CyberWire Daily - Daily: DDoS, business email threats remain. How to set up your new machine.
Episode Date: March 31, 2016In today's Daily Podcast we hear about some of the other current threats—while ransomware is very much in the news, we'd do well to remember the problems of denial-of-service and business email comp...romise. The US continues to work toward "operationalizing" deterrence in the cyber domain. We talk to the Johns Hopkins University's Joe Carrigan about how you can secure your new computer. And CNBC appears to have been too participatory in a story about password hacking. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code N2K at checkout. That's joindelete.me.com slash N2K, code N2K.
Ransomware's out there, but so are other familiar threats like DDoS and business email compromise.
What you should think about in terms of security when you buy a new device and bring it online,
thinking about cyber deterrence,
and what can happen when journalists invite you to become part of the story.
Alas, sometimes it's not so good.
I'm Dave Bittner in Baltimore with your Cyber Wire summary for Thursday, March 31, 2016.
Ransomware and its particular impact on healthcare enterprises dominated the hacking news this week,
but other threats haven't gone away either.
The continuing investigation into the Bangladesh Bank wire fraud incident
serves as a cautionary reminder of the threat posed by business email
compromise schemes. In this case, it would seem that anomaly detection might have flagged the
fraud before it passed before the eyes of an alert and linguistically sensitive Deutsche Bank staffer.
And it seems that multi-factor authentication might have prevented the compromise of sensitive
Bangladesh bank credentials, which the criminals seem to have accomplished through a keylogger. Distributed denial-of-service attacks also have real consequences for real businesses.
One of the earliest Bitcoin wallet service providers, CoinKite, an online cloud-based
crypto bank operating from Canada, has exited its core business to concentrate on hardware.
Part of their reason was the business fatigue of dealing with both DDoS and government suspicious.
Quote,
Being a centralized Bitcoin service does attract attention from state actors
and other well-funded pains in the... rear.
And as a matter of fact, we've been under DDoS since the first month we launched.
End quote.
And talk of enterprise security shouldn't drown out awareness
of the importance of security to private users.
What about your home network, your family's devices?
CSO publishes a bit of a rant about how visiting sites one might be ashamed of
makes users reluctant to remediate problems in their machines,
preferring to simply discard and replace machines that have become slow,
which really means malware-ridden, rather than follow sound practices of digital hygiene.
We all eventually will buy new machines, so how should we set them up?
We have some good advice from one of our partners at the Johns Hopkins University.
Joe Kerrigan told us about what you should do with your new machine.
We'll hear from him after the break.
In defense policy, the UK and the US are upgrading the cyber protections
in their Trident submarine-launched ballistic missiles. These systems are held to be central
to the two countries' nuclear deterrent capability, and so, all considerations of nuclear surety aside,
the system's predictable reliability remains a priority for the US and Royal Navies.
The US military continues to work out how it might operationalize
cyber deterrence, that is, build enough credible capability to identify hostile actors in cyberspace
and hold their capabilities and other things those adversaries might value at risk. The primary
challenge in operationalizing that other long-familiar deterrence regime, nuclear deterrence, especially in its Cold War form, was assurance, making it clear to the adversary that they
couldn't deprive you of the ability to retaliate for a strike. But with cyber deterrence still
very much a work in progress, you face other issues. As the chairman of the U.S. Joint Chiefs
of Staff, Marine Corps General Joseph Dunford put it in a talk at the Center for
Strategic and International Studies this week, quote, we need to develop a framework within which
to deter cyber threats, and obviously attributing threats and managing escalation and hardening
ourselves against cyber attacks are all areas that require more work, end quote. We note particularly
the difficulty of attribution in the cyber domain.
It's notoriously difficult, and false flags, provocations,
and the use of deniable third-party surrogates are all well-established techniques in cyber conflict.
Finally, you listeners of a certain age will recall the new journalism practiced during the final third of the last century by the late Hunter S. Thompson and others.
The new journalists permitted themselves to become part of the story,
and neither held aloof from their subjects nor copped any pretense of lofty objectivity.
