By Colby Proffitt
1.) Hackers linked to North Korea targeted U.S. ICS companies, breached energy firm (October 10, 2017)
https://www.cyberscoop.com/north-korea-ics-hacking-dhs-ics-cert/
Summary: Hackers possibly linked to North Korea were able to successfully gain access to the corporate network of at least one U.S.-based energy company in recent months, according to multiple sources with knowledge of recent cyber threat intelligence report.
Why it matters: This is yet another incident that highlights the increasing risk of an attack on U.S. critical infrastructure. What many do not realize, however, is that more than 85% of U.S. critical infrastructure and resources are owned and operated by the private sector. While an attack may be launched against the U.S. government directly, it’s more likely that attackers will target those in the private sector, such as the company targeted in this recent event. It’s critical that the federal government reevaluate it’s cyber policy to account for the U.S.’s rapidly growing attack surface.
2.) House bill would allow companies to hack back – with limits (October 13, 2017)
Summary: Companies would have broader authority to fight back after hackers breach their networks and steal data under legislation introduced Friday by a bipartisan pair of House lawmakers.
Why it matters: Hacking back is a sticky issue, and establishing policy around it is even stickier, largely because of the problem of attribution. With hackers lurking around every corner (or in every café), and an increase in nation-state attacks, plus the increased maturity behind many attacks, it’s becoming increasingly difficult to know with absolute certainty exactly who was responsible. There’s no shortage of hacker groups to blame, and it’s not uncommon for many of those groups to take credit for a hack, even though they weren’t actually behind it. While justice should be served, it’s more important to focus on cyber deterrence and active cyber defense. Attacks are inevitable, but if you can make the reward of the attack so small, or the repercussions so negative, you can reduce the likelihood of an attack in the first place.
3.) KRACK WPA2 flaw might be more hype than risk (October 17, 2017)
Summary: Researchers discover a WPA2 vulnerability and brand it KRACK, but some experts say the early reports overstate the risk of the flaw and downplay the difficulty of an exploit.
Why it matters: With so many attacks and vulnerabilities in the news each day, one can become almost numb to the gravity of a new threat. Despite the pervasiveness of threats, it’s critical that individual users and organizations remain vigilant when it comes to cybersecurity. In this particular case, this new vulnerability has proven difficult to exploit, but it’s a reminder to patch your devices, change your passwords, and always practice good cyber hygiene. Although we’re over halfway through #CSAM2017, it’s crucial to always remain #cyberaware.
4.) Here’s how to make patching security holes easier for everyone (October 13, 2017)
Summary: A lot has been said recently about patching and what role it plays in cybersecurity. A patch is just a small piece of software, made available to the consumer from the software company that “patches” a security flaw in the software. That’s all. But these patches, when installed, can save you a world of hurt.
Why it matters: Patching is easy – said no one ever. One of the best things anyone can do to protect their data and systems from cyber attacks and vulnerabilities is patch on time every time, but the reality of patching is that it is rarely an easy ordeal. Bandwidth and resource limitations, time constraints, the sheer volume of patches available – there are countless reasons why organizations struggle to patch. This article suggests making bandwidth consumption for patches free – an interesting idea that would require some sacrifice on the part of vendors, but one that would result in massive benefit for users and the U.S. as a whole.