Cybersecurity's Inconvenient Truth: The Nation-State Threat

Tom Field • October 20, 2020

Has the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.

►

CISO Trainings

Avoiding a 'Checklist' Approach to Privacy

Latest

Business Continuity Management / Disaster Recovery

Ransomware Knocks Out Voter Database in Georgia

Akshaya Asokan • October 23, 2020

An Oct. 7 ransomware attack targeted a database used to verify voter signatures in Georgia, and the database is still not fully functional. The DoppelPaymer gang has taken credit for the attack.

Critical Infrastructure Security

US Officials Blame Election Data Theft on Russian APT Group

Jeremy Kirk • October 23, 2020

U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and stolen election-related data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.

Fraud Management & Cybercrime

Phishing Campaign Mimics Microsoft Teams Alerts

Chinmay Rautmare • October 23, 2020

Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.

Critical Infrastructure Security

Analysis: The Significance of Russian Hackers' Indictment

Anna Delaney • October 23, 2020

The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.

Critical Infrastructure Security

US Alleges Iran Sent Threatening Emails to Democrats

Jeremy Kirk , Mathew J. Schwartz • October 22, 2020

U.S. officials have blamed Iran for sending a barrage of fake emails and videos to American voters with a Democratic Party affiliation as part of a campaign to push misinformation and sow confusion in the days before the presidential election.

Anti-Money Laundering (AML)

The IRS Takes on Cryptocurrency-Funded Terrorists

Nick Holland • October 22, 2020

The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.

Cyberwarfare / Nation-State Attacks

Elite Russian Sandworm Hackers' Epic OPSEC Problem

Mathew J. Schwartz • October 22, 2020

An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?

Cyberwarfare / Nation-State Attacks

Analysis: Can Russia's Cyber Destruction Appetite Be Curbed?

Mathew J. Schwartz • October 21, 2020

The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.

Cyberwarfare / Nation-State Attacks

NSA: Chinese Hackers Exploiting 25 Vulnerabilities

Akshaya Asokan • October 21, 2020

The NSA is warning that Chinese-linked hacking groups are exploiting 25 vulnerabilities in software systems and network devices as part of cyberespionage campaigns - which means patching is urgent.

Cybercrime

Tom Kellermann on the Price of Digital Transformation

Tom Field • October 20, 2020

VMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes "the perfect storm" for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means - and how these trends should inform our defensive strategies.

Cyberwarfare / Nation-State Attacks

6 Takeaways: Russian Spies Accused of Destructive Hacking

Mathew J. Schwartz • October 20, 2020

U.S. officials have accused the Russian government of behaving "maliciously or irresponsibly" by taking steps such as crashing Ukraine power grids in the dead of winter and causing more than $10 billion in damages via NotPetya malware. But why make the accusations now? And how might Moscow respond?

Cyberwarfare / Nation-State Attacks

6 Russians Indicted for Destructive NotPeyta Attacks

Scott Ferguson , Doug Olenick • October 19, 2020

The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.