By Andrew Paulette
1.) RUSSIAN HACKERS ARE USING ‘TAINTED’ LEAKS TO SOW DISINFORMATION (May 25, 2017)
Summary: Over the past year, the Kremlin’s strategy of weaponizing leaks to meddle with democracies around the world has become increasingly clear, first in the US and more recently in France. But a new report by a group of security researchers digs into another layer of those so-called influence operations: how Russian hackers alter documents within those releases of hacked material, planting disinformation alongside legitimate leaks.
Why it matters: The escalation presented by intentionally sowing disinformation in hacked documents adds an additional layer of complexity to assessing a hack, and what actions to take. However, this tactic has a higher risk of backfiring – if the user is able to provide evidence that the document has intentionally been tampered with, it makes the data less credible. If nothing else, this additional layer of disinformation adds confusion and uncertainty into our assessment of these attacks, which may very well be the primary goal.
2.) Compliance vs. honesty: How agencies should approach the cyber EO (June 5, 2017)
Summary: The first guidance related to the cybersecurity executive order signed by President Donald Trump in May is filled with four deadlines between now and August. Agencies have their marching orders for how to report cyber metrics to the government-wide Cyberscope platform, for how to develop and submit their risk assessment and for how to create an action plan to implement the cybersecurity framework developed by the National Institute of Standards and Technology.
Why it matters: This article is spot on – cybersecurity as a practice is only meaningful if organizations are willing to make it more than just a check the box exercise – they need to take a true look at the risks present in their organization, and identify where meaningful, effective change can be made. While the results are sometimes not pretty, it is the first step toward building a stronger cyber defense.
3.) A TV Hack Appears to Have Sparked the Middle East’s Diplomatic Crisis (June 5, 2017)
Summary: On Monday, Saudi Arabia, Egypt and three other Arab states abruptly cut off all diplomatic ties with Qatar, virtually isolating the small gas-rich country and setting off a major diplomatic crisis in the Middle East.
Tensions between these Arab states and Qatar have been brewing for years because of Qatar’s alleged sympathy for islamist terrorist organizations. But the straw that broke the camel’s back, believe it or not, may have been provided by hackers and fake news.
Why it matters: More than anything, this article does a great job illustrating the true cost that a hack can have not only on an organization, but the society around it. While it is impossible to say that this hack alone caused the current crisis with Qatar, it certainly does play a role that has a very high cost for the region.
4.) 53 PERCENT OF ENTERPRISE FLASH INSTALLS ARE OUTDATED (June 5, 2017)
Summary: The number of outdated versions of Adobe Flash running on enterprise computers grew 10 percent year-over-year to 53 percent of endpoints, despite numerous devastating attacks targeting the maligned software and endless calls to deprecate it.
Why it matters: Patching can be a challenge in any organization, but the security vulnerabilities in Adobe Flash need to be addressed, as threat actors often use Flash exploits to accomplish more serious attacks.
5.) What can DoD, civilian cyber efforts learn from the Coast Guard approach to maritime security? (June 5, 2017)
Summary: There may be an answer to the long-running debate about whether to split U.S. Cyber Command from the National Security Agency and where does the civilian sector fit in to the offensive side of the cyber equation.
Sen. John McCain (R-Ariz.), chairman of the Armed Services Committee, offered an idea at a recent hearing with Adm. Mike Rogers, commander of U.S. Cyber Command and director of NSA, that seems to have real legs.
Why it matters: A very interesting idea proposed by Sen. McCain – the need for operations in cyberspace to remain as flexible as the Coast Guard can when pursuing law enforcement between territorial and international waters is one worth considering.