The Week in Blockchain and Cybersecurity News - August 10, 2018

Stratus Cyber News banner 2018-08-10 wide.jpg

Stay in the know with “The week in cybersecurity news,” a weekly report on all the industry headlines released every Friday. Sign up to get the report in your inbox every week.


BYOD Threat: Security flaws found in millions of US smartphones

Researchers funded by the Department of Homeland Security announced this week that they have found security vulnerabilities in millions of US smartphones.

The flaws allow a malicious actor to take over devices and gain access to user data that can include text messages and work emails. The attacks could occur without device owners’ knowledge too.

While DHS officials declined to name the makes and models affected, the unspecified phones are sold by major cellular carriers Verizon, AT&T, T-Mobile, and Sprint. Manufacturers were notified about the vulnerabilities in February.

Read the full article here.


Cryptocurrency theft takes center stage at Black Hat 2018

During the Black Hat cybersecurity conference in Las Vegas this week, researchers from Cisco showcased emerging avenues hackers are using to steal cryptocurrency.

The presentation showed that hackers are using Google Ads to trick people into accessing phishing websites that are made to look identical to popular crypto exchanges. The victims then turn over their login details, which the hackers use on the real exchanges to steal cryptocurrencies.

The researchers warn that companies accepting cryptocurrencies could be vulnerable to this type of theft operation. Read more at the article here.


IBM shows the world what AI-powered malware can do at Black Hat

At Black Hat this week, IBM unveiled DeepLocker, an AI-powered malware program capable of lying dormant on systems until a specified target or time is reached. 

The IBM experiment demonstrated that malicious actors with far fewer resources than a nation-state backed group could be capable of developing malware leveraging machine learning to evade cybersecurity teams and attack specific targets with precision.

The malware could identify its target victims using such data as facial recognition, geolocation, and voice recognition.

“What makes this AI-powered malware particularly dangerous is that similar to how nation-state malware works, it could infect millions of systems without ever being detected, only unleashing its malicious payload to specified targets which the malware operator defines,” the research team said.

Read the full story here.


Cryptocurrency Scam Botnet discovered on Twitter 

Researchers have discovered a botnet mirroring legitimate Twitter accounts to spread a cryptocurrency giveaway scam on the popular social media platform.

Duo Security presented the findings at the Black Hat conference Wednesday. The researchers found a single network of over 15,000 bots spreading the cryptocurrency scam. 

According to the Coindesk article about the scam, the “bots first created a spoofed (or copycat) account for a genuine cryptocurrency-related account that would copy the name and profile picture of the legitimate account.” The bots would then reply to tweets from the real account with the link to the scam. Additional amplification bots were used to like the scam tweets and create a sense that the crypotcurrency giveaway was legitimate.

The Duo Security team plans to make the techniques open source to help other groups develop better techniques for detecting malicious bots.

To learn more, read the team’s research paper, Don’t @ Me: Hunting Twitter Bots at Scale.


The Mobile Workforce: Cybersecurity Challenges and Solutions

According to a 2017 Gallup report, 43% of employed Americans said they worked remotely for at least some period of time. Whether employees check emails after leaving the office, access files on business trips, telecommute full-time, or any combinations in between, these working styles expand your organization’s endpoints to any device, network, and location.

With the expansion of your organization’s security perimeter comes new security threats that include 1) easier physical access to work devices, 2) higher risk of malware entering your organization, 3) reduced control with cloud adoption, and 4) employees less engaged in cybersecurity.

This article from the Stratus Cyber blog details these challenges and steps your organization can take to mitigate risks. Read the full article here.


Communication is often missing from a cybersecurity strategy

An article from Forbes this week cites communication as a component that is often missing from organizations’ cybersecurity strategies. 

Recommendations from the article include:

  • IT experts collaborating with executives when designing cybersecurity strategy to ensure buy-in from the leaders who are responsible for enforcing the plan
  • When creating a cybersecurity plan, ensuring that who will be responsible for managing and correcting a breach is clearly defined
  • Scheduling frequent check-ins to review security risks and make necessary adjustments to the cybersecurity strategy
  • Including the corporate communications team in a breach preparedness plan that covers what will be said to staff, board members, shareholders and the media

Read the full article in Forbes.
 


Fake electricity substation network hacked in just 2 days

A cybersecurity firm announced this week that it created a honeypot, or fake website, resembling a major electricity provider to uncover methods used by hackers targeting critical infrastructure organizations, specifically industrial control systems (ICS).

The fake electricity substation was hacked in just 2 days.

What they found: 

  • The first set of hackers were not part of a state-sponsored group, but a standard cybercrime organization, suggesting that not much sophistication is required to penetrate critical infrastructure.
  • The hackers were able to create a backdoor for continued access to the system.
  • The attackers compromised the remote desktop environment, meaning they could be logged into the system at the same time a legitimate user was accessing it.

The firm advised organizations to use strong passwords, secure systems, and network monitoring to protect themselves from similar attacks. Read the full story at ZDNet.


Poll: Cybersecurity experts say Trump administration isn’t doing enough to deter Russian cyberattacks

According to a poll from The Washington Post this week, 94% of cybersecurity experts do not believe the Trump administration is doing enough to deter Russian cyberattacks.

The poll participants were cybersecurity leaders from government, academia, and the private sector. Read the full story here.


Sign up to get the report in your inbox every week.

 
NewsAjay Chandhok