CyberWire Daily - ISIS claims responsibility for bombing in Russia. Iranian unrest involves Telegram, Instagram. Proposed FERC reporting standards. YouTube gone bad, and an arrest in a horrific swatting prank.
Episode Date: January 2, 2018In today's podcast we hear that ISIS has claimed responsibility for the December 27th St. Petersburg shopping center bombing. UK authorities seek to think ahead about cyber terror. US standards bodie...s propose more stringent mandatory reporting of cyber incidents at electrical utilities. Unrest in Iran prompts a government crackdown on the Internet. We meet our newest academic & research partner, Dr. Yossi Oren from Ben Gurion University. A YouTube celebrity learns something of the limits of the funny, and a Los Angeles man is arrested in a horrifying SWATTING attack that killed an utterly uninvolved bystander. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
ISIS claims responsibility for the St. Petersburg shopping center bombing.
UK authorities seek to think ahead about cyber terror.
U.S US standards bodies
propose more stringent mandatory reporting of cyber incidents at electrical utilities,
unrest in Iran prompts a government crackdown on the internet, a YouTube celebrity learned
something of the limits of the funny, and a Los Angeles man is arrested in a horrifying
swatting attack that killed an utterly uninvolved bystander.
I'm Dave Bittner with your CyberWire summary for Tuesday, January 2, 2018.
Happy New Year, everyone.
ISIS, now effectively without a territory to call a caliphate, returns to its roots and claims responsibility online for the December
27th St. Petersburg supermarket bombing that wounded 14.
Russian President Putin has promised a quick and ruthless response to future acts of terror.
ISIS claimed responsibility on December 29th.
Although ISIS has continued to show little ability to commit cyberattacks, a shortfall
that contrasts sharply with its record of success at online inspiration.
Policymakers in the UK mull approaches to defending against ISIS cyber attacks.
The model from which they're starting is the British response to IRA terror in the late 20th century.
The IRA used bombs.
The possibilities authorities in the UK are now considering involve cyberattacks.
The one being discussed for purposes of illustration involved the remote rerouting of commuter trains
onto tracks where they would crash in lethal collisions.
In the US, the Federal Energy Regulatory Commission has proposed modifying reporting requirements
that would make it mandatory for electrical utilities to report any attempted intrusion into a utility's networks, not just those that result in a
compromise of critical operations.
The proposed rule would require the North American Electric Reliability Corporation
to submit modifications to its critical infrastructure protection reliability standards.
Comments on the new draft rule will be accepted until February 26.
Current growing unrest in Iran seems driven significantly by Instagram
and especially the secure messaging app Telegram.
The troubles began last Thursday with street protests and some rioting.
Authorities in the Islamic Republic are cracking down on internet use generally and
on telegram channels in particular. The country's Information and Communications Technology Minister,
Mohammad Javad Azari Jaromi, preceded the shutdown with a direct tweet at Telegram's founder,
Pavel Durov. His tweet read, quote, A Telegram channel is encouraging hateful conduct,
use of Molotov cocktails, armed uprising and social unrest.
Now is the time to stop such encouragements via Telegram.
The channel in question is run by exiled dissident journalist Ruha Lazzam, who denies fomenting violence,
but who has published images of disturbances and planned times for demonstrations.
but who has published images of disturbances and planned times for demonstrations.
But the nation's leadership is showing signs of hesitancy,
with President Hassan Rouhani acknowledging that some allegations of corruption may have at least a partial point,
even as he promises to punish those damaging property and defaming the Islamic Republic.
The head of Iran's passive defense organization,
Brigadier General Golem Rezda Jalili, on December 31st spoke about the country's cyber defenses as being its guarantor of security and independence against U.S. aggression, but Iran's capabilities seem likelier to be used domestically, at least in the near term.
term. Those who recall the Green protests after the disputed 2009 elections will remember the role Twitter played in sustaining dissent, a false dawn of hope for both Iranian reform
and positive grassroots social media interactions.
Reports suggest that some 13 people have been killed in the disturbances so far.
We close this first podcast of the new year, unfortunately, with two stories that turn
on the familiar disinhibition that appears to seize people when they go online. Both stories
are sad and tragic. One is also horrifying. The first story involves YouTube celebrity Logan Paul.
Paul has some 15 million followers and produces content posted on YouTube's paid
Red service. In the video that's attracted much adverse attention, Paul and some collaborators
went to Japan's notorious Okigahara suicide forest, a place where many have gone to take
their life in a search for a suicide. The video, entitled, We Found a Dead Body in the Japanese Suicide Forest,
was up for less than 24 hours before it was removed.
The thumbnail image showed Logan Paul standing in front of a hanged man, his body blurred out.
According to accounts in TechCrunch and elsewhere, as Paul stood beside the body, face still blurred,
one of his collaborators expressed discomfort at the discovery of a suicide victim.
Paul asked with a laugh, You never stand next to a dead guy? The video produced, predictably,
an overwhelmingly negative reaction, although it seemed to take Mr. Paul by surprise.
