CyberWire Daily - Cyber attacks reported in the Middle East, from both states and non-state actors. Italy's Foreign Ministry hacked for months in 2016. Cyber and kinetic operations. RSA's Innovation Sandbox.
Episode Date: February 13, 2017In today's podcast, Hamas appears to have improved its cyber attack capabilities. Egypt is believed to be ramping up Internet surveillance. ISIS sympathizers are being targeted with Android malware de...livered over Telegram. The US increasingly integrates cyber into kinetic military operations. Russia is suspected of hacking the Italian Foreign Ministry. Malek Ben Salem from Accenture Technology Labs describes privacy techniques for data mining. And, of course, we begin our coverage of RSA in in San Francisco with a look at the annual Innovation Sandbox. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code N2K at checkout. That's joindelete.me.com slash N2K, code N2K.
Hamas appears to have improved its cyber attack capabilities.
Egypt is believed to be ramping up Internet surveillance.
ISIS sympathizers are being targeted with Android malware delivered over Telegram.
The U.S. increasingly integrates cyber into kinetic military operations.
Russia is suspected of hacking the Italian foreign ministry.
And in industry news, RSA opens in San Francisco with the annual Innovation Sandbox.
Annual Innovation Sandbox I'm Dave Bittner in Baltimore with your CyberWire summary for Monday, February 13, 2017.
Some state conflict surfaced in cyberspace late last week and over the weekend.
Palo Alto Networks reports an increase in activity on the part of the Hamas-associated Gaza cyber
gang. Phishing campaigns aim at installing spyware in victim computers. The targets are
in Israel and various Arab countries. Palo Alto characterizes the campaign's technical
sophistication as relatively high. As so often happens, the attackers inadvertently aroused
suspicions with poor proofreading.
ISIS sympathizers are being targeted by Android malware delivered over one of the caliphate's preferred social media, Telegram.
The first stage of infection aims at privilege escalation.
Subsequent stages vary, apparently, with the attackers' intentions.
There's no attribution, but it's also no secret
that ISIS's opponents are actively targeting the group.
The U.S. Air Force reported to Congress last week on cyber combat operations.
Air Force Vice Chief of Staff General Stephen Wilson,
in a written report to the U.S. House and Senate Armed Services Committees, said,
The Air Force conducted 4,000 cyber missions against more than 100,000 targets,
disrupting adversaries and enabling over 200 high-value individual kill-capture missions.
This is consistent with a broader trend toward full integration of cyber
with other military operations by all the American services.
Some observers perceive an increase in the Egyptian government's
online surveillance and traffic interception efforts.
Their conclusions or suspicions are that such efforts are principally driven by domestic security concerns.
Sources close to the Italian government tell The Guardian and Reuters that Italy's foreign ministry sustained a four-month-long cyber attack in 2016.
Non-classified systems were successfully penetrated. Classified systems
are said to have resisted compromise. The Russian government is suspected of responsibility,
which will surprise few. The Cyber Wire, of course, is out at RSA 2017, where the highlight
of the conference's first day is the annual Innovation Sandbox. A kind of security startup
Olympics, the Innovation Sandbox seeks to select
the year's most innovative information security companies and products.
RSA solicits applications and receives a lot of them,
and then selects 10 finalists to compete before the judges
at this annual San Francisco conference.
The final presentations are underway.
We expect the judges to announce the winner at 4.30 Pacific time today.
The past winners include some impressive names.
Sourcefire took the prize at the first Sandbox back in 2005.
They won for their suite of enterprise threat management solutions
from Next Generation Security Platform through Advanced Malware Protection.
This Maryland-born unicorn was bought by Cisco in 2013 for $2.7
billion. Imperva, activity monitoring protection and risk management specialist, won in 2006.
Their 2011 IPO raised $90 million. Yagi Security Systems was, according to RSA,
the inventor of behavior-based blocking technology in the form of a hardware-based
computer security solution.
They had raised an additional $2.8 million in capital
within a year of winning in 2007,
and in 2011 they exited in an acquisition by Cup.
In 2009, Alert Enterprise won for its pioneering work
in the convergence of logical and physical security.
They raised $27 million in two rounds of venture funding after taking top honors at RSA.
Altor, 2010's winner, took the prize for virtualization and cloud security solutions.
After raising $16 million in two venture funding rounds,
they were acquired that same year by Juniper Networks.
2011's winner, Invincia, was in the news last week over its
acquisition by Sophos for $100 million. The work that earned them distinction has been an advanced
endpoint protection that combines containerization, threat detection, and response. Appthority has
continued to go strong since winning in 2012. The App risk management shop has raised a total of $25.25 million
in equity funding since the appearance in the sandbox.
Remotium was recognized in 2013 for its BYOD-enabling mobile security technology.
Avast bought them in 2015.
In 2014, Red Owl Analytics won for its risk oversight software solutions
for compliance and investigations.
They've since attracted $21.6 million in equity investment.
Waratech's runtime application self-protection for apps in data center, hybrid, or public clouds took the honors in 2015.
Headquartered in Dublin, they continue to go strong with a North American base in Atlanta.
And last year, Phantom won for its solution addressing diverse threats in complex environments
and the scarcity of expert security personnel.
Since winning, they've closed $13.5 million in funding from Kleiner Perkins.
To make the final 10 is a pretty big deal.
Any finalist over the years would be worthy of serious industry and investor attention,
and this year's class is no different.
The 2017 finalists are Baffle of Santa Clara, California.
The company takes its mission to be making data breaches irrelevant.
