Cyber Weekly Roundup – June 22, 2018

Weekly Roundup

Cyber Weekly Roundup – June 22, 2018

By Colby Proffitt

1.) Lawmakers urge Google to end partnership with China’s Huawei (June 20, 2018)

https://www.cyberscoop.com/lawmakers-urge-google-to-end-partnership-with-chinas-huawei/

Summary: Five U.S. lawmakers urged Google CEO Sundar Pichai to end the company’s partnership with Huawei, the Chinese telecom giant that faces increasingly harsh criticism from Congress on national security grounds.

Why it matters: The entire chain of events sounds like a conspiracy theorist’s dream. Starting with the story we highlighted May 4, 2018, the Pentagon banned Huawei and ZTE mobile devices on account of potential security risks. The future of both ZTE and Huawei largely hinge on whether or not the NDAA becomes law. With the Senate just this week approving the current version (with some changes) and sending it back to the House for review, there’s currently a 76% chance of it being enacted. What’s really interesting is that President Trump has been trying to help ZTE – asking the Senate to strike the amendment verbiage about the company from the NDAA – as part of a broader geopolitical strategy. His stance suggests that the risks introduced through Huawei and ZTE are less significant in comparison to what else is at stake for the U.S. There’s a lot tied up in the Huawei and ZTE debacle – in simple terms, President Trump is trying to maintain a relationship with China to avoid undercutting his talks with North Korea and to also bring about the best possible outcome in a heated debate between China and the U.S. over trade and tariffs. On top of it, Google recently pulled out of Project Maven, a contract with DoD to help the government leverage the capabilities of big data and AI. Supposedly, Google pulled out because of a petition from employees who refused to contribute to any tech that could be used as warfare technology. On the one hand, that’s admirable. On the other hand, it’s doubtful that Russian-based and Chinese companies share the same thoughts of peace and tranquility. Google is in a tough spot – there’s a fundamental difference in thought between Silicon Valley and the federal space – and some would argue they are just trying to be a responsible employer and listen to their employees, or be an unbiased multinational company that just happens to be based in the U.S. Others would argue that by refusing to help the U.S. gain a military advantage through technology, they are inadvertently aiding the enemy. What’s going to be interesting to see is how Google responds to the request for reconsideration from the federal government. And, if the request is denied, how the government will proceed.

2.) Chinese hacking group resurfaces, targets U.S. satellite companies and systems (June 19, 2018)

https://www.cyberscoop.com/symantec-thrip-satellite-hacking-trojans/?utm_campaign=CyberScoop%20Daily&utm_source=hs_email&utm_medium=email&utm_content=63908121&_hsenc=p2ANqtz-_kv7Kwkst0BVpnx1d2hR1kqj98qD1uUlKEpSaZVzmE3AwamD9xAisQ82mfvVWKqltGqgJuJhpglQkWXvxwB6AXfGg8YpMiyi5ioRJ0JqXFQbVToiQ

Summary: A Chinese-linked hacking group began targeting at least two different U.S.-based satellite companies, a Defense Department contractor and another private firm that sells geospatial imaging technology in late 2017, according to new research by Symantec.

Why it matters: Although Thrip went underground for a couple of years, Symantec and others have been tracking this hacking group since 2013, just before the Chinese hacked US weather systems and satellite networks. Originally thought to be focused only on espionage, recent activities indicate that the attackers are seeking full operational control of the satellites and systems – an attack that, if successful, would have a significant impact on US communications and critical infrastructure as a whole. What China would do should it gain control – and how the US would respond – are yet to be determined, but some might say the fate of Tiangong 1 earlier this year as well as President Trump’s recent direction to the Pentagon to create a sixth branch of the military, suggest that the battlefield now extends not to just land, air, sea, and cyberspace, but also to outer space.

3.) Trump directs Pentagon to create military Space Force (June 18, 2018)

https://www.cbsnews.com/news/trump-space-force-pentagon-create-military-space-force-national-space-council-meeting-2018-06-18/

Summary: President Trump officially directed the Pentagon to establish a sixth branch of the U.S. military in space on Monday. Speaking at a National Space Council meeting at the White House, Mr. Trump called for a “space force” to ensure American dominance on the high frontier.

Why it matters: This article doesn’t specifically highlight the connection between cyber space and outer space, but as the previous article does point out, cyber defense should extend to space. The U.S. has been a leader for decades – from exploration, to manufacturing, to IT innovation. And while this article suggests that the U.S. is getting back to its roots of pioneering, getting the U.S. back in space is one step for multiple purposes. Whether it’s an advanced testing facility on the moon, getting to Mars, or establishing dominance – it’s something that’s going to take some convincing arguments for Congress to approve. In the meantime, it will be interesting to see how other countries react to Space Policy Directive 3 – and if there’s an uptick in satellite attacks as a result.

4.) Why 50,000 ships are so vulnerable to cyberattacks (June 14, 2018)

https://phys.org/news/2018-06-ships-vulnerable-cyberattacks.html

Summary: The 50,000 ships sailing the sea at any one time have joined an ever-expanding list of objects that can be hacked. Cybersecurity experts recently displayed how easy it was to break into a ship’s navigational equipment. This comes only a few years after researchers showed that they could fool the GPS of a super-yacht into altering course. Once upon a time objects such as cars, toasters and tugboats only did what they were originally designed to do. Today the problem is that they all also talk to the internet.

Why it matters: This article dives into some of the challenges behind maritime cybersecurity, and while most would agree cyber regulation of the seas is needed just as much as any other cyber regulation, the maritime shipping companies and others in the industry with large fleets who update their systems and take a more proactive cyber stance are more likely to avoid a successful attack, and less likely to end up in the news. The reality is that any ship left vulnerable can be targeted and overtaken by a malicious actor – what that actor chooses to do once in control runs the gamut; stop the ship in its tracks and require everyone to be evacuated, run the ship aground in an effort to damage a major port, or steal valuable cargo. What’s important is taking actions to prevent all of those scenarios before any regulation is even drafted.

5.) Just 5 Percent of Federal Contractors Are Fully Protecting Against Email Spoofing (June 21, 2018)

https://www.nextgov.com/cybersecurity/2018/06/just-5-percent-federal-contractors-are-fully-protecting-against-email-spoofing/149165/

Summary: Government contractors still lag far behind on implementing an email security tool that’s now mandatory for government agencies, according to industry data released Thursday.

Why it matters: As we covered in the December 29, 2017 Roundup, DHS gave federal agencies 90 days to deploy the designated email security protocol domain-based message authentication, reporting & conformance (DMARC) for email and within 120 days, the hypertext transfer protocol secure (HTTPS) for all websites. As of March, one third of agencies were not compliant. But as this article points out, the vast majority of contractors aren’t compliant either – the same contractors who are supporting federal agencies. Conversely, more than 80% of commercials email inboxes are protected by DMARC as a default. Both contractors and federal agencies alike need to catch up to the commercial space and implement security best practices.