CyberWire Daily - The CyberWire 1.14.16
Episode Date: January 14, 2016Learn more about your ad choices. Visit megaphone.fm/adchoices...
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. stay home with her young son. But her maternal instincts take a wild and surreal turn as she
discovers the best yet fiercest part of herself. Based on the acclaimed novel, Night Bitch is a
thought-provoking and wickedly humorous film from Searchlight Pictures. Stream Night Bitch January
24 only on Disney+.
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try DeleteMe.
I have to say, DeleteMe is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners, today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k
at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code N2K at checkout. That's joindelete.me.com slash N2K, code N2K. by black energy malware looks like a bellwether. Cisco issues three patches. Anonymous hacks Nissan.
The hacktivists are still on the anti-whaling case.
On the anti-ISIS case, not so much.
Congressional hearings make some revision
to U.S. Vossener implementation look likely.
The feds are investigating the crackers with attitude
for hacking the director of national intelligence,
and the crackers might do well to stay out of Pittsburgh.
The G-men there are tough.
Trust us. We know.
I'm Dave Bittner in Baltimore with your CyberWire summary for Thursday, January 14, 2016.
More consensus emerges on the coordinated cyberattack on electrical utilities in western Ukraine.
Sands thinks, and others concur,
that the attack was not directly accomplished by Black Energy malware,
still less through Black Energy's Killdisk module,
but that Black Energy accompanied the operation.
An ISC security expert, Joe Weiss, told the Cyber Wire,
quote,
We're still in the process of trying to understand
what truly led to the breakers being opened,
which is what caused the actual electrical outage. We'll have a full interview with Mr. Weiss in
tomorrow's Week in Review. U.S. officials commenting on the incident offer a tight-jawed
warning to expect more attacks like this one on industrial control systems. Other predictors
continue to foretell more effective cyber warfare out of ISIS, but so far the terrorist group has
shown itself more capable of information operations than of cyber operations narrowly conceived. One disturbing and undoubted
capability they're seeking, however, is the ability to use the internet as an aid to finding
and murdering journalists and others within ISIS-controlled areas who don't tow the caliphate's
line. Anonymous continues to be more active on the pro-citation front than the anti-ISIS
one. This time, the hacktivist collective disrupts Nissan website in order to protest Japanese
whaling. Nissan is baffled by the connection, since it really feels it has little to do with whales,
but even an apparently tangential connection of being based in Japan is enough for protest
purposes. Iran makes a minor foray into online propaganda, posting video of
detained U.S. Navy personnel apparently apologizing for what Iran alleges is a violation of its
territorial waters. The Krakas with attitude caper to redirect phone calls to U.S. DNI Clapper's home
over to a pro-Palestinian site is now the subject of an investigation. The Krakas seem to have exploited a bug in the Clapper family's service provider, Verizon
Fios Broadband.
Bitdefender explains the cross-site scripting vulnerability that may have exposed eBay users
to phishing scams.
Ransomware continues to make its usual rounds.
Angular and Neutrino exploit kits are being used to distribute crypto wall, and the RIG
exploit kit is serving up Radamant malware.
Brian Krebs reports on ransomware's growing effect on users of cloud services.
Cyber libertarians, as Wired calls them,
once saw Silk Road as the dawn of a new free market,
untrammeled by government or cartel finagling.
That false dawn has faded with Silk Road's eclipse.
The dark web's markets
have become as seedy and sleazy as the physical black markets they've supplemented. See, for
example, the Hell Hacking Forum as an example of such sleaze. Its denizens go after a breathalyzer
vendor. Still, remember, those black markets do behave like markets. Cisco releases three sets of patches, wireless LAN controller software,
identity services engine software, and Aeronet 1800 series access points. OpenSSH 7.1p2 is also
out, with a fix for a flaw that could leak private keys. Bromium's Endpoint Exploit Trends report for
2015 is out. Among the more interesting trends are the increasing
sophistication and popularity of exploit kits, the growing market savvy of ransomware purveyors,
and the enduringly high return on investment malvertising delivers.
The Internet of Things is going to be expensive to secure, analysts think. Some quote a dollar
a device as a rule of thumb, and machine-to-machine traffic seems to some poised to take up a big share of roaming connections.
The Council on Foreign Relations offers a rundown of the global trend
toward a growing government appetite for Internet controller restriction.
In the U.K., surveillance policy aspirations seem to be shifting from mandated backdoors
toward some sort of decrypt-on-demand regime.
In the U.S., this week's congressional
hearings on the Vassanar agreement appear to augur changes in the cyber export control
agreement's implementation. Industry wants changes, the Department of Homeland Security
is moderately sympathetic to industry, and even the State Department betrays some buyers' remorse.
Damballa offers some insight into how it helped Norwegian police take down the author of Megalodon HTTP crimeware.
FBI Director Comey tells cybercriminals to steer clear of the cyber G-men in the Pittsburgh office.
Falun Gong supporters challenge Cisco's alleged role
in collaborating with Chinese suppression of the group.
In industry news, rumor and speculation about mergers and acquisitions
continue to affect cybersecurity companies' share prices, sometimes regardless of whether the affected companies are themselves the subject of such rumors.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection
across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows
like policies, access reviews, and reporting,
and helps you get security questionnaires done
five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. Thank you. solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions
designed to give you total control, stopping unauthorized applications, securing sensitive
data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see
how a default deny approach can keep your company safe and compliant.
Joining me is John Petrick, editor of the Cyber Wire.
John, we have good days, we have bad days, but in cybersecurity, we have zero days.
What is a zero day?
It's a kind of bad day.
A zero day is, in epidemiology, people refer to patients zero.
The first person is identified as the victim of a particular disease.
So a zero day or zero day is the day at which a new novel attack comes up.
So you can have a zero day attack, which involves the first exploitation of some previously unrecognized vulnerability,
and people will often use zero days to refer to the vulnerability itself.
You discover a new vulnerability, people will talk about that as a zero day sometimes.
There's also zero-day malware, and zero-day malware is a previously unknown piece of malware for which no detection signature is yet available. So does zero-day refer at all to how relatively dangerous a particular exploit is?
If something is labeled as a zero-day, does that mean this needs your immediate attention?
It often does because it's novel, but it's the novelty rather than the severity that makes it a zero-day.
All right, John Pet Patrick, thanks very much.
And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
And that's The Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening.
Thank you.