CyberWire Daily - The CyberWire 1.22.16
Episode Date: January 22, 2016Learn more about your ad choices. Visit megaphone.fm/adchoices...
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. stay home with her young son. But her maternal instincts take a wild and surreal turn as she
discovers the best yet fiercest part of herself. Based on the acclaimed novel, Night Bitch is a
thought-provoking and wickedly humorous film from Searchlight Pictures. Stream Night Bitch January
24 only on Disney+.
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try DeleteMe.
I have to say, DeleteMe is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners, today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k
at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
An aircraft component supplier in Austria is victimized by cyber fraud.
NATO looks to its ISIS counter-messaging and acknowledges it's got some work to do.
A trusted partner betrays its trust. NSA stakes out a pro-encryption position,
and AT&T declares neutrality in the crypto wars. We get an object lesson in how not to patch a
backdoor. A hint, Batman's not inherently more secure than Black Widow. And finally,
what in the world's going on with Find My iPhone apps in Atlanta?
I'm Dave Bittner in Baltimore with your CyberWire summary for Friday, January 22, 2016.
Most cyberattacks on aerospace targets have aimed at intellectual property theft. Not so in one disclosed this week.
This time, it's direct theft of money.
Austria's FACCAG, an aircraft parts manufacturer that supplies both Boeing and Airbus,
reports losing $54 million to cybercriminals.
FACC says its accounting department was apparently targeted,
that its system security wasn't compromised,
and that the loss involved an outflow of liquid funds. Observers read this as signaling the likelihood that the company was the
victim of a socially engineered fraudulent wire transfer. A criminal investigation is in progress.
The most recent wave of cyber attacks against Ukrainian power distribution system seems
unconnected with December's rolling blackouts. The current attempts aren't accompanied by black
energy malware, and observers are less quick to point to the Russian government as the likely
culprit. But the Russian government remains the prime suspect in both the December hacks
and this past week's incident at Kiev's Baryspil International Airport.
Tech support scams are depressingly familiar, but they're usually not executed by authorized
resellers of the companies whose tech support is being spoofed. That, however, appears to have happened this week, as Malwarebytes
uncovered the actors behind a Symantec-themed scam. Investigation of a scam alert identified
Silurian Tech Support, an authorized Symantec partner, as the outfit pushing its services
through bogus scare messages and interactions that even included the notorious,
let our technician take control of your machine, come on.
Malwarebytes promptly reported their findings to a horrified Symantec,
which swiftly moved to end its relationship with Silurian.
As reported by CRN, Symantec has said,
quote, while we can't say conclusively who was behind this particular scam,
we can confirm that this particular site has been taken down
and that we are also in the process of terminating our partner agreement with Celerian.
After identifying any abuse of the Norton or Symantec brand, we pursue our rights and defend our intellectual property,
and where necessary, we'll work with law enforcement."
U.S. voter databases are still circulating on the dark web.
The data they include strongly suggests they were stolen from campaign consulting firms.
On the policy and legislative fronts, it seems likely that the U.S.-EU safe harbor arrangements
will expire before a new agreement can be worked out.
Companies doing transatlantic business are looking closely at how expiration will affect compliance and risk management.
will affect compliance and risk management.
NATO leaders, notably U.S. Defense Secretary Carter,
say they're working harder at counter-ISIS information operations,
but also acknowledge that they're playing catch-up in the war for the hearts and minds of the disaffected.
And the crypto wars continue.
U.S. NSA Director Rogers says encryption is here to stay,
and appears to stake out a position in contrast to that of crypto-skeptical FBI Director Comey. Director Comey, of course, has been advocating a search for a technical fix
that would enable decryption on demand, or some equivalent aid to criminal and security
investigation. From the industry side, AT&T declines to join Apple and others in opposing
any government attempt to limit or weaken encryption. It's not industry's call, says AT&T CEO Stevenson.
In Crime and Punishment, Igor Dubovoy pled guilty to conspiracy to commit wire fraud in a U.S. federal court.
Dubovoy was implicated in an insider stock trading scheme
that depended on hacking corporate networks to obtain early copies of press releases.
Prosecutors say the illicit trades netted some $100 million.
of press releases. Prosecutors say the illicit trades netted some $100 million.
For reasons no one can explain, an Atlantic couple is having to deal with irate people showing up at their doorstep to demand their lost iPhones back. Find My iPhone apps are steering
people to an utterly innocent address. Sometimes the phone owners bring the cops with them. The
couple says that a polite explanation usually works, but not always.
Anyone have any ideas? In industry news, analysts look at FireEye's prospects and wonder how it will
weather challenges from rival Palo Alto, especially given Palo Alto's recent collaboration with
Proofpoint. And finally, the story of a backdoor in AMX Harman's NX-1200, a programmable device
used to control audiovisual and building systems,
offers an instructive cautionary tale concerning patches.
SEC Consult found the backdoor, which includes packet-sniffing functionality, last March.
They disclosed it to AMX Harman, which pushed out a fix.
That fix, however, seems to have amounted to nothing more than changing the backdoor's password,
and going from Black Widow to I Am Batman really didn't represent a security upgrade.
After all, few would regard DC as inherently more secure than Marvel,
or are we missing something?
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. Thank you. ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default deny approach can keep your company safe and compliant.
Joining me is John Petrick, editor of the Cyber Wire. John, what is going on in the market?
We're seeing generally long-term a lot of investor interest in the cybersecurity
sector. We've seen in the last couple of weeks some corrections downward. And that, of course,
is to be expected when you've got a dynamic sector like cybersecurity, when you've got one
that's highly speculative and one that's populated with a lot of story stocks. Yeah, let's clarify
that for our listeners. What exactly is a story stock? A story stock. A story stock is a stock whose value reflects future potential as opposed to assets and income.
So you invest in a story stock fundamentally because you buy the story.
You like the story it tells about the prospects of big future returns on investment.
Now, that doesn't mean that investors in story stocks are suckers, that they're often very savvy investors and they look for a good story.
And if the story is compelling enough, it may well bear itself out in the future.
Right now in our sector, FireEye is a good example of a story stock.
So you're betting on the notion that the story is going to have a happy ending.
That's right.
How about unicorns?
A unicorn is a startup that's valued at $1 billion or more.
And this is mostly a U.S. term.
For example, there's a tradition in Canada of calling stocks like that narwhals.
But a unicorn is spread throughout the investing world, too.
So if you have a startup that's valued at more than a billion, you've got a unicorn.
And why unicorn?
Think about unicorns. They're rare. They're desirable. They're benign. They're nice. Everybody likes
unicorns. A little bit magical, perhaps? A little bit magical. And right now, we've got unicorns in
our sector and Tanium. And as the story's out today, Forescout has attracted enough venture
interest that it's joined the ranks of
the unicorn. So what are analysts forecasting for 2016? Again, they're looking at generally
an optimistic outlook for cybersecurity stocks, and they're also looking for more mergers and
acquisitions. All right, John Petrick, thanks for joining us. And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
And that's the Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening.
Your business needs AI solutions that are not only ambitious, but also practical and adaptable.
That's where Domo's AI and data products platform comes in.
With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role. Thank you.