Wednesday, June 07, 2017
Hacking is (so far) an action short of war. Is there an agreed upon threshold that will never be crossed?
Russian Hackers Target Montenegro as Country Joins NATO
Hackers linked to Russia launched cyberattacks on the Montenegro government just months before the country joined the North Atlantic Treaty Organization (NATO) and experts believe these attacks will likely continue.
Despite strong opposition from Russia, Montenegro officially joined NATO on June 5. Russia has threatened to retaliate but it may have already taken action against Montenegro in cyberspace.
Attacks aimed at the Montenegro government spotted earlier this year by security firm FireEye leveraged malware and exploits associated with the Russia-linked threat group known as APT28, Fancy Bear, Pawn Storm, Strontium, Sofacy, Sednit and Tsar Team.
APT28 has been known to target Montenegro. In the latest attacks observed by researchers, the hackers used spear-phishing emails to deliver malicious documents pertaining to a NATO secretary meeting and a visit by a European army unit to Montenegro.
(Related). Could this have started a war? Does the President believe the FBI is wrong?
Russian Hackers 'Planted False Story' Behind Mideast Crisis
US intelligence officials believe Russian hackers planted a false news story that led Saudi Arabia and several allies to sever relations with Qatar, prompting a diplomatic crisis, CNN reported Tuesday.
FBI experts visited Qatar in late May to analyze an alleged cyber breach that saw the hackers place the fake story with Qatar's state news agency, the US broadcaster said.
Saudi Arabia then cited the false item as part of its reason for instituting a diplomatic and economic blockade against Qatar, the report said.
Qatar's government said the May 23 news report attributed false remarks to the emirate's ruler that appeared friendly to Iran and Israel, and questioned whether US President Donald Trump would last in office, according to CNN.
… Saudi Arabia, Egypt, the United Arab Emirates and Bahrain announced Monday they were severing diplomatic relations and closing air, sea and land links with Qatar.
They accused the tiny Gulf state of harboring extremist groups and suggested Qatari support for the agenda of Saudi Arabia's regional archrival Iran. Qatar has strenuously denied the allegations.
Although Qatar hosts the largest American military airbase in the Middle East, Trump threw his weight behind the Saudi-led effort to isolate the emirate in a surprise move on Tuesday.
He suggested Qatar was funding extremism.
This would not make the Board of Directors or bank officers or stockholders happy. I can only hole what they say is true.
Philippine Bank Chaos as Money Goes Missing From Accounts
A major Philippine bank shut down online transactions and cash machines on Wednesday after money went missing from accounts, triggering fears it had been hacked even as company officials said it was an internal computer error.
Customers of Bank of the Philippine Islands (BPI) were shocked on Wednesday morning to see unauthorized withdrawals and deposits from their accounts.
BPI said in a statement the problem was caused by an "internal data processing error" that had been identified.
But it had to close its automatic teller machines (ATMs) and told its eight million customers they could not do online transactions on Wednesday as the bank scrambled to fix the problem.
… The bank said the error had led to some transactions between April 27 and May 2 to be "double posted" from Tuesday.
Santamaria said she did not know how many of the 166-year-old bank's customers were affected by the glitch. [Perhaps they could count accounts that had been “double posted?” Bob]
For my Computer Security students.
Organizations Failing to Upgrade Systems, Enforce Patches
Duo Security provides multi-factor authentication to business. Part of its service includes behavioral aspects of the device, which means that Duo analyzes the state of the devices seeking access to its corporate customers' resources. This week the company published its latest analysis of business device security health: The 2017 Duo Trusted Access Report.
The report (PDF) presents an analysis of 4.6 million business endpoints, including 3.5 million mobile phones across multiple industry verticals and geographic regions. In particular, it analyzes the operating system and browser used on computers, and the enabled security features on mobile devices.
For my Computer Forensics students.
The Mysterious Printer Code That Could Have Led the FBI to Reality Winner
… Obviously, the NSA monitors and records who prints what documents. There’s an audit trail there, which one imagines an NSA contractor would know.
… If Winner wasn’t found the way the complaint claims, the mysterious dot code is one other way the FBI could have found her, as the research blog Errata Security spelled out in detail.
