NTSC Technology Security Roundup

Weekly News Roundup: August 28, 2017

National Infrastructure Advisory Council Releases Sobering Report

The National Infrastructure Advisory Council recently released a report titled “Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure” that says we’re “falling short” of protecting the United States from a major cyberattack. The report says, “Fortunately, we find ourselves in a pre-9/11-level cyber moment, with a narrow and fleeting window of opportunity to coordinate our resources effectively.” The council makes 11 recommendations that include:

  • “Establish separate, secure communications networks specifically designated for the most critical cyber networks, including ‘dark fiber’ networks for critical control system traffic and reserved spectrum for backup communications during emergencies.”
  • “Facilitate a private-sector-led pilot of machine-to-machine information sharing technologies, led by the Electricity and Financial Services Sectors, to test public-private and company-to-company information sharing of cyber threats at network speed.”
  • “Identify best-in-class scanning tools and assessment practices, and work with owners and operators of the most critical networks to scan and sanitize their systems on a voluntary basis.”

First Phase of NYS DFS Cybersecurity Regulation Effective Today

Today, the first phase of the New York State’s Department of Financial Services (NYS DFS) cybersecurity regulation goes into effect. According to Help Net Security, “covered entities are required to be in compliance with the first phase of the 23 NYCRR Part 500 standard.” Help Net Security breaks down these requirements that cover creating cybersecurity programs and policies, designating someone in the CISO role, defining access privileges, training personnel, and ensuring that an incident response plan is in place. An article from the National Law Review goes into further depth about this first phase, including some ambiguity about what defines a “cybersecurity event.”

Microsoft Continues Legal Action Against Fancy Bear

Microsoft continued to win legal actions against Fancy Bear, a hacking group likely associated with Russia’s GRU, as an Eastern Virginia federal court ruled against this group on Tuesday. According to The Hill, the “court ordered the group often called Fancy Bear to stop attacking [Microsoft’s] customers. The Eastern Virginia federal courts also ordered Fancy Bear to stop using Microsoft trademarks in phishing attempts and announced a multi-factor system to determine which web addresses U.S. registration companies will now be removing from the hackers' control.” Microsoft chose the legal path of prosecuting Fancy Bear rather than sue Russia.

Akamai Notes Year-Over-Year Decrease in DDoS Attacks

A recent report from Akamai noted that DDoS attacks are down 18 percent between Q2 2017 and Q2 2016. According to The Hill, “While attacks rose from the beginning of the year, attack severity declined. ‘[F]or the first time in many years’ Akamai observed no attacks exceeding 100 gigabits per second. The report speculates one potential cause of lower severity attacks might be international success taking the networks of hijacked computers, known as botnets, offline.” The report also noted that web application attacks continue to increase.

VPN Company Kesala Acquired by Secure Communications Firm Silent Circle

Silent Circle, a secure communications firm offering enterprise communications solutions including software, devices, and services, recently acquired Kesala—a VPN hardware company. According to Cyberscoop, “Kesala makes a small black box designed to encrypt and obfuscate internet traffic. Silent Circle CEO Gregg Smith describes Kesala as a ‘VPN and Wi-Fi hotspot the size of a matchbox’ with the ability to mask user location. It can be used on servers, phones, desktops, laptops and any IoT device. The device was developed in and used by U.S. intelligence agencies before its private sector debut.”