CyberWire Daily - Daily: Panama Papers updates, info ops, pro- & anti-ISIS, market jitters.
Episode Date: May 9, 2016In today's podcast we follow the progress of anti-banking DDoS hacktivism Operation Icarus. The Panama Papers are released in the form of a searchable database. Some apparently big compromises look a ...bit recycled. Victims' willingness to pay keeps the ransomware black market primed. Investor disappointment depresses security company valuations. We talk with the University of Maryland's Ben Yelin about how law lags technological advance, and GCHQ says don't be too quick to change passwords. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Operation Icarus spreads to banks outside the Greek-speaking world.
The Panama Papers are about to be released.
Last week's big email compromise appears to have been less than met the eye.
Willingness to pay keeps the ransomware criminal market strong.
Last week's results give investors in cybersecurity companies a case of cold feet.
And wait, GCHQ says don't be so fast to change your passwords.
I'm Dave Bittner in Baltimore with your CyberWire summary for Monday, May 9, 2016.
Anonymous persists with its colleagues in Ghost Squad with Operation Icarus,
the campaign to punish the world financial system for what the hacktivists describe as
crimes against humanity, began in Greece, then hit Cyprus, and now has moved up the Adriatic to Bosnia,
out to the English Channel, to
a Central American beachhead in Panama, and into Africa by way of Kenya.
The hacktivist's principal tool continues to be denial of service.
The International Consortium of Investigative Journalists, the ICIJ, which has been accumulating
and leaking the Panama Papers to the SEDOIC and other outlets outlets has made a searchable database of those papers available online this afternoon.
Personal information thought potentially valuable to criminals
or unduly injurious to individuals' privacy
will be redacted or otherwise rendered inaccessible, the ICIJ says.
The Panama Papers were obtained by someone using the pseudonym John Doe,
whose manifesto
appears on the ICIJ site. John Doe's identity is unknown, at least to the wider world, and is being
protected in the interest of John Doe's safety. His manifesto includes a call for transparency
wrapped in familiar progressive tropes about capitalism's shortcomings. Transparency has
indeed found some resonance among policy elites.
300 of what the Telegraph calls the world's most senior economists, hailing from some 30 countries,
have signed a letter to world leaders decrying tax havens as serving no economic purpose.
The full database was revealed at 2 p.m. EDT today. We expect a massive denial of service condition to begin around 1.45, and so it apparently has. We hope the ICIJ has signed up for a lot of surge bandwidth.
We'll follow up tomorrow. The industry press has settled down over last week's splashy announcement
of 270 million plus email credentials up for sale on the black market. What Hold Security said from
the outset has sunk in. This wasn't one big
data breach, but a collection of a number of old leaks pulled together by a Russian malchik who
wanted a buck and a little social media love. So no need to hop to it and change all your passwords
ASAP, but one good reminder does emerge from the sound and fury. If you reuse the same password
everywhere, it would probably be a good idea to stop.
Although pushed out of the headlines a bit by DDoS and doxing, ransomware and other forms of online extortion continue to threaten Internet users.
A Kaspersky study points out the agility of ransomware, with 2,896 new variants observed during the first quarter of 2016.
This represents a rise of about 14% over the previous quarter.
Willingness to pay appears to have made a powerful contribution
to the rise of this criminal market.
The cyber war against ISIS has been noteworthy recently
for the openness with which the U.S. has discussed its operations and objectives.
But it turned coy late Friday as Colonel Steve Warren,
spokesman for the Operation Inherent Resolve,
the overarching name for U.S. action against ISIS, took to Reddit with an Ask Me Anything session.
He was asked about cyber operations, and the answer he gave was a riff on the old Fight Club movie.
The first rule of cyber operations? We never talk about cyber operations.
The second rule of cyber operations? Never talk about cyber operations. The second rule of cyber operations? Never talk about cyber operations.
In an apparent move to distance itself from suspicion of collaboration with security agencies,
Twitter has told Dataminer, the social media analytics startup in which Twitter holds a 5%
stake, to stop making its near-real-time social media data available to the U.S.
intelligence community. This arm's-length relationship is
likely to continue at least until the relevant law is more settled. We spoke with the University
of Maryland's Ben Yellen about how law tends to lag technology. We'll hear from him after the break.