In fact, the document that The Intercept published contains these dots, and the code spells out a date—May 9—that matches the FBI affidavit’s account of Winner’s printing. It also notes a serial number, which the NSA could obviously match back up to a machine in their offices.
Interesting legal theory. Perhaps Tweets are the petards of social media?
Non profit Knight First Amendment Institute threatens to sue Trump over blocked Twitter critics
by Sabrina I. Pacifici on Jun 6, 2017
Poynter – “The Knight First Amendment Institute, a nonprofit advocacy group based at Columbia University, threatened to take legal action against President Trump if he does not unblock critics on Twitter. The demand, made in a letter to President Trump, was sent on behalf of Holly O’Reilly and Joseph M. Papp, two Twitter users who were blocked by the president’s account after criticizing him on the social media network. The letter argues that President Trump’s Twitter account constitutes a “designated public forum” and is subject to the protections of the First Amendment. According to precedent established by the Supreme Court, designated public forums are places “set aside by government for expressive activities” including “parks, sidewalks and areas that have been traditionally open to political speech and debate.” “This is a context in which the Constitution precludes the President from making up his own rules,” said Jameel Jaffer, the Knight Institute’s executive director, in a statement accompanying the demand…”
Russel Neiss created a clever bot to put the president’s statements in the form of presidential statements. It may look amusing, but it’s not a joke. The president is the president, and what he says in public is an official statement, not some private citizen’s late-night Tweets.
Kicking them while they are down?
U.S. Justice Department opposes Wells Fargo on whistle-blower suit
The U.S. Justice Department filed a friend-of-the-court brief on Tuesday in a lawsuit brought against Wells Fargo & Co by two former employees, who were fired after they reported misdemeanors they had noticed to their supervisors.
The DOJ's filing concluded that the appellate court, which had earlier dismissed the case, should revisit and modify its analysis.
… The filing follows a Supreme Court ruling in February that had also asked the appellate court to review the matter, the New York Times said in a report.
Still in search of a solution, but here are some tried and failed methods.
How Not To Fight Terrorism
… In the UK, as in the US, money has been poured into building a massive surveillance state. New laws continually expanded the power of the state to monitor British citizens (though the courts are pushing back). Yet in the two most recent attacks, collecting it all didn’t help. It probably hurt. Citizens tried to report suspicions they had about the perpetrators, but couldn’t get anyone’s attention. When everyone’s a potential target, it’s hard to find the needle in the haystack, and building bigger haystacks with artificial intelligence-driven needle detectors isn’t working. Following up on tips is everyday policing, but budget cuts to social programs include reductions in the number of police who can respond to their communities.
For my students who have not been paying attention.
… One study by marketing agency Mediakix found that, on average, Facebook users spend 35 minutes each day on the platform — adding up to almost five and a half years of your life.
… It’ll come as no surprise that over 90 percent of Facebook’s revenue comes from ads. And around 80 percent of that ad revenue comes specifically from mobile ads.
… In 2012, Facebook acquired Instagram for $1 billion. Facebook was essentially purchasing the 15 minutes per day that the average Instagram user spends on the app.
Perspective. “We can, therefore we must?”
Pew – The Internet of Things Connectivity Binge: What Are the Implications?
by Sabrina I. Pacifici on Jun 6, 2017
“Despite wide concern about cyberattacks, outages and privacy violations, most experts believe the Internet of Things will continue to expand successfully the next few years, tying machines to machines and linking people to valuable resources, services and opportunities.”
“The Internet of Things (IoT) is in full flower. The expanding collection of connected things goes mostly unnoticed by the public – sensors, actuators and other items completing tasks behind the scenes in day-to-day operations of businesses and government, most of them abetted by machine-to-machine “computiction” – that is, artificial-intelligence-enhanced communication. The most public items in the burgeoning IoT are cars, voice-activated assistants, appliances and other home systems, physician-prescribed or recommended health-monitoring devices, road sensors, public-safety and security devices, smart meters and personal fitness and health trackers for people and animals – dogs, cats, horses, cows and more. And then there are emerging IoT products that show how the urge to create connectivity extends to such prosaic items as toothbrushes, dental floss, hairbrushes, pillows, egg trays, wine bottle sleeves, baby monitors and changing tables, silverware, umbrellas, all manner of toys and sporting goods and remote-controlled pet food dispensers, to name a few…”