Cyber Weekly Roundup – April 27, 2018

Written April 27th, 2018

Post Tags: cyber news, cybersecurity news, ghostsecret, operation ghostsecret

By Colby Proffitt

1.) Experts describe how hacking back can be done right (April 20, 2018)


Summary: The idea of hacking back — responding to attacks with offensive measures — has been a divisive topic, but a panel of experts at RSA Conference 2018 all agreed there are reasons to allow offensive counterattacks as long as they are done in smart ways.

Why it matters: There are several challenges of hacking back, the main one being attribution – knowing with absolute certainty who was responsible for an attack. One solution is designed the make any stolen data almost useless by mixing the real data with fake data. What this article doesn’t dive into, however, is how exactly that’s accomplished, whether or not it is effective, and how much it costs. What’s interesting is that Facebook, Google, and Microsoft, among others, all want to veto the Active Cyber Defense Certainty Act, which is designed to make hacking back legal – under certain parameters. This act will be one to watch – if it becomes law, it has to potential to completely change the cyber landscape.

2.) House bill would create a ‘naughty list’ for nation-state hacking groups (April 25, 2018)


Summary: Last week, the Trump administration delivered a classified report to Congress outlining a new national cyber doctrine. Beyond naming the congressional committees that received the report, the White House has thus far publicly provided no additional details about the document or the strategy that it promotes.

Why it matters: The details of the strategy haven’t been made publicly available yet, but it will be interesting to see what specific methods of cyber defense are backed – from public shaming and sanctions, to more offensive tactics such as hacking back. What’s clear is that there is a very real correlation between cybersecurity and economic security – and what we can hope is that the overall strategy will support a more aggressive and proactive cyber stance.

3.) Researchers found a semi-legit way to turn an Amazon Echo into a wiretap (April 26, 2018)


Summary: An Amazon Echo application created by security researchers proves how the popular smart home device can be co-opted to remotely listen to people’s nearby conversations, according to cybersecurity firm CheckMarx.

Why it matters: This is yet another example of the potential dangers introduced by IoT devices intended to provide convenience and simplicity. Although in this scenario, an end user would be required to voluntarily download the application, it’s likely just a matter of time before a malicious actor finds a way to push the bad code remotely without the user’s knowledge. Given the prevalence of this device, and other similar home devices, it’s probably best to just assume that anything you say within range might be recorded. And it’s not just home devices like the Echo, even cell phones can still record audio even when they are seemingly turned off.

4.) Hackers build a ‘Master Key’ that unlocks millions of Hotel rooms (April 25, 2018)


Summary: If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider.

Why it matters: Data has been in the headlines as the primary target malicious actors want to steal, but this latest vulnerability is a reminder that physical objects of value are also big targets. The good news is that researchers uncovered the vulnerability and aren’t going to release their customer software; however, they also just became a very interesting target.

5.) North Korea linked to global hacking operation against critical infrastructure, telecoms (April 25, 2018)


Summary: A suspected North Korean hacking campaign has expanded to targets in 17 different countries, including the U.S., pilfering information on critical infrastructure, telecommunications and entertainment organizations, researchers say.

Why it matters: North Korea continues to steal data from the U.S. and other nations – and is gaining momentum with Operation GhostSecret. While McAfee has released initial findings, it’s still unclear how to halt the operation, and what North Korea plans to do with the stolen data.