CyberWire Daily - Daily: Anonymous hits Belgium & Cincinnati. Twitter vs. jihad? MouseJack. Apple, FBI dispute updates.
Episode Date: February 23, 2016Anonymous hits Belgium & Cincinnati. Twitter vs. jihad? MouseJack. Apple, FBI dispute updates. Learn more about your ad choices. Visit megaphone.fm/adchoices...
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K. hottest blind spots. Anonymous cells hit Belgium and Cincinnati. Security experts tell power
utilities not to expect all grid hacks to be noisy and catastrophic. Attackers are likely to be
subtle and quiet. BAE makes plans for a commercial cyber push. And what's at stake in the dispute
between Apple and the FBI gets a little bit clearer.
I'm Dave Bittner in Baltimore with your Cyber Wire summary for Tuesday, February 23, 2016.
Two Damascus-based jihadist groups have sworn fealty to Abu Muhammad al-Julani, leader of the al-Nusra Front. Al-Nusra is an al-Qaeda affiliate, and thus a rival as opposed to an ally of ISIS.
Nonetheless, the fact that al-Nusra has official Twitter accounts
should give one pause before clapping Twitter on the back,
as the social media company claims it's making significant inroads
against extremism.
Twitter's in a tough position.
It's a business, not the U.S. government,
so its relationship with the First Amendment is a lot more nuanced,
but it doesn't particularly want to be perceived as a censor. But Twitter's getting a lot of stick
in the blogosphere for what many see as tenditious and ill-focused shuttering of accounts that,
objectionable on some grounds or not, really have nothing to do with the nominal main enemy.
Hacktivists associated with Anonymous hit the Belgian government in a widespread denial of
service effort apparently intended to protest the sad suicide of a girl who was cyberbullied.
And a North American Anonymous cell releases personal information
on some 52 Cincinnati, Ohio, police officers and employees.
In this case, the cause of action is last week's death of Paul Gaston in a police shooting.
We've seen no recent reports of attacks on electrical grids,
but the threat continues to worry utilities.
Late last week, security experts warned state utility regulators in the U.S.
not to expect cyberattacks on their installations to be sudden, splashy, or otherwise obvious.
There won't necessarily be obvious catastrophes, they say,
and attackers can be expected to remain sly and discreet.
Bastille Networks reports a new threat which has given the snappy name MouseJack.
MouseJack is a set of nine vulnerabilities that affect non-Bluetooth wireless keyboards and mice
used by PCs, Macs, and Linux machines.
Bastille says that devices manufactured by Logitech, Dell, HP, Lenovo, Microsoft,
Gigabyte, and Amazon Basics share the vulnerabilities.
Attackers could use a wireless dongle to spoof a mouse It was disclosed yesterday that Virginia-based company YouKnowKids.com, whose stock-in-trade is giving parents tools to monitor their children's online activity,
suffered from a misconfigured MongoDB installation that exposed nearly 2,000 children's information online.
The exposure appears to have lasted about two days.
An upward trend in Facebook scams and LinkedIn fraud
highlight social media users' continued vulnerability to social engineering.
The annual RSA conference opens in San Francisco next week,
and several publications offer previews of the event.
We're seeing the customary surge in
new product announcements during the run-up. And by the way, if you're planning to attend RSA,
be sure to stop by and say hello to the Cyber Wire. We'll be in the South Hall at booth 1145.
In other industry news, BAE offers more details on its plans for a major push into the U.S.
commercial cybersecurity market. This comes at a time when other large defense and aerospace integrators, notably Lockheed Martin, Boeing, and Northrop Grumman, seem to be exiting
the field. Raytheon, like BAE, is an exception to this trend. BAE's new COO and prospective CEO
-in-waiting is widely expected to shape the company's cybersecurity efforts.
The dispute between Apple and the U.S. Department of Justice over a San Bernardino County-issued iPhone
used by one of the shooters in the recent California Jihad massacre continues.
There's growing consensus that San Bernardino County, which we do well to remember owns the phone in question,
could have avoided a great deal of trouble had it used the mobile device management tools available to it.
The FBI disputes with some discernible heat that changing the iCloud
credentials associated with the phone was a screw-up. Rather, it was a step taken to preserve
whatever data might have been on the phone against, for example, the possibility of wiping by some
surviving accomplice. Several outlets, Dark Reading and Krebs on Security prominently among them,
are offering rundowns on the case. Essentially, the FBI wants access to the phone's data to determine if there's any evidence therein
that could point to a broader conspiracy or plans for further attacks.
And a federal magistrate has directed Apple to provide a software image file
that would override the device's auto-erase and enforce delay security features.
