A quick survey of recent cyber news . . .
***
The Wall Street Journal’s Siobhan Gorman & Danny Yadron report that “[m]ajor U.S. banks are pressing for government action to block or squelch what Washington officials say is an intensifying Iranian campaign of cyberattacks” against U.S. banks. According to the article, U.S. officials may consider retaliating against Iran for the attacks.
Lawfare’s Jack Goldsmith argues that now “we see in a nutshell the compelling case for U.S. government regulation of critical infrastructure in the cyber realm.”
***
DefenseNews’ Zachary Fryer-Biggs with a very interesting article on ‘jumping the gap,’ or infiltrating closed computer networks without physical access to the network. Fryer-Biggs previously wrote on this idea, as did Ellen Nakashima (WashPo). The idea, according to Fryer-Biggs, is that DoD would use radio frequencies and electromagnetic field distortions to insert malicious code into closed networks via overflying aircraft or nearby parked vehicles. Check out the article for more, this is good stuff.
***
Ellyne Phneah writes for ZDNet on active defense and honeypots. Phneah suggests that an active defense strategy makes more sense for government entities than private entities because they “have more resources and more sensitive information to protect. . . .” While that may be true, I don’t think that means an active defense strategy doesn’t make sense for private entities. Anywho, Phneah goes on to describe how honeypots may backfire, noting that honeypots could attract unwanted attention from cybercriminals and place too much emphasis on “creating diversions,” thereby failing to secure the rest of the network.
***
Charlie Osborne, for ZDNet, on how ICS-CERT found “sophisticated malware . . . on two engineering-based workstations that are ‘critical’ to the control” of a US power station. The malware may have infected the system via USB.
***
Some CNY News!
Via PRNewswire, “Utica College’s cybersecurity and information assurance courses” have gotten the NSA’s seal of approval.
***
John Reed, for Foreign Policy, reports that Sen. Chuck Hagel will tackle a number of cyber issues if he is confirmed as SecDef. One of those issues may involve elevating CyberComm to independent combatant command status and finally ironing out those Cyber ROEs (which, as I consistently note, have been “close to release” for the past year).
John Reed, again for Foreign Policy, noting that Sen. Hagel would also push for cybersecurity legislation along the same lines as the CSA of 2012.
***
Peter Teffer for The Christian Science Monitor on whether good hackers should be protected by law.
***
The AP’s Hyng-Jin Kim, via ABC News, reports that NKorea was behind a cyberattack on Seoul Daily.
Leave a Reply