Wednesday, May 17, 2017
Is subtle better?
Botnet Spread via NSA Hacking Tools for Weeks
The ransomware attack that stormed the world over the past several days wasn’t the first to leverage the leaked EternalBlue/DoublePulsar NSA hacking tools for distribution, Proofpoint researchers have discovered.
… Symptoms of infection, however, aren’t as visible as with WannaCry: loss of access to shared Windows resources and degradation of PC and server performance. What’s more, the malicious code also shuts down SMB networking to prevent infections with other malware.
According to ProofPoint security researcher Kafeine, this attack might have been much larger than the ransomware outbreak. Furthermore, Kafeine suggests that, because Adylkuzz specifically patched the vulnerability targeted by WannaCry, it might have limited the latter’s infection.
What is certain, however, is that “the Adylkuzz campaign significantly predates the WannaCry attack, beginning at least on May 2 and possibly as early as April 24.” Kafeine also notes that the infection is ongoing and is potentially quite disruptive, although not as flashy as the ransomware rampage.
… “For organizations running legacy versions of Windows or who have not implemented the SMB patch that Microsoft released last month, PCs and servers will remain vulnerable to this type of attack. Whether they involve ransomware, cryptocurrency miners, or any other type of malware, these attacks are potentially quite disruptive and costly. Two major campaigns have now employed the attack tools and vulnerability; we expect others will follow and recommend that organizations and individuals patch their machines as soon as possible,” Kafeine says.
What a cheerful thought.
Cyberwar Is Officially Crossing Over Into the Real World
Online warfare already affects wreaks havoc on the physical world, and it's only going to get worse.
The devastating effects of a massive cyberattack are no more confined to a computer network than any other action carried out online. People use the computers and the internet all the time to make things happen in the physical world.
A cyberattack isn’t just a cyberattack. It’s an attack.
Hospitals, pharmacies, and major corporations like FedEx and the Spanish telecommunications giant Telefonica were among the 200,000 victims hobbled by a global ransomware attack on Friday, which locked people’s computers and demanded Bitcoin payment in exchange for access. In the United Kingdom, some hospitals canceled procedures and other appointments as a result.
… Among the many questions prompted by the fallout of the attack is an increasingly urgent one: At what point will a cyberattack prompt a more traditional form of retaliation? More importantly: When should it?
Might be useful.
Webinar: Combining Pen Testing & Incident Detection
… Join SecurityWeek and Rapid7's Eric Sun for actionable takeaways from penetration testing engagements, and see how customers are combining detection technologies to find intruders earlier in the attack chain.
Join this live webcast on Thursday, May 18th at 1PM ET
My Computer Security students will need to catch up!
Cyber Kid Stuns Experts Showing Toys Can be 'Weapons'
An 11-year-old "cyber ninja" stunned an audience of security experts Tuesday by hacking into their bluetooth devices to manipulate a teddy bear and show how interconnected smart toys "can be weaponized".
American wunderkind Reuben Paul, may be still only in 6th grade at his school in Austin, Texas, but he and his teddy bear Bob wowed hundreds at a timely cyber security conference in The Netherlands.
… "From terminators to teddy bears, anything or any toy can be weaponised."
To demonstrate, he deployed his cuddly bear, which connects to the icloud via wifi and bluetooth smart technology to receive and transmit messages.
Plugging into his laptop a rogue device known as a "raspberry pi" -- a small credit card size computer -- Reuben scanned the hall for available bluetooth devices, and to everyone's amazement including his own suddenly downloaded dozens of numbers including some of top officials.
Then using a computer language programme, called Python, he hacked into his bear via one of the numbers to turn on one of its lights and record a message from the audience.
Is this the US equivalent of “By appointment to the Queen?” And it’s free and open source!
In encryption push, Senate staff can now use Signal for secure messaging
Without any fanfare, the Senate Sergeant at Arms recently told Senate staffers that Signal, widely considered by security researchers and experts to be the most secure encrypted messaging app, has been approved for use.
The news was revealed in a letter Tuesday by Sen. Ron Wyden (D-OR), a staunch privacy and encryption advocate, who recognized the effort to allow the encrypted messaging app as one of many "important defensive cybersecurity" measures introduced in the chamber.
For my Computer Security students.
