- NSA contractor arrest highlights challenge of insider threat. From Washington Times. The arrest of a National Security Agency contractor for allegedly stealing classified information was the second known case of a government contractor being publicly accused of removing secret data from theintelligence agency since 2013.
The latest arrest came despite efforts to reform security after the Edward Snowden disclosures, especially in regards to insider threats.
Harold Thomas Martin III, 51, of Glen Burnie, Maryland, was arrested by the FBI in August after federal prosecutors say he illegally removed highly classified information and stored the material in his home and car. A defense attorney said Martin did not intend to betray his country.
Everything you need to know about the NSA hack. From TechCrunch. In what Edward Snowden deems “not unprecedented,” hackers calling themselves the Shadow Brokers have collected NSA-created malware from a staging server run by the
Equation Group, an internal hacking team. The Shadow Brokers published two chunks of data, one “open” chunk and another encrypted file containing the “best files” that they will sell for at least $1 million. Wikileaks has said they already own the “auction” files and will publish them in “due course.” They’ve also released images of the file tree containing a script kiddie-like trove of exploits ostensibly created and used by the NSA as well as a page calling out cyber warriors and “Wealthy Elites.” The page also contains links to the two files, both encrypted.
- Kaspersky Says Shadow Brokers Leaked Malware Is Authentic. From Softpedia.
Kaspersky confirmed today that the malware samples leaked on GitHub over the weekend by The Shadow Brokers are the real deal and presents similarities with the malware samples they analyzed from the Equation Group back in February 2015. The devil is in the details, they say, and for this particular case, Kaspersky Lab’s Global Research & Analysis Team (GReAT) says the principal factor that led them to this conclusion was the presence of RC5 and RC6 encryption algorithms inside the malware dumped by The Shadow Brokers.
Ransomware Attacks May Trigger Breach Notifications. From On The Wire. A powerful California congressman is pushing the federal government to treat ransomware attacks on medical facilities as data breaches and require notifications of patients. The pressure is coming from Rep. Ted Lieu (D-Calif.) and follows comments from officials at the Department of Health and Human Services about the department’s plan to issue guidance to health care organizations about ransomware attacks. The Office for Civil Rights section of HHS, which has responsibility for health information privacy, will provide guidance on how to handle ransomware attacks, and Lieu is eager to ensure that the guidance specifically addresses how ransomware attacks relate to data breach regulations.
He Was a Hacker for the NSA and He Was Willing to Talk. I Was Willing to Listen. From The Intercept. The sender was a hacker who had written a series of provocative memos at the National Security Agency. His secret memos had explained — with an earthy use of slang and emojis that was unusual for an operative of the largest eavesdropping organization in the world — how the NSA breaks into the digital accounts of people who manage computer networks, and how it tries to unmask people who use Tor to browse the web anonymously. Outlining some of the NSA’s most sensitive activities, the memos were leaked by Edward Snowden, and I had written about a few of them for The Intercept.
This 1 Simple Equation Describes Cybersecurity in a Nutshell. From Fortune. How do you calculate risk? It’s simple, according to Michael Hayden, former head of the U.S. National Security Agency and later the Central Intelligence Agency. The ex-spy boss boiled the concept down to its basics at a computer security conference earlier this week. Here’s the formula he presented on a slide: Risk = threat x vulnerability x consequence
New York Fed defends fund transfer after Bangladesh heist. From Reuters. After an $81 million cyber heist at the Bangladesh central bank, the Federal Reserve Bank of New York said there was no problem with its procedures for approving fund transfers, according to a letter released on Friday by a U.S. lawmaker who had questioned those methods. U.S. Representative Carolyn Maloney had called for a probe of the fund transfers triggered by the February cyber attack on the Bangladesh central bank.
EY M&A Report: Cyber security deals increased 9% in Q1 2015. From DarkReading. Following record-setting levels in 2015, global technology M&A volume rose 8% sequentially and 2% year over year (YOY) in the first quarter of 2016, to 1,002 deals, according to EY’s Global technology M&A update: January-March 2016. However, quarterly value fell 65% sequentially and 14% YOY. In spite of falling numbers, the quarter still ranked among the top 10 highest-value quarters at US$66.7b.
- Cybersecurity Hiring Stays Hot, Plus More Lateral Moves. From American Lawyer. A quartet of cybersecurity pros plies their wares at new firms; Blank Rome hires a former U.S. senator; Cooley adds a high-powered private equity team; Orrick adds again in Paris; and other notable additions from throughout The Am Law 200
Bayshore Networks® Raises $6.6 Million from Trident Capital Cybersecurity and Current Angel Investors. From Bayshore Networks. Bayshore Networks, the cybersecurity leader for the Industrial Internet of Things (IoT), today announced that it has raised $6.6 million in Series A funding from Trident Capital Cybersecurity and its existing angel investors. Alberto Yépez, managing director of Trident Capital Cybersecurity, will join the company’s board. Will Lin, vice president of Trident Capital Cybersecurity, will be a board observer.
- Rules For Cyberwarfare Still Unclear, Even As U.S. Engages In It. From NPR. Who’s in charge when the U.S. wages cyberwar? “The chain of command is clear on paper,” says Susan Hennessey, who served as a lawyer at the National Security Agency until November 2015. “It’s much more difficult to understand in practice.”
- IBM’s Survey Of The Cybersecurity Landscape. From IBM.com. In 2015, 60 percent of all attacks were carried out by insiders, either ones with malicious intent or those who served as inadvertent actors. In other words, they were instigated by people you’d be likely to trust. And they can result in substantial financial and reputational losses.
Boston Cybersecurity Map Shows Deep, Diverse Local Sector. From XConomy. It’s no secret that the Boston area is home to a formidable group of companies related to cybersecurity. Just how big is the local cluster? Xconomy surveyed the landscape and found 63 firms within an hour’s drive of downtown Boston, including locally based companies and outposts of firms based elsewhere.
Tomorrow’s Buildings: Help! My building has been hacked. From BBC. According to Mr Billy Rios, who runs security company Whitescope, there are 50,000 buildings currently connected to the internet – including research facilities, churches and hospitals, and 2,000 of those are online with no password protection.
- FBI Warns Farmers About the Dangers of Hackable IoT Farm Equipment. From Softpedia. Farmers who employ Internet-connected and precision farming equipment should be very mindful of the way they configure their devices, the FBI warned in a public statement advisory at the end of March. The Bureau, together with the US Department of Agriculture (USDA), issued the note on March 31, as an alert to the growing threat of IoT security.