Cyber Weekly Roundup – August 4, 2017

Written August 4th, 2017

Post Tags: Cyber, cyber news, cyber weekly roundup, cybersecurity, news

By Andrew Paulette and Mesay Degefu

1.) Wannacry money laundering attempt thwarted (August 4, 2017)


Summary: The hackers behind the Wannacry ransomware have tried to conceal who they are by using a virtual currency that is more anonymous than Bitcoin.

Why it matters: With increased focus on Bitcoin and the ability to uncover the individuals using it (even when attempting to “tumble,” or launder the currency)​, it seems that the attackers behind the Wannacry attack are attempting to convert their earnings into Monero, a cryptocurrency that promises greater privacy.  The Swiss service has halted the transaction and is assisting law enforcement with attempting to gather information on the Wannacry creators. As cyber attacks continue into the future, there is little doubt that cyber criminals will begin to rely more on crytocurrencies that are more anonymous, moving away from currencies that keep a public ledger such as Bitcoin.

2.) FBI Arrests Research who Found “Kill-Switch” to Stop Wannacry Ransomware (August 3, 2017)


Summary: The 22-year-old British security researcher who gained fame for discovering the “kill switch” that stopped the outbreak of the WannaCry ransomware—has been reportedly arrested in the United States after attending the Def Con hacking conference in Las Vegas.

Why it matters: In an interesting turn of events, the researcher who inadvertently activated a kill switch for the ransomware WannaCry has been arrested by the FBI for his alleged role in the creation and distribution of the Kronos banking Trojan in 2014-2015.  While details on this story are still developing, it will be interesting to see the details on what role Mr. Hutchins allegedly had in creating the software and malware.

3.) Ransomware can cost firms over $700,000; cloud computing may provide the protection they need (August 4, 2017)


Summary: High-profile cybercrime such as data theft, ransomware, and computer hacks seems to be occurring more frequently and with higher costs, but cloud computing may provide the security that companies are searching for.

Why it matters: Having cloud security companies provide all the complex security needs to small and medium sized businesses will  benefit in couple ways: first, it is cost effective, and second, cloud companies can respond to threats quickly and efficiently with well-trained resources.​ But, it’s critical to manage the terms of service and service level agreements effectively.

4.) To Fix Voting Machines, Hackers Tear Them Apart (August 1, 2017)


Summary: The toughest thing to convey to newcomers at the DefCon Voting Village in Las Vegas this weekend? Just how far they could go with hacking the voting machines set up on site. “Break things, just try to pace yourself,” said Matt Blaze, a security researcher from the University of Pennsylvania who co-organized the workshop. DefCon veterans were way ahead of him. From the moment the doors opened, they had cracked open plastic cases and tried to hot-wire devices that wouldn’t boot. Within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WINVote machine.

Why it matters: The “voting village” at Defcon presented an excellent opportunity for this voting tech to be prodded by a large number of security researchers.  While it’s easy for a security researcher to buy the latest IT gadget and pick apart its hardware and software to expose flaws, devices such as voting machines are harder to acquire and test.  As a result, many security vulnerabilities can go unaddressed. Hopefully, this opportunity helps improve the security of digital voting, which is now considered critical infrastructure by the US Government.

5.) HBO Hacked – ‘Game of Thrones’ Scripts & Other Episodes Leaked Online (July 31, 2017)


Summary: Hackers claim to have stolen 1.5 terabytes of data from HBO, including episodes of HBO shows yet to release online and information on the current season of Game of Thrones.

Why it matters: Attacks against the entertainment industry present a rich target to hackers.  With the industry’s source of profit tied to the release of media that is stored digitally, hackers are able to ransom these products by threatening to release them on the internet.  These attacks will continue into the future, requiring the entertainment industry to weigh this risk against the money that must be spent to ensure a robust information security program.

6.) Shadow IT – How Do You Protect What You Don’t Know You Have? (July 31, 2017)


Summary: For a cybersecurity program to succeed, it must identify the assets it aims to protect. Without a clear understanding of its assets, no organization can truly understand the value of its resources, assess the risks they face, or understand how much to spend to secure its infrastructure.

Unfortunately, the process of identification is not getting any easier. Shadow IT – the presence of unknown systems, data and assets on a network – is on the rise due to four primary factors.

Why it matters: Need a primer on the risks of shadow IT and how to best mitigate each? This article by Andrew Paulette helps guide you through the basics of what Shadow IT is, and how to defend against it.

7.) Facebook Security Boss: Empathy, Inclusion Must Come to Security (July 26, 2017)


Summary: LAS VEGAS—Twenty years of Black Hat seemed to be the appropriate marker in time for Alex Stamos to remind security professionals of their unique position to affect change, not only in technology and business, but also in geopolitics and human rights.

Why it matters: Mr. Stamos’ keynote comes at a time when governments and law enforcement work to balance the rights of the individual against their role to protect the community and nations they serve. While security researchers and privacy activists may scoff at this call to work with law enforcement and governments to navigate privacy and cyber security, it is best the conversation is started now before a serious cyber incident occurs. If such an event were to occur, governments will no doubt be forced to craft policy and regulations that are not informed by the guidance of cyber security professionals, doing more harm to privacy and security than if they had be involved in the conversation initially.