CISO View – The Week’s Best News – 2020.10.23

A Review of the Best News of the Week on Cybersecurity Management & Strategy

U.S. Charges Russian Intelligence Officers in Major Cyberattacks (The New York Times, Oct 19 2020)
Prosecutors said the suspects hacked elections in France and the 2018 Winter Olympics.

2020 Cyber Threatscape Report (Accenture, Oct 20 2020)
There has been a 60% increase in the average ransom payment (US$178,254) in the first quarter of 2020.

Microsoft Says Most TrickBot Servers Are Down (SecurityWeek, Oct 21 2020)
Most of the servers associated with the TrickBot botnet have been taken down following the technical and legal effort announced last week, Microsoft says.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

NSS Labs Shuttered (Dark Reading, Oct 19 2020)
“Due to Covid-related impacts, NSS Labs ceased operations on October 15th.”

Gartner: Top strategic technology trends for 2021 (Network World Security, Oct 19 2020)
Companies need to focus on architecting resilience and accept that disruptive change is the norm, says research firm Gartner, which unveiled its annual look at the top strategic technology trends that organizations need to prepare for in the coming year.

Cybersecurity Visuals (Schneier on Security, Oct 20 2020)
The Hewlett Foundation just announced its top five ideas in its Cybersecurity Visuals Challenge. The problem Hewlett is trying to solve is the dearth of good visuals for cybersecurity. A Google Images Search demonstrates the problem: locks, fingerprints, hands on laptops, scary looking hackers in black hoodies. Hewlett wanted to go beyond those tropes.

#SecTorCa: The Paramedic’s Guide to Surviving Cybersecurity (Infosecurity Magazine, Oct 23 2020)
In both emergency services and cybersecurity, professionals deal with some of the same challenges

An Uncommon 20 Years of Commonly Enumerating Vulns (Dark Reading, Oct 18 2020)
Larry Cashdollar, a researcher with more than 300 CVEs to his credit, looks back at his favorite vulnerabilities (and being the only individual CNA on Mitre’s list).

Academia Adopts Mitre ATT&CK Framework (Dark Reading, Oct 16 2020)
Security pros and academic researchers discuss the best ways to use MITRE’s framework to inform cybersecurity efforts, analyze threats, and teach future workers.

How to use psychology to prevent employee mistakes that lead to breaches (SC Media, Oct 18 2020)
We can all admit that 2020 has been a stressful year. But how have these increased levels of stress impacted cybersecurity at businesses across the country?  Recent data from Tessian found that nearly half of employees say they’ve made a mistake at work that has compromised their company’s security.

US charges Sandworm hackers who mounted NotPetya, other high-profile attacks (Help Net Security, Oct 20 2020)
The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate (GRU), the US Department of Justice (DoJ) claimed as it unsealed an indictment against six hackers and alleged members on Monday.

Cyber-Attack on Mississippi Schools Costs $300,000 (Infosecurity Magazine, Oct 19 2020)
Board of Yazoo County School District votes to pay company $300,000 to recover files encrypted by threat actors

Cyber Solarium Commission lays out plan to secure supply chain (SC Media, Oct 19 2020)
Over the past two decades, China has mobilized state-owned and state-influenced companies to dominate several emerging markets, especially for 5G telecommunications equipment, according to a report from the U.S. Cyberspace Solarium Commission (CSC) The 50-page report, a follow-up to its March 2020 report, focuses on creating a supply chain strategy for information and communications technologies…

#GlobalEthicsDay2020: New Security Incident Response Ethics Guidelines Released (Infosecurity Magazine, Oct 21 2020)
New ethics guidelines for incident response and security teams have been released by the Forum of Incident Response and Security Teams (FIRST) to coincide with Global Ethics Day today. The document offers advice and recommendations for cybersecurity professionals on how they should conduct themselves in a professional and ethical manner when dealing with incidents.

Researcher Guesses Password to Access Trump Twitter Account (Infosecurity Magazine, Oct 23 2020)
Two-factor authentication belatedly switched on after incident

Microsoft, MITRE Release Adversarial Machine Learning Threat Matrix (SecurityWeek, Oct 23 2020)
Microsoft and MITRE, in collaboration with a dozen other organizations, have developed a framework designed to help identify, respond to, and remediate attacks targeting machine learning (ML) systems.

CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant (VICE, Oct 23 2020)
The CBP is buying location data harvested from ordinary apps installed on peoples’ phones.

How 30 Lines of Code Blew Up a 27-Ton Generator (Wired, Oct 23 2020)
A secret experiment in 2007 proved that hackers could devastate power grid equipment beyond repair—with a file no bigger than a gif.

The Now-Defunct Firms Behind 8chan, QAnon (Krebs on Security, Oct 22 2020)
“Some of the world’s largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan. But according to a California-based security researcher, those seeking to de-platform these communities may have overlooked a simple legal solution to that end: Both the Nevada-based web hosting company owned by 8chan’s current figurehead and the California firm that provides its sole connection to the Internet are defunct businesses in the eyes of their respective state regulators.”

MITRE ATT&CK Tactics Are Not Tactics (TaoSecurity, Oct 23 2020)
My concern is with MITRE’s definition of “tactics” as “short-term, tactical adversary goals during an attack,” which is oddly recursive.

The key word in the tactics definition is goals. According to MITRE, “tactics” are “goals.”

Share on facebook
Share on twitter
Share on linkedin