ICD Brief 137.
03.06.2019.-09.06.2019.
Greetings from Washington DC, Tallinn, Beijing, Brussels, Berlin, Teheran, Tel Aviv, Mons, Amsterdam, Oslo, Lisbon, Bucharest, Moscow, Singapore, London, Santa Clara County. This week’s news is hard and definitive; we hear about what IS or HAS happened- not what may be or rumoured or hoped for. I’ve given you the whole list first before the summaries because there are too many important updates.
USA
Many Americans Say Made-Up News Is a Critical Problem That Needs To Be Fixed The Pew Research Center
“Politicians viewed as major creators of it, but journalists seen as the ones who should fix it. Indeed, more Americans view made-up news as a very big problem for the country than identify terrorism, illegal immigration, racism and sexism that way. Additionally, nearly seven-in-ten U.S. adults (68%) say made-up news and information greatly impacts Americans’ confidence in government institutions, and roughly half (54%) say it is having a major impact on our confidence in each other.”
NSA Cybersecurity Advisory: Patch Remote Desktop Services on Legacy Versions of Windows The National Security Agency
“The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats. Recent warnings by Microsoft stressed the importance of installing patches to address a protocol vulnerability in older versions of Windows. CVE-2019-0708, dubbed “BlueKeep,” is a vulnerability in the Remote Desktop (RDP) protocol. It is present in Windows 7, Windows XP, Server 2003 and 2008,[ed] and although Microsoft has issued a patch, potentially millions of machines are still vulnerable.”
Audit of NRC’s Cyber Security Inspections at Nuclear Power Plants The Nuclear Regulatory Commission
“NRC’s cyber security inspections generally provide reasonable assurance that nuclear power plant licensees adequately protect digital computers, communication systems, and networks associated with safety, important-to-safety, security, and emergency preparedness. This report makes two recommendations to address future inspection staffing challenges and suitable performance measures for the cyber security inspection program. Agency management stated their general agreement with the findings and recommendations in this report.”
FBI Investigators Thwarted Transfer of Trade Secrets to China FBI
“Wenfeng Lu was seemingly living the American dream—a comfortable life in Irvine, California, with his family and a career in medical device research and development.
Yet Lu’s secret goal was to use trade secrets stolen from his employer to strike it rich in his native China. However, thanks to an FBI investigation, his plan was thwarted, and Lu is now serving a 27-month prison sentence.”
High-Profile Data Breaches Underline Cyber Threats to Health Care Industry The Hill
“The breach allowed an unauthorized user to access the personal data of almost 12 million Quest patients, including Social Security numbers and financial records, after the hacker broke through the system of American Medical Collection Agency (AMCA), a billing collection provider for Quest. LabCorp revealed Wednesday that it, too, was impacted, with the records of 7.7 million of its patients compromised by the data breach of the AMCA’s systems.”
Baltimore IT Chief Apologizes to City Council Members for Response to Ransomware Attack Baltimore Sun
“The hack significantly disrupted the city’s operations. The property market was briefly frozen; water bills are not being issued; and communication between police and prosecutors was hindered. The city’s budget office has estimated the cost of the ransomware attack at $18.2 million. That includes the cost of buying new hardware, hiring contractors to help clean up the mess, and lost or deferred revenue.”
Australia
China Behind Massive Australian National University Hack, Intelligence Officials Say The Guardian
“Intelligence officials believe China may have been behind a massive data breach which compromised the personal details of thousands of Australian National University students and staff.”
Baltics/Estonia
Estonian – US Cyber Consultations Focus on Cooperation and Stability EER News
“A joint U.S.-Estonian round of cyber consultations take places in Tallinn Friday, with norms of responsible state behavior in cyberspace, cybersecurity threats, and the protection of critical infrastructure all on the table.”
“Ott Velsberg, Estonia’s fresh-faced, 28-year-old chief data officer, is on a mission put AI into every part of the country’s public services, from healthcare to education and job centres.”
China
China Issues 5G Licenses in Timely Boost for Huawei Reuters
“SHANGHAI/HONG KONG (Reuters) – China granted 5G licenses to the country’s three major telecom operators and China Broadcasting Network Corp on Thursday, giving the go-ahead for full commercial deployment of the next-generation cellular network technology.”
Embattled Huawei to Exit Undersea Cable Business amid Trump Ban fin.24
“Huawei’s corporate parent is selling its 51% of Huawei Marine Networks to Hengtong a Jiangsu-based optical-cable manufacturer, according to a stock exchange filing. The deal isn’t formalised and subject to change, Hengtong said in the filing. The Chinese company, whose Shanghai-listed shares have been suspended from trade, didn’t disclose the size of the deal.”
EU
EU Mission in Moscow Discovers Potential Hack into Systems Politico
“The EU’s delegation in Moscow suffered what appears to be a cybersecurity breach in 2017, an EU spokesperson said after BuzzFeed reported the news on Wednesday.”
Why Larger GDPR Fines Could Be on the Horizon TechTarget
“It’s been a year since the EU General Data Protection Regulation went into effect, and GDPR fines imposed on companies to date have been modest. But larger GDPR fines are on the way, experts warned.”