So, from what we're hearing this week, we're pretty sure that must be going on at CNBC.
The network ran an online story about the importance of using strong passwords,
and we're pretty sure, in an homage to that old participatory new journalism,
CNBC included a link to a password strength tester
where you, the consumer of the news, could become part of the news
by entering your password to find out if it was any good or not.
And then, wait for it, that link also collected your passwords
and then put them into a Google Docs spreadsheet for everyone to see.
But the spreadsheet was marked private.
It was like fear and loathing in Inglewood Cliffs.
Seriously, do keep your passwords strong.
If you're in research, keep working on some alternatives to passwords.
And don't be too hard on CNBC.
Fundamentally, they were well-intentioned and trying to be on the side of the angels.
Fundamentally, they were well-intentioned and trying to be on the side of the angels.
In a darkly comedic look at motherhood and society's expectations,
Academy Award-nominated Amy Adams stars as a passionate artist who puts her career on hold to stay home with her young son.
But her maternal instincts take a wild and surreal turn
as she discovers the best yet fiercest part of herself.
Based on the acclaimed novel, Night Bitch is a thought-provoking and wickedly humorous film from Searchlight Pictures.
Stream Night Bitch January 24 only on Disney+.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings
automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. Thank you. by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total
control, stopping unauthorized applications, securing sensitive data, and ensuring your
organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default
deny approach can keep your company safe and compliant.
Joining me once again is Joe Kerrigan from Johns Hopkins Information Security Institute.
They're one of our academic and research partners.
Joe, for our listeners, I want to talk about just some general security tips.
I buy a new computer.
A new computer gets dropped off on my front door from Amazon.
Is that computer ready to go out of the box,
or are there security steps that I need to take to protect myself?
Generally, they're ready to go right out of the box.
There are some nice security tips that I like to have on all of my computers. Number one, make sure that your updates, your automatic updates are enabled,
and don't disable automatic updates. There are two things you can do to protect your computer.
It will protect you from most things. And that is updating your computer and then making sure
you're running the right software with some kind of application whitelisting software.
Now, there's not really a lot of consumer-grade application whitelisting software. Now, there's not really a lot of consumer grade application whitelisting software.
And a whitelisting software just is essentially a security product that before you start any program, it says, is this computer allowed to run this program? And if it's not, it doesn't
let the software run. And that can prevent a lot of malicious software from running.
Since there's really not a consumer grade option for that, for one or two computers at home,
what I recommend is that people make sure they understand what it is they're installing and whenever they get asked to install a piece of software think to yourself before you click on
the buttons and say yeah go ahead and install this what am i installing what did i ask to have
installed did i even ask to have something installed a lot of times these websites will
just start downloading something and and people just click, yeah, okay, click, and they'll install malicious software
right off the bat. So be mindful of what you're installing. And of course, always consider the
source of where you're downloading things from. I mean, you know, something, downloading something
from Adobe is different than the latest thing you found on a BitTorrent site. Correct, absolutely.
And attackers can even make it look like you're downloading something from Adobe.
The best bet is to check your browser.
Make sure that when you look in the address bar
that you see that you're actually connected
to Adobe.com, for example,
and that the security settings are valid
and they match up.
You can check that with a little lock.
Depending on your browser,
you can mouse over that lock
and you can actually get the certificate information from the site that you're visiting. All right,
good advice. Joe Kerrigan, thanks for joining us. My pleasure.
And now a message from Black Cloak. Did you know the easiest way for cyber criminals to bypass your company's defenses
is by targeting your executives
and their families at home?
Black Cloak's award-winning
digital executive protection platform
secures their personal devices,
home networks, and connected lives.
Because when executives
are compromised at home,
your company is at risk.
In fact, over one-third of new members discover they've already been breached. Protect your executives are compromised at home, your company is at risk. In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
And that's The Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening. Thank you. that deliver measurable impact. Secure AI agents connect, prepare,
and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps
tailored to your role.
Data is hard.
Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.