Exploring the Cybersphere – November 2016

This week in our blog, we offer a snapshot of cybersecurity, privacy and data security news of interest to the executive suite. Periodically, we’ll recap insights from the growing cadre of voices in this space as well as lend our own views on the issues that impact executive governance of cyber risk and response.

Paging Jill Stein. Did the Russians really elect Donald Trump?

Cybersecurity threats to American elections
Lawfareblog.com
My colleague Ben Buchanan and I have written a paper on cybersecurity threats to American elections. While we examine operations that try to influence American voters—like the much-publicized hack of various Democratic Party entities—we also examine threats to voting infrastructure itself. We consider the motivations of hackers for targeting elections, the plausible threats to election security, and the effects of real and perceived manipulation. We tackle two vital questions. First, how concerned should we be about election cybersecurity? Second, how vulnerable is the United States to a foreign power or other actor trying to undermine the public’s confidence in our elections?

Russian hackers launch targeted cyberattacks hours after Trump’s win
Motherboard.vice.com
Merely a few hours after Donald Trump declared his stunning victory, a group of hackers that is widely believed to be Russian and was involved in the breach of the Democratic National Committee launched a wave of attacks against dozens of people working at universities, think tank tanks, NGOs, and even inside the US government.Around 9 a.m. ET on Wednesday, the hackers sent a series of phishing emails trying to trick dozens of victims into opening booby-trapped attachments containing malware, and clicking on malicious links, according to security firm Volexity, which observed and reported the five attack waves. The targets work for organizations such as Radio Free Europe / Radio Liberty, the Atlantic Council, the RAND Corporation, and the State Department, among others. One of the phishing emails included a forwarded message appearing to be from the Clinton Foundation, apparently sent by a professor at Harvard. The email used the professor’s real address, and according to Volexity’s founder Steven Adair, it’s likely that the professor got hacked and the attackers then used his account to send out the phishing emails.

What might happen on cyber in a Trump Administration? The early forecast.

What a Trump presidency means for cybersecurity, net neutrality, and internet freedom
Newsweek.com
As one of Facebook’s board members, Thiel’s move sparked criticism among the ultra liberal tech community of California. “There are many reasons a person might support Trump that do not involve racism, sexism, xenophobia or accepting sexual assault,” Zuckerberg, who launched Facebook in 2004, wrote in an internal company memo.While Trump’s views on building walls and lack of belief in climate change are well documented, the president elect’s stance on the issues that will directly affect technology firms, and by extension, much of the world are less obvious.

Trump’s vague cybersecurity platform needs a combover
Forbes.com
The campaign is over, the votes have been cast, and Donald Trump will officially take over the Oval Office on January 20th. When he does, we’ll finally find out what changes he has in mind to make America great again — and how he plans to address the nation’s cybersecurity needs. His campaign’s policies page offers some insight, but there are still a lot of blanks to fill in.

In the lame-duck, how Congress makes cybersecurity a non-partisan priority
Forbes.com
With a lame duck session of Congress looming, federal lawmakers are scrambling to push key legislative items through last-minute. One key area of concern is cybersecurity. Recent headlines have exposed a wide array of victims, ranging from both corporate to government entities. Stoking concerns is the ongoing controversy surrounding Russian hacking of Democratic presidential candidate Hillary Clinton’s campaign emails and the DNC, in a perceived effort to influence the outcome of the U.S. presidential election. Against this backdrop, several members of Congress have introduced amendments to the National Defense Authorization Act (NDAA) to strengthen cybersecurity. Yet, is this enough?

One can go from villain to victim very quickly these days.

Russian Banks Become Latest Victim of Mirai Cyberattacks
Newsweek
Five top Russian banks were hit by prolonged cyber attacks on Tuesday, believed by experts to stem from the same source that took down large portions of the internet last month.
The websites of the banks were targeted with what is known as a distributed denial of service (DDoS) attack. According to Russian security firm Kaspersky, who first reported the attacks, as many as 24,000 hijacked devices—insecure items such as webcams and smart home appliances—were used to knock the websites offline by flooding them with traffic. The cyberattacks are the latest in a series of major DDoS attacks that have been carried out by a network of compromised Internet of Things (IoT) devices known as the Mirai botnet. Under the control of hackers, Mirai was able to cause dozens of major websites to go offline in October, including Twitter, Reddit and Netflix.

By Tom Davis, SDI Cyber Risk Practice
November 30, 2016

active