Cyber Weekly Roundup – May 11, 2018

Written May 11th, 2018

Post Tags: 2fa, Bolton, Cyber, cyber coordinator role, cyber deterrence, cyber news, cybersecurity, cybersecurity news, firefox, infosec, mfa, white house

By Colby Proffitt

1.)    7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords (May 10, 2018)


Summary: Security researchers warn users of malware that lures social media users to visit lookalike versions of popular websites that prompts the installation of infected Google Chrome extensions.

Why it matters: Similar to last year’s Digimine outbreak, this latest form of malware is also spreading through Facebook, making yet another dent in the social platform’s armor. This new malware has taken it to the next level, however – blacklisting cleanup tools to prevent users from detecting and removing the infection. Although bad news for anyone infected, it will be interesting to see how this malware, combined with the negative impacts of a host of other malware, will influence both the reputation and the future of Facebook. With more and more users leaving the platform, it’s unclear how Facebook will recover.

2.)    Bolton pushing to eliminate White House cyber job (May 9, 2018)


 Summary: President Donald Trump’s national security team is weighing the elimination of the top White House cybersecurity job, multiple sources told POLITICO — a move that would come as the nation faces growing digital threats from adversaries such as Russia and Iran.

 Why it matters: There have been a number of staff changes in the White House over the past few months, and while the elimination of the cyber coordinator role is unsettling, we can hope that the Administration is not only planning to create a new role, but will make it a point to fill the role rapidly. In the midst of seemingly inevitable attack, it’s important to have decision makers and advisors in place to act swiftly. The speed of cyber requires a full strategic staff committed to acting before the enemy does.

3.)    Cyber deterrence is about more than punching back (May 10, 2018)


Summary: Peter W. Singer, a political scientist, is calling for a total revision of U.S. cybersecurity policy and wants to improve the resiliency of federal and private sector networks against the evolution or “hybridization” of international cyber threats.

 Why it matters: Many today are dissatisfied with the seeming lack of action on the part of the Trump administration in response to cyber attacks from foreign nation-states. This article mentions sanctions and indictments, but ironically, as mentioned in the previous story, such ‘punishments’ can actually elicit additional attacks. Many today are also talking about cyberwar as if it were something new, but it’s not. More and more nations are gaining an advanced level of cyber sophistication, resulting in a greater number of potential threats, and the attack surface of the U.S. as a whole has increased dramatically over the past decade alone – the war isn’t new, it’s just getting bigger and more complex. What’s critical – is how we respond.

4.)    Two-factor authentication hackable (May 10, 2018)


Summary: KnowBe4’s chief hacking officer has gathered evidence that shows a phishing email containing a bit of code capable of swiping login information. The information can be stolen and used to totally compromise a person’s account and eliminate the level of protection normally afforded by two-factor authentication.

Why it matters: Combining something you have with something you know – that’s 2FA in a nutshell, but nowadays, it’s just not enough. 2FA has proven effective for some time – balancing between security and convenience – but this recent phishing attack proves that it’s not bulletproof, and multi-factor authentication (MFA), which combines a collection of things to authenticate, is a safer alternative.

5.)    How Firefox is Moving Beyond Passwords (May 9, 2018)


Summary: Firefox will use a technology called Web Authentication/WebAuthn to grant users access to websites that previously required a password by using an authentication device such as Yubikey dongle or a fingerprint reader to verify the user’s identity.

 Why it matters: It will be interesting to see how users react to this shift. As noted in the previous article, traditional 2FA has been proven hackable. Users are accustomed to the convenience that’s been ushered in over the last 20 years – accessing bank accounts from their phones, shopping online, etc. Literally anything is just a scroll and click away – including your identity, privacy, and security. Firefox is leading the charge to change that, but at a cost. Users will now have to purchase and carry a YubiKey ($50 on Amazon) or fingerprint reader. While many phones are now equipped with a standard biometric reader, many laptops and PCs do not – yet another cost and inconvenience. Not only will it be interesting to see how users adapt, but what hackers do to adapt as well – will this new form of MFA stop hackers in their tracks, or will hackers use the supply chain to infect phones before they’re ever purchased and steal digital fingerprints?