A Review of the Best News of the Week on Cybersecurity Management & Strategy

Verizon Publishes 2019 Data Breach Investigations Report (#DBIR) (SecurityWeek, May 08 2019)
A must read for security pros.

How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks (NY Times, May 06 2019)
Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal.

A New Era of Warfare Begins as Cyberattack Leads to Airstrikes (Gizmodo, May 06 2019)
For the first time ever, a government announced publicly that it had used immediate lethal physical force in response to a cyberattack. Israeli military officials announced on Sunday that it launched air strikes to respond to an alleged “Hamas cyber offensive against Israeli targets.”


Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.


Feds Bust Up Dark Web Hub Wall Street Market (Krebs on Security, May 03 2019)
“Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly trying to extort money from WSM vendors and buyers (supposedly including Yours Truly) — in exchange for not publishing details of the transactions.”

Iran’s the scariest cyber adversary, former NSA chief says (Washington Post, May 06 2019)
Keith Alexander says the U.S. has fewer diplomatic levers to pull.

President Trump Is Spending Billions on an Aircraft Carrier. The Navy Wanted That Money for Cybersecurity (Time, May 06 2019)
“We find the Department of the Navy preparing to win some future kinetic battle, while it is losing the current global, counter-force, counter-value, cyber war,” the report says.

Stolen NSA hacking tools were used in the wild 14 months before Shadow Brokers leak (Ars Technica, May 07 2019)
Already criticized for not protecting its exploit arsenal, the NSA has a new lapse.

How Manhattan’s District Attorney Prosecutes Cybercrime (VICE, May 07 2019)
Elizabeth Roper, the office’s cybercrime and identity theft bureau chief, explains how one of the country’s most important prosecutors goes after cybercriminals.

New Executive Order Aims to Grow Federal Cybersecurity Staff (Dark Reading, May 03 2019)
The EO outlines a ‘rotational assignment program’ intended to help security practitioners develop their skills.

The CIA Sets Up Shop on Tor, the Anonymous Internet (Wired, May 07 2019)
Even the Central Intelligence Agency has a so-called onion service now.

Hackers Swipe More Than $40 Million of Bitcoin From Cryptocurrency Exchange (WSJ, May 08 2019)
Binance, one of the world’s largest cryptocurrency exchanges, said hackers stole more than $40 million worth of bitcoin from its platform in what it called a “large scale security breach.”

Bad actors increasingly spreading misinformation via social media ahead of EU elections (Help Net Security, May 07 2019)
The report provides evidence and detail into how Russia is deploying misinformation campaigns on social media to influence European Parliamentary elections taking place from May 23-26, 2019.

Cybersecurity Checklist for Political Campaigns (Lenny Zeltser, May 03 2019)
This article suggests such measures based on the attacks observed in recent years.

Security Doesn’t Trust IT – and IT Doesn’t Trust Security (Dark Reading, May 02 2019)
How a rocky relationship between IT operations and cybersecurity teams can compound security risks.

Senate Passed Fed Cyber Workforce Program Act (Infosecurity Magazine, May 03 2019)
New rotational workforce program allows cybersecurity practitioners to learn across agencies.

Cybersecurity experts battle for right to repair (Naked Security – Sophos, May 03 2019)
A battle rages between manufacturers and users over who can repair a product, with tech companies using security concerns as a weapon.

Google Announces Fourth-Annual Capture the Flag Event (SecurityWeek, May 06 2019)
Google is getting ready to host its fourth-annual Capture the Flag (CTF) event, which will feature over $30,000 in prize money.

Level the Security Operations Playing Field With MITRE ATT&CK (SecurityWeek, May 03 2019)
Instead of phases, ATT&CK breaks down incidents into 12 “tactics” (what the adversary is trying to do), each accompanied by numerous “techniques” (how the adversary is doing it). Tactics include Execution, Defense Evasion, and Lateral Movement. Techniques are more specific, such as PowerShell, Modify Registry, and Remote Desktop Protocol. The result is a massive matrix of adversary behavior, based on MITRE’s study of real-world cybersecurity incidents.

The Dark Web is Smaller Than You Think (Dark Reading, May 07 2019)
The number of live, accessible .onion sites amounts to less than 0.005% of surface web domains, researchers report.