Their deep encryption is applied immediately and stays with the data it protects,
whether the data is at rest, in motion, or in use.
Cato Networks of Alpharetta, Georgia and Tel Aviv, Israel.
They offer a software-defined cloud-based secure enterprise network
that connects branch locations, physical and cloud data centers,
and mobile users in a secure, optimized network.
Clarity of Tel Aviv and New York.
The company provides a single, holistic holistic secure platform for operational technology,
securing such highly valuable and highly sensitive installations as power plants and offshore rigs.
Contrast Security of Los Altos, California.
Contrast holds out the promise of self-protecting software enabled by deep security instrumentation.
Envail. Too secure to really tell you where they're from,
but to us they look like neighbors from Laurel around, say, the Johns Hopkins APL.
Envail offers a scalable framework whose homomorphic encryption
lets enterprises work on data without ever decrypting it.
Great Horn of Belmont, Massachusetts.
Great Horn has an automated policy engine that comes
pre-configured, ready to install to protect an enterprise from highly targeted attacks in real
time, spoofed emails, homograph domain attacks, and financial fraud attempts. Redlock of Hyderabad,
India and Menlo Park, California. They offer a platform that makes enterprise security easy
with a cloud-native architecture, workload behavior monitoring, and out-of-the-box policy packs and templates.
Unify ID of San Francisco.
They combine implicit authentication with machine learning in ways that uniquely identify you, and they promise to make remembering passwords a thing of the past.
Uplevel of New York. They apply advanced data science to information culled from internal systems and external sources,
and they use it to deliver automation throughout incident response.
And Veriflow of San Jose, California.
Veriflow delivers a solution that serves reliability.
Their continuous network verification technology predicts and verifies availability and
security, getting ahead of outages and vulnerabilities, whatever their source.
Good luck to them all. If recent history is any guide,
all 10 of the finalists are companies worth watching and watching closely.
Calling all sellers. Salesforce is hiring account executives to join us on the cutting edge of technology.
Here, innovation isn't a buzzword.
It's a way of life.
You'll be solving customer challenges faster with agents, winning with purpose, and showing the world what AI was meant to be.
Let's create the agent-first future together.
Head to salesforce.com slash careers to
learn more. Do you know the status of your compliance controls right now? Like right now?
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility
into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection
across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off Vanta when you go to vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off.
In a darkly comedic look at motherhood and society's expectations,
Academy Award-nominated Amy Adams stars as a passionate
artist who puts her career on hold to stay home with her young son. But her maternal instincts
take a wild and surreal turn as she discovers the best yet fiercest part of herself. Based on
the acclaimed novel, Night Bitch is a thought-provoking and wickedly humorous film from
Searchlight Pictures. Stream Nightbitch January 24 only on Disney+.
Cyber threats are evolving
every second, and staying ahead
is more than just a challenge. It's a
necessity. That's why we're thrilled to
partner with ThreatLocker, a cybersecurity
solution trusted by businesses
worldwide. ThreatLocker
is a full suite of solutions designed
to give you total control, stopping unauthorized applications, securing sensitive data, and
ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see
how a default deny approach can keep your company safe and compliant.
And I'm pleased to be joined once again by Malek Ben-Salem. She's the head of R&D at Accenture Technology Labs. Malek, you wanted to tell us about data mining and how that may
affect privacy. What do we need to know here? So data mining is a process of identifying interesting and unknown patterns
and discovering new and meaningful insights from data.
And with the advent of big data and the availability of public databases
that collect a lot of data by consumers and that sell that data to other third parties.
Others have increased concern about privacy.
So new data mining techniques are known as PPDM or privacy preserving data mining techniques
have emerged in order to protect consumers' privacy.
And those can be classified actually in two different approaches.
One tries to hide or protect the sensitive data, the raw sensitive data itself. And other techniques
focus on protecting the sensitive results or the outcome of the data mining process.
Yeah, I was thinking, I guess this would most organizations that are subject to
various regulations and restrictions and so forth, because, you know, when I think of data mining,
mostly what I think of are, you know, organizations who want to know what I'm buying and, you know,
what I'm clicking on on Amazon and things like that, who, you know, it seems to me are not at
all interested in protecting my privacy when they're mining my data. Yeah, that is true.
But I think that will change because a lot of the data breaches have not only just a
reputational cost for these organizations, but they may have a tangible cost in terms
of the consumers actually switching to other service providers.
of the consumers actually switching to other service providers. So it's in the interest of these organizations. We understand that they need to collect data and they need to use it in order
to customize their services or personalize their services to their consumers. But they also have
an interest in protecting that data if they really want to gain the trust of their clients.
These techniques vary, so they're not that sophisticated to implement.
You can just rely on data distribution, whether horizontally or vertically,
meaning that you store the data you collect in different places,
meaning that you store the data you collect in different places and you may you segment that data if we're talking about a relational database for example
along certain columns or along certain rows so that you the data becomes
distributed so that no single party has access to all of the data or you can use
there are you know new techniques based on cryptography, like secure
multi-party computation that can be used also to perform some of these computations on data,
although a lot of theoretical progress has been made for several multi-party computational
techniques. But when it comes to evaluating communication and computational costs,
we haven't made as much progress.
All right. Interesting stuff. Something to keep an eye on.
Malek Ben-Salem, thanks for joining us.
And now a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover
they've already been breached.
Protect your executives and their families
24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
And that's The Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening. Thank you. AI, and data into innovative uses that deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts,
and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.