Blog

Blog

Twitter spy scandal a wake-up call for companies to clean up their data access acts

Articles, Blog, News
featured image

Two Twitter employees accessed user data on behalf of the Saudi government. Neither should have had access, and this is a sign of a bigger problem at all companies.

A tremor rippled across the information security community last week when the Justice Department announced criminal charges against two Twitter employees, Ahmad Abouammo and Ali Alzabarah, for acting as foreign agents under the direction and control of the Kingdom of Saudi Arabia. The complaint alleges that the two men used their ability to access user data to provide the Saudi rulers with private information on more than 6,000 Twitter users.

Abouammo, who was a media partnerships manager at Twitter, is a US citizen. Alzabarah, who was a site reliability engineer at the social media giant, is a Saudi citizen, while a third person who was an intermediary in the theft of some of the data and who did not work at Twitter, Ahmed Almutairi, is also a Saudi citizen.

Both former Twitter workers had access to a proprietary and confidential information for Twitter users, including the email addresses, birthdates, phone numbers and IP addresses. Alzabarah, who pulled data on four specific users at the request of the Saudis, also had access to users’ biographical information, logs that contained the users’ browser information, and a log of all of a particular user’s interactions at any given point in time, the complaint says.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

US Department of Justice push for encryption backdoors might run afoul of First Amendment

Articles, Blog, News
featured image

Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections.

On October 22, the former general counsel of the FBI Jim Baker published a lengthy and astonishing piece called “Rethinking Encryption.” In that article, the conservative-leaning current director of national security and cybersecurity at the R Street Institute advised the Justice Department and law enforcement to “embrace reality and deal with it” when it comes to encrypted communications.

Running counter to the now decades-long on-again and off-again pursuit by the Justice Department and law enforcement for a backdoor that would allow access to encrypted communications, Baker wrote that encryption “is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Cell phones don’t belong in SCIFs, says Republican congressman

Articles, Blog, News
featured image

Rep. Mike Rogers says his phone was infected by Russian malware three years ago. Also, why he believes we need fewer federal cybersecurity agencies and election laws.

An annual initiative launched 16 years ago by the Department of Homeland Security, National Cybersecurity Awareness Month (NCSAM) takes place every October. DHS’s main motivation in mounting a month of cybersecurity-related activities is to make consumers more aware of how to protect themselves online. This year’s awareness month theme is “Own IT. Secure IT. Protect IT.” with a focus on privacy, the internet of things (IoT) and e-commerce security.

DHS’s 2019 efforts include a consumer toolkit that features advice in 13 areas, from social media bots to home devices such as smart locks. The goal of the annual rite is to get organizations to promote DHS’s message about how to not click on phishing emails and the best methods to ensure secure passwords and other cybersecurity hygiene habits that ordinary users can deploy to make themselves safer. Last year, according to DHS, over 400 local events across the country focused on good cybersecurity habits.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

How enterprises can benefit from Cybersecurity Awareness Month

Articles, Blog, News
featured image

Organizations are working with the US Department of Homeland Security to enhance their own security awareness training and promote it in their communities.

An annual initiative launched 16 years ago by the Department of Homeland Security, National Cybersecurity Awareness Month (NCSAM) takes place every October. DHS’s main motivation in mounting a month of cybersecurity-related activities is to make consumers more aware of how to protect themselves online. This year’s awareness month theme is “Own IT. Secure IT. Protect IT.” with a focus on privacy, the internet of things (IoT) and e-commerce security.

DHS’s 2019 efforts include a consumer toolkit that features advice in 13 areas, from social media bots to home devices such as smart locks. The goal of the annual rite is to get organizations to promote DHS’s message about how to not click on phishing emails and the best methods to ensure secure passwords and other cybersecurity hygiene habits that ordinary users can deploy to make themselves safer. Last year, according to DHS, over 400 local events across the country focused on good cybersecurity habits.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Justice Department takes another run at encryption backdoors with ‘lawful access’

Articles, Blog, News
featured image

Law enforcement officials and experts on the distribution of child pornography gathered on Friday to make the emotional, if not technological, case that tech companies should open up their encryption schemes to police investigating crimes.

Following in the footsteps of former FBI Director James Comey and other top law enforcement officials, Attorney General William Barr is taking a swing at the growing prevalence of encryption across the digital landscape, with a particular renewed focus on the rising number of communications apps that are offering end-to-end encryption. On Thursday, the Justice Department published an open letter to Facebook CEO Mark Zuckerberg asking the social media giant not to proceed with its end-to-end encryption for its messaging services without providing law enforcement court-authorized access to the content of communications.

The letter, signed by the Attorney General, United Kingdom Home Secretary Priti Patel, Australia’s Minister for Home Affairs Peter Dutton, and Acting Homeland Security Secretary Kevin McAleenan, came on the same day the U.S. and UK governments entered into the world’s first ever CLOUD Act Agreement. The agreement, according to the Justice Department, “will allow American and British law enforcement agencies, with appropriate authorization, to demand electronic data regarding serious crime.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

CISA’s Krebs seeks more measured approach to election security heading into 2020

Articles, Blog, News
featured image

The Cybersecurity and Infrastructure Security Agency director says overhyped concern is a problem, while election officials say they reap the benefits of improved communications.