As the scale and complexity of the cyber threat landscape is revealed, so too is the general lack of cybersecurity readiness in organizations, even those that spend hundreds of millions of dollars on state-of-the-art technology. Investors who have flooded the cybersecurity market in search for the next software “unicorn” have yet to realize that when it comes to a risk as complex as this one, there is no panacea — certainly not one that depends on technology alone.
Spending millions on security technology can certainly make an executive feel safe. But the major sources of cyber threats aren’t technological. They’re found in the human brain, in the form of curiosity, ignorance, apathy, and hubris. These human forms of malware can be present in any organization and are every bit as dangerous as threats delivered through malicious code.
With any cyber threat, the first and last line of defense is prepared leaders and employees, whether they are inside an organization or part of an interconnected supply chain.
Now that’s an offer Congress will not be able to refuse.
Putin offers to provide Congress with details of Trump disclosures to Russian envoys
Russian President Vladimir Putin said Wednesday he would be willing to provide the U.S. Congress a record of President Trump’s meeting with top Russian envoys, possibly offering new details on the disclosures of reportedly highly classified intelligence information.
The remarkable offer for the Kremlin to share evidence with U.S. oversight committees came with the caveat that the request for the transcript would have to come from the Trump administration.
Another case of “I don’t get it.” They fine Facebook for what they did, but do not order or even ask them to stop doing it.
Facebook Gets Slap on the Wrist From 2 European Privacy Regulators
… As part of their separate announcements on Tuesday, the Dutch and French officials said that Facebook had not provided people in their countries with sufficient control over how their details are used. [How will user data be used 25 years from now? Bob] They said that the social network had collected digital information on Facebook users as well as nonusers on third-party websites without their knowledge.
The French regulator, the Commission Nationale de l’Informatique et des Libertés, or CNIL, said that it had fined Facebook 150,000 euros, or about $164,000, for failing to meet France’s data protection rules.
… Despite the financial penalty, the agency has not ordered Facebook to alter how it handles data on people in France who use the service.
(Related). Another real challenge for Facebook.
Facebook promised to tackle fake news. But the evidence shows it's not working
When Facebook’s new fact-checking system labeled a Newport Buzz article as possible “fake news”, warning users against sharing it, something unexpected happened. Traffic to the story skyrocketed, according to Christian Winthrop, editor of the local Rhode Island website.
“A bunch of conservative groups grabbed this and said, ‘Hey, they are trying to silence this blog – share, share share,’” said Winthrop, who published the story that falsely claimed hundreds of thousands of Irish people were brought to the US as slaves. “With Facebook trying to throttle it and say, ‘Don’t share it,’ it actually had the opposite effect.”
… Articles formally debunked by Facebook’s fact-checking partners – including the Associated Press, Snopes, ABC News and PolitiFact – frequently remain on the site without the “disputed” tag warning users about the content. And when fake news stories do get branded as potentially false, the label often comes after the story has already gone viral and the damage has been done. Even in those cases, it’s unclear to what extent the flag actually limits the spread of propaganda.
Think of the potential for “lock-in!” Today, everyone has a smartphone. Tomorrow everyone might have an Amazon Echo, if Jeff Bezos can make it portable!
Amazon’s Echo continues to grow. Its latest upgrade is the ability to make voice calls and send messages to other Echo devices in the U.S. You could already use IFTTT to send canned text messages through your Echo, but this update expands that.
… To call someone, make sure you have a contact for them in your phone that contains the same phone number they have on their Amazon account.
To place a call, just say Alexa, call Mark. Your Echo will light up with a green ring during an incoming call, and your phone will chime too. Say Alexa, answer the call to pick it up. If you don’t want to make a live call, say Alexa, message Mom and tell your Echo what you’d like to send. The recipient will hear a chime and see a green ring, and can say Alexa, play my messages to hear them later.
Simpler? Fixed start, dump and end points. Fixed route with trach cans that have sensors for easy location. Compare that to the random walk of personal automobiles. Might work for some mail delivery routes too.
Volvo’s testing an autonomous garbage collection truck
The Swedish car maker has partnered with local waste and garbage specialists Renova for a project that’s setting out to explore “how automation can contribute to enhanced traffic safety, improved working conditions, and lower environmental impact,” according to a statement issued by Volvo.
Dilbert’s take on the United Airlines debacle?