications as insecure as if they weren’t encoded at all. Fortunately, the threat so far is hypothetical. The quantum computers that exist today are not capable of breaking any commonly used encryption methods.
Better security achieved with randomly generating biological encryption keys(ScienceDaily) Data breaches, hacked systems and hostage malware are frequently topics of evening news casts -- including stories of department store, hospital, government and bank data leaking into unsavory hands -- but now a team of engineers has an encryption key approach that is unclonable and not reverse-engineerable, protecting information even as computers become faster and nimbler.
Securing the Internet of Things(The National Law Review) The ‘Internet of Things’ (‘IoT‘) – a rather vague collective term for the random mix of new technology which has now infiltrated our lives. In simple terms, it is the gro
CISA Focusing on Foreign Cyber Threats(Meritalk) The newly-named Cybersecurity and Infrastructure Security Agency (CISA) has been elevated within the Department of Homeland Security (DHS), and one of the biggest priorities for the agency will be responses to cyber threats from other nations, as a senior CISA official discussed on Sunday’s episode of Government Matters.
'Multidomain Operations 1.5' expands cyber support program(InsideDefense.com) The Army's new "Multidomain Operations 1.5" concept will expand the work of Army Cyber Command's Cyberspace Electromagnetic Activities Support to Corps and Below program, but will not necessarily change its mission, according to the program's director.
Feds Charge Three in Mass Seizure of Attack-for-hire Services(KrebsOnSecurity) Authorities in the United States this week brought criminal hacking charges against three men as part of an unprecedented, international takedown targeting 15 different “booter” or “stresser” sites — attack-for-hire services that helped paying customers launch tens of thousands of digital sieges capable of knocking Web sites and entire network providers offline.
Danske Case May Turn Out to Be Hybrid Warfare, Estonia Says(Bloomberg) One of Europe’s largest money-laundering scandals centered around the Estonian branch of Danske Bank A/S could be a type of hybrid warfare waged by the Baltic nation’s former Soviet master Russia. Estonia’s definition of money laundering should change, because it doesn’t allow for a proper response to laundering "condoned or organized by an unfriendly third country,” the government said in a report published Thursday. It cited research "showing Russia’s new tools for increasing tensions in the Baltic Sea region.”
Former Ga. candidate for governor indicted(ajc) State Sen. Michael Williams, who waged an unsuccessful and at times incendiary campaign for governor this year, was indicted this week in Hall County, apparently stemming from allegedly false report he made saying computer servers were stolen from his campaign office.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Industry 4.0 - Industrial Cyber Security and Industrial IoT(Chicago, Illinois, USA, September 23 - 24, 2019) The emergence of new digital industrial technology is a transformation to gather and analyze data across machines enabling faster, more flexible, and more efficient processes to produce higher-quality...
SINET Global Institute CISO Series(Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...
CPX Asia 360 2019(Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...
CPX Americas 360 2019(Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.