By Colby Proffitt and Donnie Corliss
1.) Hackers Figured Out a Way to Demand Ransom Without Sending Email (March 5, 2018)
Summary: Security researchers noticed a new twist in a recent spate of distributed denial-of-service attacks—when servers are overwhelmed to knock a site or service offline.
Why it matters: 2017 marked one of the biggest years for ransomware attacks, and while it’s yet to be determined how successful similar attacks will be in 2018, there are a number of predictions – global ransomware damage costs to exceed $11.5 billion by 2019, and a new attack will be launched every 14 seconds. As highlighted in NetCentrics’ two-part series on ransomware, attackers are clever and are ceaselessly seeking new ways to trick their targets into becoming victims of an attack. The new attack method described in this article – although not yet proven effective – highlights how attackers are seeking new ways of getting around the latest defense mechanisms in order to get to their targets.
2.) WARNING DoD Travelers — DTS Phishing Attempt Reported (March 6, 2018)
http://www.doncio.navy.mil/chips/ArticleDetails.aspx?ID=10096
Summary: Defense Travel System users have reported receiving a new phishing email. The email advises the traveler that they were not paid correctly for their last TDY period.
Why it matters: Attackers using ransomware aren’t the only creative ones. This article highlights how attackers are also employing new tactics with phishing attempts. While many phishing attempts are easily identified, they are increasingly more convincing. This article from DTS Travel Operations provides both an extract of the phishing email, as well as defensive steps users can take.
3.) ‘The Russian bear came out of hibernation’: The US’s top intelligence official issues an ominous warning to Congress (March 6, 2018)
http://www.businessinsider.com/dan-coats-russia-cyber-threat-trump-white-house-sanctions-2018-3
Summary: The Director of National Intelligence, Dan Coats, painted a stark picture Tuesday of the imminent cyber threat Russia poses to the US.
Why it matters: The US intelligence community concluded last year that Russia mounted a multi-faceted campaign to interfere in the 2016 US election to tilt the race in favor of Republican candidate Donald Trump. Despite that, the Trump administration has been slow to take actions to halt further Russian interference. The comments from Director Coats make it clear that not only is there a difference between the US intelligence community and the White House, but more importantly, the US is still taking a more defensive approach to cyber, while Russia and other foreign nations are taking a more offensive approach.
4.) World’s biggest DDoS attack record broken after just five days (March 5, 2018)
Summary: Arbor Networks is now reporting that a US service provider suffered a 1.7Tbps attack earlier this month. In this case, there were no outages as the provider had taken adequate safeguards, but it’s clear that the memcached attack is going to be a feature network managers are going to have to take seriously in the future.
Why it matters: Memcached attacks are going to be big this year, and this article offers some good explanation of how they work, and what basic precautions can be taken to prevent them. This article also points out that the onus is still largely on individual users and companies to protect themselves.
5.) World’s largest DDoS attack thwarted in minutes (March 5, 2018)
https://nakedsecurity.sophos.com/2018/03/05/worlds-largest-ddos-attack-thwarted-in-minutes/
Summary: What has been tagged the largest DDoS attack ever disclosed slammed into the servers of software development site GitHub at 17:21 UTC last Wednesday.
Why it matters: Related to the articles above, it’s nice to hear that although adversaries are launching new creative attacks, new creative defense tactics are also being employed – and they’re working. This article offers some technical insight into memcached servers – how they work and why they are important, but also concludes that this latest attack was merely an experiment.
6.) Military seeks seasoned industry professionals as next cyber warriors, but they’ll have to start at the bottom (March 6, 2018)
Summary: The likely next commander of U.S. Cyber Command told Congress last week that a pilot program lawmakers established to recruit more seasoned cyber experts into the military’s uniformed workforce is making some headway. But, he strongly suggested it’s been hampered by its inability to commission new officers at ranks that are commensurate with their experience.
Why it matters: Despite a step in the right direction, the government has a ways to go in terms of recruiting and retaining cyber talent. As this article explains, significant adjustments to the program are needed to attract skilled cyber professionals. In short, the government is offering around $40K, while industry is offering well over $100K – and in this scenario, rank and grade are not necessarily commensurate with skill, experience, or expertise.