Paul retrospectively pleaded a misguided attempt to raise awareness of suicide in the hopes of
dissuading others from taking their life, but few commentators
seem to be buying that apology. He also said, truly enough, that he's human and makes mistakes,
but pleaded over work in mitigation. Quote, I've made a 15-minute TV show every single day for the
past 460-plus days. End quote. Few seem disposed to accept that either. A sad case, perhaps, of the morally coarsening effects of living too much of a life online.
The other tragic case is far more shocking and horrifying.
The night of December 28th, a 28-year-old man, Andrew Finch, was shot and killed by a police SWAT team in Wichita, Kansas.
and killed by a police SWAT team in Wichita, Kansas.
The Wichita man was killed by police in a SWATing that arose from an unusually pointless dispute among Call of Duty players,
pointless even by the feckless standards of online gaming.
He was not only innocent, but completely uninvolved.
The alleged SWATer has been arrested in Los Angeles.
He's 25-year-old Tyler Barris.
The local ABC affiliate KABC notes parenthetically
that someone of the same name was arrested in Glendale for making a bomb threat against the
station in 2015. Here's what's thought to have happened. Two people playing the online game
Call of Duty got into a dispute over a buck-fifty bet. One of them is said to have contacted Mr. Barris
and asked him to SWAT the other.
SWATing, for those unfamiliar with the term,
is the practice of spoofing a call to 911
in order to have a SWAT team sent to an address
to frighten the people who live there.
The gamer is said to have provided an address in Wichita.
The address had no connection with anyone involved in the dispute
or even the game.
Barris is alleged to have called Wichita authorities
and told an elaborate story with fabricated details of a dangerous hostage situation
that had already produced one murder.
Police responded, and Mr. Finch was shot when he opened his door
to see what the ruckus outside was all about.
Those interested in more of the sad details
can find a full account, which we recommend, at Krebs on Security. In the meantime, here's a
New Year's resolution for all. Remember that online play and chatter can have the saddest
kinetic consequences. Stay safe. faster with agents, winning with purpose, and showing the world what AI was meant to be.
Let's create the agent-first future together. Head to salesforce.com slash careers to learn more.
Do you know the status of your compliance controls right now? Like, right now? We know
that real-time visibility is critical for security, but when it
comes to our GRC programs, we rely on point-in-time checks. But get this, more than 8,000 companies
like Atlassian and Quora have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
And I'm pleased to be joined by Yossi Oren.
He's a senior lecturer at the Department of Software and Information Systems Engineering
at Ben-Gurion University.
He's also a member of BGU's Cybersecurity Research Center.
Welcome, Yossi.
I want to introduce you to our audience and just start with some general introductory
stuff.
Tell us a little bit about yourself, how you came to be there at BGU.
After I finished my PhD in Tel Aviv University,
I went to train at the Network Security Lab in Columbia University in New York.
And I was very, very happy that when Ben-Gurion University in Israel
were building up their cyber center, they invited me to join.
And I joined there two years ago.
It's a wonderful place to be. And I'm very, very pleased to talk about the things we're doing here.
We'll dig into some of the topics in future segments. But what are the types of research
that you, in particular, are interested in? Okay, so my training is not actually in computer
science, but rather in electrical engineering. And my kind of security research is what's called
implementation security. And this is kind of a research is what's called implementation security.
And this is kind of a cheating way of doing security. So you might have a system which
does encryption and has all sorts of protections and software. And if you're a really clever
cryptographer or mathematician, you might look at the math or the algorithms. You might look at
the source code and try to find some exploits or bugs. But what we do is we just
cheat. And that means that we take these devices, it could be a phone, it could be a sensor,
it could be a computer, and we put it in environments where it's not really supposed
to be. For example, we might heat it, we might submit it to some vibrations, we might put it
under some radiation. And when this happens, the device malfunctions.
And if we do it very gently, these malfunctions can tell us a lot about the device.
Sometimes you don't have to really put it in the microwave.
You can really just listen very carefully, actually with a microphone, to the clicks and buzzes the device is doing as it's processing all sorts of secrets.
And you can learn all sorts of stuff. And it's fascinating because the implementation, the algorithm,
could be completely perfect and secure and the best thing math can find,
but the way you implement it exposes you to all sorts of risks.
All right, well, we look forward to hearing from you.
Welcome to the Cyber Wire, Yossi Oren.
Cyber threats are evolving every second, Thank you. a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default deny approach can keep your company safe and compliant. And that's the Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
And for professionals and cybersecurity leaders who want to stay abreast of this rapidly evolving field, sign up for Cyber Wire Pro.
It'll save you time and keep you informed.
Listen for us on your Alexa smart
speaker, too. The CyberWire
podcast is proudly produced in Maryland
out of the startup studios of DataTribe,
where they're co-building the next generation of
cybersecurity teams and technologies.
Our amazing CyberWire team
is Elliot Peltzman, Puru Prakash,
Stefan Vaziri, Kelsey Vaughn,
Tim Nodar, Joe Kerrigan, Carol Terrio, Ben Yellen, Nick Valecki, Gina Johnson, Bennett Moe, Chris Thanks for listening.
We'll see you back here tomorrow. Thank you. Domo is easy. Learn more at ai.domo.com. That's ai.domo.com.