Given the too-late realization that Russia interfered in the 2016 presidential election through massive disinformation campaigns and — as the Mueller report most recently documented with a few new twists — actual efforts to hack into state elections systems, it’s no surprise that election security under the rubric of “Protect 2020” was a key theme running throughout the Cybersecurity and Infrastructure Security Agency’s (CISA) second annual Cybersecurity Summit.

Even so, CISA Director Christopher Krebs kicked off the summit by cautioning against the fearful language and overwrought concerns currently surrounding the topic of election security. “We’ve got to be more straightforward, more measured, more reasonable in how we talk about things. Election security is a great example. Are there true, absolute, fundamental risks in the infrastructure? Yes, but we have to take the hysteria out of the conversation because ultimately what we do is we drive broader voter confidence down,” he said.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Senator Warner seeks “grand alliance” to protect against surveillance threat from China’s tech dominance

Articles, Blog, News
featured image

The senator believes Chinese companies will be required to aid surveillance of the US, especially as 5G networks roll out.

When it comes to technology policy, Senator Mark Warner (D-VA), Vice Chairman of the Senate Intelligence committee, is clearly concerned about the power China holds, particularly when it comes to trusting China’s leading tech suppliers and the prospect of a China-dominated build-out of global 5G networks. “My beef is with the presidency, the Communist party. It is not with the Chinese people. I have no interest in trying to go back to some cold war bifurcated world, us against China,” the former telecom entrepreneur said during a panel discussion at the Cybersecurity and Infrastructure Security Agency’s (CISA) second annual Cybersecurity Summit this week.

“I would argue that the Chinese people don’t want this regime as well. Look at what is happening in the streets of Hong Kong,” he said. “The kind of surveillance state that China is using in terms of their tech companies would make George Orwell’s 1984 look simple.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Leader of new NSA Cybersecurity Directorate outlines threats, objectives

Articles, Blog, News
featured image

Director Anne Neuberger says her group will focus on ransomware, threats to US elections, and nation-state influence operations.

Ransomware, Russia, China, Iran and North Korea are the top cybersecurity threats that will be the focus of a new division within the National Security Agency (NSA), the Cybersecurity Directorate, which is set to be operational on October 1, according to NSA director of cybersecurity Anne Neuberger. She was tapped in July by Director General Paul Nakasone to head the group. The Directorate aims to bring the agency’s foreign intelligence and cyber operations together and “operationalize [its] threat intelligence, vulnerability assessments and cyber defense expertise,” the agency announced when launching the new division.

“NSA really had to up its game,” Neuberger said in a fireside chat with Niloofar Razi Howe, cybersecurity venture investor and executive at the Billington Cybersecurity Summit in Washington on September 4. “And that’s what drove this desire to stand up a directorate and frankly to set a pretty aggressive mission, which is to prevent and eradicate cyber actors from national security systems and critical infrastructure with a focus on the defense industrial base.”

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Regional municipal ransomware attacks soar; MS-ISAC can help

Articles, Blog, News
featured image

Recent regional ransomware attacks underscore the importance of information sharing among municipalities.

More than 70 cities and towns have been hit with ransomware attacks so far this year with all levels of state and local governments the intended victims of nearly two-thirds of all ransomware attacks according to new analysis by the cybersecurity firm Barracuda Networks. These statistics include the recent sweep of attacks that struck 22 Texas towns and cities, which officials say was led by a single threat actor.

Barracuda’s researchers conducted a deeper dive on 55 ransomware attacks on state, county and local governments that have taken place this year and found that 38 were on local governments, 14 were on county governments, and three were on state governments. Nearly half of the government victims, around 45%, were small municipalities with populations of fewer than 50,000 residents, and 24% had fewer than 15,000 residents.

Two towns and one county government payed the ransoms. Lake City, Florida, paid around $500,000 (42 bitcoin), and Riviera Beach paid about $600,000 (65 bitcoin). In La Porte County, Indiana, officials paid $130,000 in ransom.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

Capital One hack shows difficulty of defending against irrational cybercriminals

Articles, Blog, News
featured image

The motivation of the malicious actor who stole data of more than 100 million people was driven by emotional distress and did not follow traditional hacker patterns.

Software engineer Paige Thompson was arrested in late July for an unprecedented hack into a cloud server containing the personal data of over 100 million people who had filed credit card applications with leading financial institution Capital One. Thompson, who at the time of her arrest ran a hosting company called Netcrave Communications, had held a series of engineering jobs, including a stint at Amazon Web Services (AWS) in 2015 and 2016, where she presumably gained the skills to exploit a vulnerability in an application firewall on Capital One’s AWS server.

Thompson’s ultimate theft of the 100 million customer records, 140,000 Social Security numbers and 80,000 linked bank details of Capital One customers was apparently only one of her many hacks. In a legal filing related to keeping her remanded into custody, federal prosecutors say she hit more than 30 other targets, including companies and educational institutions.

[This article appeared in CSO Online. To read the rest of the article please visit here.]

 

Image from Webaroo, a guide on how to start a website.