A Review of the Best News of the Week on Cybersecurity Management & Strategy
Snake likely culprit behind third cyberattack that put brakes on Honda operations (SC Media, Jun 09 2020)
Parts of Honda’s global operations came to a halt after what appears to be a Snake ransomware attack, the company’s third cyber incident in 12 months. “At this time Honda Customer Service and Honda Financial Services are experiencing technical difficulties and are unavailable,” the company tweeted Monday
Data Security in the SaaS Age: Rethinking Data Security (Securosis Blog, Jun 03 2020)
“What we’ve been doing hasn’t worked. Not at scale anyway. We’ve got to take a step back and stop trying to solve yesterday’s problem. Protecting data by encrypting it, masking it, tokenizing it, or putting a heavy usage policy around it wasn’t the answer, for many reasons. The technology industry has rethought applications and the creation, usage, and storage of data. Thus, we security people need to rethink data security for this new SaaS reality. We must both rethink the expectations of what data security means, as well as the potential solutions. That’s what we’ll do in this blog series Data Security for the SaaS Age.”
Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity (Krebs on Security, Jun 09 2020)
“In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.”
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Facebook Helped Develop a Tails Exploit (Schneier on Security, Jun 12 2020)
Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which routes all inbound and outbound connections through the open-source Tor network to anonymize it. According to Vice, the FBI had tried to hack into Hernandez’s computer but failed, as the approach they used “was not tailored for Tails.” Hernandez then proceeded to mock the FBI in subsequent messages, two Facebook employees told Vice.
Facebook had tasked a dedicated employee to unmasking Hernandez, developed an automated system to flag recently created accounts that messaged minors, and made catching Hernandez a priority for its security teams, according to Vice.
Ransomware Strikes Third US College in a Week (Infosecurity Magazine, Jun 08 2020)
Columbia College Chicago becomes third US college in a week to be hit by Netwalker ransomware
Macy’s Pays $192,000 to Settle Data Breach Suit (Infosecurity Magazine, Jun 11 2020)
Macy’s settles a class-action lawsuit over a 2018 data breach with a payment of $192,000
Five signs a virtual CISO makes sense for your organization (Help Net Security, Jun 08 2020)
As today’s threat landscape continues to feature more sophisticated, well-funded, highly organized and increasingly complex cyber adversaries, defense and remediation strategies have become much more challenging. Protecting an enterprise and preparing for current and future threats requires a great deal of expertise, planning and timely and targeted actions
Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service (Krebs on Security, Jun 07 2020)
“The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court.”
The importance of effective vulnerability remediation prioritization (Help Net Security, Jun 09 2020)
Too many organizations have yet to find a good formula for prioritizing which vulnerabilities should be remediated immediately and which can wait. According to the results of a recent Tenable research aimed at discovering why some flaws go unpatched for months and years, vulnerabilities with exploits show roughly the same persistence as those with no available exploit.
Why traditional network perimeter security no longer protects (Help Net Security, Jun 09 2020)
Greek philosopher Heraclitus said that the only constant in life is change. This philosophy holds true for securing enterprise network resources. Network security has been and is constantly evolving, often spurred by watershed events such as the 2017 NotPetya ransomware attack that crashed thousands of computers across the globe with a single piece of code.
Security Analysis of the Democracy Live Online Voting System (Schneier on Security, Jun 09 2020)
Democracy Live’s OmniBallot platform is a web-based system for blank ballot delivery, ballot marking, and (optionally) online voting. Three states — Delaware, West Virginia, and New Jersey — recently announced that they will allow certain voters to cast votes online using OmniBallot, but, despite the well established risks of Internet voting, the system has never been the subject of a public, independent security review.
Efficient Security Testing Requires Automation, but Humans Are Needed Too (Dark Reading, Jun 10 2020)
An annual survey of penetration testers finds that although machines can quickly find many classes of vulnerabilities, human analysts are still necessary to gauge the severity of discovered issues.
Hack-for-Hire Firm Connected to Attacks on Nonprofits, Journalists (Dark Reading, Jun 09 2020)
The Dark Basin group behind thousands of phishing and malware attacks is likely an India-based “ethical hacking” firm that works on behalf of commercial clients.
Businesses torn between paying and not paying ransoms (Help Net Security, Jun 10 2020)
40% of consumers hold business leaders personally responsible for ransomware attacks businesses suffer, according to a research from Veritas Technologies. Furthermore, research shows the public often wants restitution from businesses that fall foul of ransomware – with 65% of respondents wanting compensation, and 9% even wanting to send the CEO to prison.
Cost of US Cyber Command Program Quintuples (Infosecurity Magazine, Jun 10 2020)
Government watchdog warns Unified Platform will cost five times more than originally estimated
Cyber-Incidents Surge 366% at NASA (Infosecurity Magazine, Jun 09 2020)
Cyber-incidents at NASA rose 366% in 2019 as millions slashed from cybersecurity budget
Researchers say online voting tech used in 5 states is fatally flawed (Ars Technica, Jun 10 2020)
Elections in five states have used or plan to use OmniBallot’s online voting tech.
Asset Management Mess? How to Get Organized (Dark Reading, Jun 10 2020)
Hardware and software deployments all over the place due to the pandemic scramble? Here are the essential steps to ensure you can find what you need — and secure it.
Average cost of DNS attacks hovering around $924,000 (Help Net Security, Jun 11 2020)
79% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. The 2020 Global DNS Threat Report, conducted in collaboration with IDC, shows that organizations across all industries suffered an average 9.5 attacks this year.
New Kaspersky Tool Helps Attribute Malware to Threat Actors (SecurityWeek, Jun 11 2020)
Kaspersky this week released a threat intelligence solution designed to help with the attribution of malware samples to known advanced persistent threat (APT) groups.