Cyber Weekly Roundup – March 16, 2018

Weekly Roundup

Cyber Weekly Roundup – March 16, 2018

By Colby Proffitt

1.) China’s government is keeping its security researchers from attending conferences (March 8, 2018)

https://www.cyberscoop.com/pwn2own-chinese-researchers-360-technologies-trend-micro/

Summary: The Chinese government has taken steps to discourage its country’s security researchers from sharing their knowledge at some foreign cybersecurity events, especially those organized in Western countries, sources tell CyberScoop.

Why it matters: The steps taken by the Chinese government are an indicator of the ever-changing cyber landscape, and the growing value of software exploits. Until now, Chinese research teams were a significant presence at the Pwn2Own event, as well as other similar cyber conferences and events. As this article points out, Chinese cyber experts have previously attended cyber conferences held in the US, and while one was arrested, it raises the question of how much information foreign adversaries can glean by simply gaining access to the right event.

2.) That Time Of Year Again: Cisco Systems Releases Its Annual Cybersecurity Report (March 5, 2018)

https://www.forbes.com/sites/patrickmoorhead/2018/03/05/that-time-of-year-again-cisco-systems-releases-its-annual-cybersecurity-report/#4e55fcc718ec

Summary: Last week, Cisco Systems released the 2018 edition of its Annual Cybersecurity Report (ACR) you can find here. The report, compiled from a survey of 3,600 chief security officers (CSOs) and security operations leaders from across the globe, seeks to highlight emerging threats in the rapidly evolving landscape of cybersecurity.

Why it matters: Of note from the report, ransomware is becoming increasingly dangerous and more sophisticated, cyber criminals are leveraging encryption to conceal and protect their identities, making them more elusive, and attackers are taking advantage of the increased threat surface introduced by IoT devices. Some of the core best practices, such as multi-factor authentication and timely, consistent patching remain, but as cyber adversaries continue to evolve, it will be interesting to see what new recommended best practices are added to the mix.

3.) How to Turn Off Facebook’s Facial Recognition (March 6, 2018)

http://www.nextgov.com/analytics-data/2018/03/how-turn-facebooks-facial-recognition/146431/

Summary: Facial recognition has existed on Facebook since 2013, where it was initially used to suggest friends for tagging in users photos. Since then, the social media giant has expanded its facial recognition features, most recently in December.

Why it matters: While this article explains what the facial recognition feature is and how to disable it, it doesn’t cover the entire history of the capability. Facebook acquired Face.com in 2012, and almost immediately retired the company. In doing so, however, it left the vast majority of the developers searching for an employment – which ultimately spawned LambdaLabs, which produced an open source alternative. While open source can be a good thing – encouraging innovation as well as improvements to the original code – it opens the doors to both innovative and ill-intentioned minds alike, allowing adversaries to leverage the powerful tech. While Facebook may use the software to help users track where and how their photos are used, it will be interesting to see how the same capabilities are used in other ways.

4.) GAO: Homeland Security too slow in hiring cyber workers (March 8, 2018)

https://www.fifthdomain.com/civilian/2018/03/08/gao-homeland-security-too-slow-in-hiring-cyber-workers/

Summary: The Department of Homeland Security has failed to hire needed cybersecurity professionals even though it was given approval to do so by Congress in 2014, according to a report released March 8 by the Government Accountability Office.

Why it matters: Attracting and retaining cyber talent has been a challenge in the federal space for some time now, and the longer the workforce shortage remains, the greater the challenge will become and the harder it will be to solve. Training cyber professionals takes time – in the classroom, but more importantly, in the field. What’s encouraging is that some are starting to realize that those who possess the requisite skills can sometimes be found in unconventional places.

5.) Pre-Installed Malware Found on 5 Million Popular Android Phones (March 15, 2018)

https://thehackernews.com/2018/03/android-botnet-malware.html

Summary: Security researchers have discovered a massive continuously growing malware campaign that has already infected nearly 5 million mobile devices worldwide.

Why it matters: When users buy a new device – a computer, tablet, or smartphone – they expect a clean slate, a malware and virus-free machine. However, as this article points out, problems with the supply chain of such devices has resulted in millions of devices that were corrupt before they were ever purchased. To make matters worse, the capabilities extend beyond the aggressive ad popups; this particular variety of malware is also capable of turning millions of infected devices into a massive botnet network.