Germany
Backdoor Found in Four Smartphone Models; 20,000 Users Infected ZDNet
“The German Federal Office for Information Security (or the Bundesamt für Sicherheit in der Informationstechnik — BSI) has issued security alerts today warning about dangerous backdoor malware found embedded in the firmware of at least four smartphone models sold in the country.”
Iran
FireEye Uncovers Suspicious Online Activity Resembling Iranian Influence Operations CNBC
“Dozens of social media accounts displaying suspicious behavior have been uncovered in a new report that sees pro-Iranian messaging promoted by profiles impersonating real people, as well as journalists and activists who don’t seem to exist.”
Israel
Cyber Threat: Israel’s Airports Prepare for the Future of Cybersecurity Jerusalem Post
“Anarchists, radical hackers, terrorists, disgruntled employees, organized criminals and states make up the range of potential cyber threats, according to Roee Laufer, head of Cyber and Information Security at the Israel Airports Authority (IAA).”
NATO
NATO Supports Groundbreaking Cyber Exercise at GLOBSEC 2019 Forum NATO
“The workshop used four real-world, interactive crisis simulations to challenge diplomats, policy makers, think tank representatives, and leaders from the private sector and civil society. The simulations covered a wide range of topics, from using cyber and artificial intelligence in managing refugee crises at sea, through the cyber security challenges posed by foreign investments, and leveraging cyber capabilities in the battle against disinformation. The proposed solutions will be published in a white paper in late 2019.” More
Netherlands
“Check First, Then Click” – Dutch Government Launches Anti-Phishing Campaign The Daily Swig
“The Dutch government has launched a new anti-phishing campaign, following a year in which the number of malicious sites faking well-known Dutch brands increased by over 40%.”
Norway
Norsk Hydro’s Core Profit Plunges 82% after March Cyber Attack, Brazilian Spill Insurance Journal
“Aluminum producer Norsk Hydro, the victim of a cyber attack in March that paralyzed its IT systems, posted an 82% drop in first-quarter core profit on Wednesday and said a rise in global uncertainty could impact its markets.”
Portugal
Cyber-Security Centre to Launch Portal for Companies The Portugal News
“Portugal’s National Cyber-security centre is to launch a portal by October for cyber-security in companies to assess organisations’ needs in terms of capacity and skills.”
Romania
Romania Signs Agreement over Cybersecurity with Israel Romania Insider
“Romania and Israel signed a memorandum of understanding on cybersecurity, in the context of Romania – Israel Cyber Security Forum, prime minister Viorica Dancila announced. She attended the signing ceremony.”
Russia
Russia’s Manipulation of Twitter Was Far Vaster Than Believed Politico
“Russia’s infamous troll farm conducted a campaign on Twitter before the 2016 elections that was larger, more coordinated and more effective than previously known, research from cybersecurity firm Symantec out Wednesday concluded.”
Singapore
Combating Cyber Attacks Require Mindset Change: CSA Chief
The Straits Times
“As malicious cyber attacks increasingly target civilian arenas like finance or healthcare, preparing for them requires a mindset change on the part of cyber-security agencies. Mr David Koh, chief executive of the Cyber Security Agency (CSA), said that agencies must learn to rely on partners across government because the wider attack surface requires whole-of-government vigilance.”
UK
UK’s Cybersecurity Watchdog Flexes Muscle; Not Enough, Says Auditor SCMedia UK
“The biggest threat to our cyber-security is weak cyber-security,” said Ciaran Martin, CEO of the National Cyber Security Centre, UK, speaking at Infosecurity Europe in London today (6 June). His observation, based on 1,600 cyber-security breaches from across the past four years, came a day after the Commons Public Accounts Committee’s warning that the UK is more vulnerable to cyber-attacks than ever before.”
Featured
The Cybersecurity 202: Stanford Group Calls for Major Overhaul on Election Security
Washington Post
“Like the 9/11 report, which fundamentally reorganized the nation’s homeland security and intelligence structure after the Sept. 11, 2001, terrorist attacks, “Securing American Elections” aims big. It argues Russia’s 2016 election interference operation was an attack on fundamental American values, and should provoke the government and private sector to step up “defenses against efforts to erode confidence in democracy.”
The report’s 108 pages include 45 recommendations ranging from securing voting systems and combating online disinformation campaigns to negotiating major election security norms with allies and punishing adversaries who violate them.
‘Like the 9/11 commission leaders who spent years pushing the government to fully implement their reforms amid partisan bickering, this group is preparing for a fierce lobbying campaign to turn its recommendations into reality,’ said Nate Persily, a report author and director of Stanford’s Cyber Policy Center.
The report authors, who include Michael McFaul, U.S. ambassador to Russia during the Barack Obama administration, and former Facebook chief security officer Alex Stamos, also plan to lobby many of their election-security recommendations to state and local officials, Persily said. They will urge them to voluntarily adopt protections that congressional Republicans are wary of forcing on them.
Those recommendations include having paper trails for all ballots, conducting post-election audits and inviting ethical hackers to probe their voting systems for vulnerabilities.”