By Colby Proffitt
1.) City of Atlanta 2018 Ransomware Hack: What We Know and What You Can Learn From It (March 27, 2018)
Summary: While events are still unfolding, this article highlights the details of one of the latest ransomware attacks.
Why it matters: This article dives into some of the specific problems and errors caused by the attack, including screenshots and direction for affected parties. It also proffers how the attackers gained access (via remote desktop protocol), which is widely used by many organizations, despite being viewed by many as less secure than an alternative solution – virtual private network (VPN). As investigations continue, the extent of the damage and costs will become clearer, but this incident is yet another reminder that organizations – federal and industry alike – need to take cybersecurity seriously and establish a more proactive cyber defense posture.
2.) United States Cyber Command’s New Vision: What It Entails and Why It Matters (March 23, 2018)
Summary: The United States Cyber Command (USCYBERCOM) has released effectively a new command strategy (formally called a “Command Vision,” although it addresses ends, ways and means), anchored on the recognition that the cyberspace domain has changed in fundamental ways since the Command was established in 2009.
Why it matters: This article offers some good insight into the key differences between the previous USCYBERCOM strategy and the newly released Command Vision. Key assumptions include recognition that adversary attacks are strategic, not simply a nuisance, and pose a significant threat to the U.S., and cyber norms are being established by adversaries – not the U.S. What we can hope is that this new strategy will be put into swift action and enable the U.S. to elevate itself on the cyber terrain, not just in armed defense.
3.) US mulls drafting gray-haired hackers during times of crisis (March 21, 2018)
Summary: A US government commission has asked the public for its thoughts on possible changes to the military’s selective service rules to allow the conscription of technical talent, including those with computer-oriented skills, regardless of sex or age.
Why it matters: Attracting and retaining cyber talent continues to be a struggle for the federal government, and while these selective service changes won’t happen until 2020 – if they happen at all – that are at least a sign that the government is wrestling with the best way to fill the cyber skills gap. While there’s much discussion on attracting millennials, this article highlights the possibility of attracting talent from more senior cyber professionals.
4.) Under Armour says 150 million MyFitnessPal accounts breached (March 29, 2018)
Summary: Under Armour Inc said on Thursday that data from some 150 million MyFitnessPal diet and fitness app accounts was compromised in February, in one of the biggest hacks in history, sending shares of the athletic apparel maker down 3 percent in after-hours trade.
Why it matters: This is the largest breach so far this year and one of the top five to date. While shares dropped by 3 percent, it will be interesting to see how consumers respond in the coming weeks and months. Because breaches have become so common, many users simply accept that their data will be stolen at some point, and the personal identity protection services often offered by breached companies are starting to be viewed as simply an interim fix until the next breach at another company.
5.) Microsoft’s Meltdown Patch Made Windows 7 PCs More Insecure (March 29, 2018)
Summary: Meltdown CPU vulnerability was bad, and Microsoft somehow made the flaw even worse on its Windows 7, allowing any unprivileged, user-level application to read content from and even write data to the operating system’s kernel memory.
Why it matters: This article offers a detailed explanation of how, despite efforts to address the problem, Microsoft unintentionally gave hackers another opportunity for further exploit. Once realized, Microsoft did release an emergency path to resolve the issue. However, those slow to patch still remain vulnerable to the additional threats.