A Review of the Best News of the Week on Cybersecurity Management & Strategy

Russian Hackers Go From Foothold to Full-On Breach in 19 Minutes (Wired, Feb 19 2019)
A new ranking of nation-state hacker speed puts Russia on top by a span of hours.

Australia’s major political parties hacked in ‘sophisticated’ attack ahead of election (The Sydney Morning Herald, Feb 19 2019)
Prime Minister Scott Morrison has revealed that major political parties were hacked alongside the parliamentary computer network several weeks ago by a “sophisticated state actor”.

New Breed of Fuel Pump Skimmer Uses SMS and Bluetooth (Krebs on Security, Feb 21 2019)
“Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message. KrebsOnSecurity has since learned those claims simply don’t hold water.”

Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.

North Korea’s Lazarus Group Targets Russian Companies For First Time (Dark Reading, Feb 19 2019)
In an unusual development, the group known for its attacks against companies in countries viewed as geopolitical foes is now going after companies in a country considered an ally, Check Point Software says.

Palo Alto Networks to Acquire Security Automation Firm Demisto for $560 Million (SecurityWeek, Feb 19 2019)
Network security giant Palo Alto Networks (NYSE: PANW) said on Tuesday that it has agreed to acquire Demisto, a Security Orchestration, Automation and Response (SOAR) firm, in a deal valued at $560 million.

CISO’s guide to an effective post-incident board report (Help Net Security, Feb 21 2019)
To discover the dos and don’ts of how to handle the aftermath of a cyberattack, CISOs can look to the recent Marriott (do) and British Airways (don’t) post-breach responses. What these two companies did or didn’t do can inspire how CISOs approach the post-incident board report – including what information to relay, how to present it and, most important, what lessons were learned.

The Russian Sleuth Who Outs Moscow’s Elite Hackers and Assassins (Wired, Feb 21 2019)
Roman Dobrokhotov has been playing a dangerous game for a Russian reporter: identifying agents of the GRU military intelligence agency.

Toyota Australia driven offline by cyber attack, as heart hospital hit by ransomware (Graham Cluley, Feb 21 2019)
Car maker Toyota admitted earlier today that it had suffered what appears to have been a malware attack at its facilities in Melbourne, Australia that knocked out its website and other communications.

Staffing Shortage Makes Vulnerabilities Worse (Dark Reading, Feb 15 2019)
Businesses don’t have sufficient staff to find vulnerabilities or protect against their exploit, according to a new report by Ponemon Institute.

Post-Quantum Crypto Standards Aren’t All About the Math (Dark Reading, Feb 15 2019)
The industry needs to keep in mind the realities of hardware limits and transitional growing pains, according to Microsoft, Utimaco researchers.

Three reasons employee monitoring software is making a comeback (Help Net Security, Feb 15 2019)
…employee monitoring solutions have come a long way since then. Most notably, the introduction of privacy-friendly monitoring dictates that employee data rights and privacy must be protected.

Only 28% of Advisories Help Mitigate Risks (Infosecurity Magazine, Feb 14 2019)
The majority of public advisories were network-exploitable vulnerabilities, says Dragos.

Wendy’s Reaches $50 Million Settlement With Banks Over Data Breach (SecurityWeek, Feb 18 2019)
US fast food restaurant chain Wendy’s announced recently that it has reached a settlement with the thousands of financial institutions impacted by the data breach suffered by the company in 2015 and 2016.

Millions of “private” medical helpline calls exposed on internet (Naked Security – Sophos, Feb 19 2019)
One of the subcontractors involved in running the Swedish medical assistance line 1177 (a bit like 111 in the UK – the number you use for urgent but not emergency medical help) apparently left six years’ worth of call records – 2,700,000 sound files in WAV and MP3 format – on a server that was openly accessible on the internet.

Google Research: No Simple Fix For Spectre-Class Vulnerabilities (Dark Reading, Feb 19 2019)
Chip makers’ focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates – only by hard choices.

Free decryption tool could save victims millions in ransomware payments (Help Net Security, Feb 20 2019)
This tool was developed by the Romanian Police in close collaboration with the internet security company Bitdefender and Europol, together with the support of law enforcement authorities from Austria, Belgium, Cyprus, France, Germany, Italy, the Netherlands, UK, Canada and US FBI.

Half of UK Firms Admit to Unknown Network Devices (Infosecurity Magazine, Feb 20 2019)
Forescout poll finds lack of visibility is creating security risk

Dunn Brothers Coffee, Holiday Inn among those exposed by third-party payment card vendor breach (SC Magazine, Feb 19 2019)
A company that handles payment operations for a large number of hotels and food establishments, including Holiday Inn, Dunn Brothers Coffee and Zipps Sports Grill, is informing its customers of a data breach that may have compromised consumer’s payment card information.

Breach at PoS Firm Hits Hundreds of U.S. Restaurants, Hotels (SecurityWeek, Feb 19 2019)
Point-of-sale (PoS) solutions provider North Country Business Products, whose products are used at over 6,500 locations across the United States, recently disclosed a data breach that resulted in the exposure of payment card data.

Mastercard, GCA Create Small Business Cybersecurity Toolkit (Dark Reading, Feb 20 2019)
A new toolkit developed by the Global Cybersecurity Alliance aims to give small businesses a cookbook for better cybersecurity.