A Review of the Best News of the Week on Cybersecurity Management & Strategy

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware (Krebs on Security, Jun 03 2019)
“For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.”

Stanford group calls for major overhaul on election security. Here are their recommendations (The Washington Post, Jun 06 2019)
A plan released this week by a Stanford University group that includes former top government and tech industry officials aims to be the equivalent of the 9/11 Commission report for election security.

China ‘behind’ huge ANU hack amid fears government employees could be compromised (The Sydney Morning Herald, Jun 07 2019)
China is the key suspect in the theft of huge volumes of highly sensitive personal data from the Australian National University


One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


What corporate boards still don’t understand about cyber risk (Quartz, Jun 03 2019)
Board members who felt their company was properly secured against a cyberattack fell to 37% in 2017 from 42% in 2016.

Why the NSA is pushing back against Baltimore ransomware link (The Washington Post, Jun 03 2019)
The National Security Agency took an exceptionally rare step last week when it disputed a New York Times report that one of its hacking tools was used in a ransomware attack that has crippled Baltimore city services for more than three weeks.

The organization once nicknamed “No Such Agency” typically stays tight-lipped about stories it believes are incorrect or misleading. The rare exception underscores that the NSA is trying to avoid a hit to its reputation – which has taken numerous blows in recent years — that would surely come if its tools were linked to the Baltimore attack.

Much @Stake: The Band of Hackers That Defined an Era (Wired, Jun 02 2019)
Today’s cybersecurity superstars share a common thread—one that leads back to early hacking group Cult of the Dead Cow.

Baltimore Ransomware Attacker Was Behind Now-Suspended Twitter Account (Dark Reading, Jun 03 2019)
Researchers at Armor were able to confirm the person or persons behind a Twitter account that appeared to be leaking confidential files was the actual ransomware attacker that hit the city.

Election Rules Are an Obstacle to Cybersecurity of Presidential Campaigns (The New York Times, Jun 07 2019)
Security experts warn that time is running out for campaigns to create protections against the cyberattacks and disinformation seen in recent elections.

What I Learned Trying To Secure Congressional Campaigns (Idle Words) (Idlewords, Jun 07 2019)
“This is the situation I found myself in from late 2017 to 2018, when I was part of an effort that delivered a basic, hour-long campaign security training to 41 Democratic Congressional campaigns.”

GDPR’s First-Year Impact By the Numbers (Dark Reading, May 31 2019)
The latest statistics on GDPR spending, compliance rates, enforcement, and consumer attitudes on privacy protection.

Reports: Hacking accusations debunked after leak of New Zealand budget plan (SC Magazine, May 31 2019)
Accusations from New Zealand’s Treasury department that someone had hacked the agency’s website and stole budget plans that was later leaked to the public turned out to be premature, after investigators reportedly determined that individuals were able to access the documentation due to website error.

The Importance of Protecting Cybersecurity Whistleblowers (Schneier on Security, Jun 03 2019)
Interesting essay arguing that we need better legislation to protect cybersecurity whistleblowers. “Congress should act to protect cybersecurity whistleblowers because information security has never been so important, or so challenging…”

The Cost of Cybercrime (Schneier on Security, Jun 04 2019)
Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. In this paper,we report what has changed in the seven years since.

Tales From the SOC: Municipal Edition (SecurityWeek, Jun 04 2019)
As a threat researcher, I’ve advised security teams of organizations big and small, across both public and private sectors. So after a decade in DFIR, people often ask me about the craziest or most interesting things I’ve seen on client networks. I have quite a few interesting stories under my belt, from state and local governments, to start ups, and large enterprises. I’m excited to share a few of these ‘Tales from the SOC’ with the larger cybersecurity community.

The Race to Save Encryption (WSJ, Jun 05 2019)
Quantum computers will be able to break current encryption within a decade. That has security experts scrambling to come up with new ways to protect data before it is too late.

State Department proposes new $20.8 million cybersecurity bureau (CyberScoop, Jun 05 2019)
The State Department has sent to Congress a long-awaited plan to reestablish a cybersecurity-focused bureau it says is key to supporting U.S. diplomatic efforts in cyberspace.

FEC poised to limit who can give political campaigns free cybersecurity help (The Washington Post, Jun 05 2019)
The Federal Election Commission appears poised to draw strict limits this week on which organizations can provide free cybersecurity help to political campaigns targeted by foreign hackers.

Premera Blue Cross reaches proposed $72M settlement with 2014 breach victims (SC Magazine, Jun 05 2019)
Health insurance company Premera Blue Cross has agreed to a $72 million proposed settlement that would resolve a contentious class-action lawsuit stemming from a 2014 data breach affecting roughly 10.6 million people.

Chinese Military Wants to Develop Custom OS (Schneier on Security, Jun 06 2019)
Citing security concerns, the Chinese military wants to replace Windows with its own custom operating system: Thanks to the Snowden, Shadow Brokers, and Vault7 leaks, Beijing officials are well aware of the US’ hefty arsenal of hacking tools, available for anything from smart TVs to Linux servers, and from routers to common desktop operating systems, such as Windows and Mac.

Security and Human Behavior (SHB) 2019 (Schneier on Security, Jun 06 2019)
“I invariably find this to be the most intellectually stimulating two days of my professional year. It influences my thinking in many different, and sometimes surprising, ways.”