Such software would make it easier for the Bureau to brute-force the phone.
Security expert Bruce Schneier has pointed out that various intelligence and security agencies
have almost certainly produced this kind of software on their own,
and that time, labor, and expense are the principal obstacles to the FBI doing so in this case.
And tenable CEO Ron Gula speculates that if the dispute with Apple has become so public,
this has happened because the Department of Justice wants it to be public.
Apple continues to resist the order.
Reactions remain mixed, with industry somewhat favoring Apple,
the general public inclining to take the FBI's view of things,
and both Apple and the FBI avowing their belief in the other party's good,
if in their view misguided, intentions.
You'll find a useful guide to iOS encryption linked in today's
Cyber Wire daily news brief. We also had the opportunity to speak with University of Maryland's
Jonathan Katz about the details of iPhone encryption. We'll hear from him after the break.
Whatever the outcome of the case may be, it's affecting the conversation on privacy and security
in Europe as well as the United States. And we note that European law enforcement agencies are
looking to their own investigative tools. Reports from Germany say that country's interior ministry has developed
and is preparing to deploy its own spyware, Bundestroyan, the federal Trojan. They're also
rumored to be in the market for lawful intercept tools similar to the well-known finfisher.
In a darkly comedic look at motherhood and society's expectations,
Academy Award-nominated Amy Adams stars as a passionate artist who puts her career on hold to stay home with her young son.
But her maternal instincts take a wild and surreal turn
as she discovers the best yet fiercest part of herself.
Based on the acclaimed novel, Night Bitch is a thought-provoking and wickedly humorous film from Searchlight
Pictures. Stream Night Bitch January 24 only on Disney+.
Do you know the status of your compliance controls right now? Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection
across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows
like policies, access reviews, and reporting,
and helps you get security questionnaires done
five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
Thank you. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant. Joining me is Jonathan Katz.
He's a professor of computer science
and the director of the Maryland Cybersecurity Center
at the University of Maryland.
Jonathan, obviously Apple has been a hot topic
these past few days,
specifically the encryption on the Apple iPhone. Apple has gone
to great lengths to make sure that the iPhone is secure. Tell us about security on iPhones.
Well, the truth is Apple have done a pretty good job of securing the iPhone, and you can see that
by the fact that the FBI essentially has been required to go to Apple in order to get help
to unlock the phone. What's interesting about the way that Apple protects the data on the phone
is that the data is encrypted now by default,
and it's encrypted using a key that's actually stored in hardware
and that's inaccessible by any software running on the device.
And so the only way to unlock that key and gain access to it is via the passcode on the device,
and that's what things are coming down to in the current case
is that the FBI is asking Apple for help
in allowing it to repeatedly guess different passcodes
in an attempt to unlock the key and get access to the data.
So interestingly, Apple does have access to your data
if you back it up on iCloud.
Apple retains the keys to iCloud.
Why would Apple choose to do that?
Well, that's an interesting question, actually,
because we've seen that Apple has already provided the FBI
with the backed-up data from this phone that was present on the iCloud.
But unfortunately for the FBI, that data only went up to a certain date,
and the FBI is therefore looking to get access to the phone
in order to gain access to the data that had been collected on that phone
from that date going forward.
And it's interesting that Apple was willing to give the FBI access to that data that was
stored on the cloud, but is putting up such a fight with regard to access to the data
on the phone.
And what Apple is claiming is that if they provide access to the data on the phone, then
they're potentially creating a trap door or a back door that could then enable people
to access people's phones
worldwide. But we see already that by having the data stored in the cloud and that Apple has the
key to, that back door, as it were, is already present for any backed up data. And the FBI is
claiming that all they're asking for is the access to this particular phone, that they are not trying
to set a precedent. Does that sound reasonable to you, or is that disingenuous?
Well, it sounds reasonable.
I think you have to separate two issues.
I mean, the first issue is about whether the software that Apple creates
in response to this request would work only on that phone.
And it seems to me that that is feasible, actually,
that Apple could create software that would be able to be run only on this phone
and would not be a general-purpose trapdoor.
But nevertheless, I do think that the FBI is looking to set a precedent here,
and they're hoping to make it easier the next time around
that they request access to data on somebody's phone.
So from that point of view, it does make sense that Apple would at least put up a fight here
to at least show that they're serious about protecting user privacy.
All right, Jonathan Katz, thanks for joining us.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home? Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
And that's the Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers. I'm Dave Bittner. Thanks for listening.
Your business needs AI solutions that are not only ambitious, but also practical and adaptable.
That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease
through guided apps
tailored to your role.
Data is hard.
Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.