Last week's results reported from the security sector disappointed investors,
and sector bellwethers FireEye, Imperva, and CyberArk share prices took a corresponding hit.
Sector Bellwether's FireEye, Imperva, and CyberArk share prices took a corresponding hit.
Analysts wait to see whether this represents a temporary setback, a correction, or a secular trend.
Finally, if you were among the many who changed your password in haste last week because of the Malchik sale of 270 million miscellaneous email credentials and stuff,
maybe you did so prematurely.
Over in the UK, GCHQ's Communications Electronic Security Group
pointed out that changing passwords can have a downside. Quote, it's one of those counterintuitive
security scenarios. The more often users are forced to change passwords, the greater the
overall vulnerability to attack, the agency said. Quote, most password policies insist that we have
to keep changing them, and when forced to change one, the chances are that the new password will be similar to the old one.
Attackers can exploit this.
New passwords are also more likely to be forgotten, and this carries the productivity cost of users being locked out.
CESG now recommends that organizations do not force regular password expiry.
End quote.
So there you have it.
And Russia Today republished CESG's
advice with approval. But wait a minute. A British intelligence service and a PR arm of the Russian
government agree on password advice? As one of our friends in a tinfoil hat tells us, of course they do.
In a darkly comedic look at motherhood and society's expectations,
Academy Award-nominated Amy Adams stars as a passionate artist who puts her career on hold to stay home with her young son.
But her maternal instincts take a wild and surreal turn
as she discovers the best yet fiercest part of herself.
Based on the acclaimed novel, Night Bitch is a thought-provoking
and wickedly humorous film
from Searchlight Pictures.
Stream Night Bitch January 24
only on Disney+.
Do you know the status
of your compliance controls right now?
Like, right now.
We know that real-time visibility
is critical for
security but when it comes to our GRC programs we rely on point-in-time checks
but get this more than 8,000 companies like Atlassian and Quora have continuous
visibility into their controls with Vanta here's the gist Vanta brings
automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
Cyber threats are evolving every second, and staying ahead is more than just a challenge. Thank you. designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see
how a default-deny approach can keep your company safe and compliant.
Benjamin Yellen is a senior law and policy analyst at the University of Maryland Center for Health and Homeland Security,
one of our academic and research partners.
Ben, when it comes to our privacy and our digital devices,
I think it's interesting to note that our mobile devices have a different status than other things we might be carrying on our person.
Yeah, it does.
So there was this landmark Supreme Court case a
couple of years ago, Riley v. California, in which the police, incident to arrest, tried to search
the digital contents of Mr. Riley's cell phone. And the Supreme Court held that you cannot have a
warrantless search and seizure of the digital contents of a cell phone during an arrest. So
this is different than, say, a knife that you have on your body that can be used in
evidence because it was part of a search incident to arrest.
I think this goes to the broader point that the Supreme Court is struggling with how to
adapt to new technology.
I think they have recognized in this case and in other cases that because of how much
information is on our cell phone, how much personal information is on our cell phone, there is a reason to have enhanced privacy protections under the Constitution.
It's not just a physical device that's in our pocket.
It's a device that has private and revealing information about us.
revealing information about us. So unless there was some sort of razor blade attached to the cell phone, it's not something that can be seized as something that was searched incident to an
arrest. What can the government compel me to do? Can they make me reveal my password? Can they make
me reveal where a particular file is located on my PC? Sure. So they can compel you to do that,
but they do have to get a warrant, which means that they need some sort of probable cause that you're committing a crime.
That is different than seizures or searches or seizures of physical items that can be taken from you even if you're stopped, say, for having a defective brake light or for speeding in traffic. So it is a heightened standard. If you are committing a crime
and the government does have probable cause that you're committing a crime, they probably will be
able to compel you to unlock your phone, to reveal information on your phone, but it is a heightened
standard. Ben Yellen, thanks for joining us. And if you have any questions for Ben or any of our
academic and research partners, you can send them in to questions at thecyberwire.com.
And now, a message from Black Cloak. Did you know the easiest way for cybercriminals to bypass your
company's defenses is by targeting your executives and their families at home. Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
And that's The Cyber Wire.
We are proudly produced in Maryland
by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening.
Your business needs AI solutions that are not only ambitious, but also practical and adaptable.
That's where Domo's AI
and data products platform comes in. With Domo, you can channel AI and data into innovative uses
that deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.