Weekly Executive Summary for Week Ending March 4, 2016

By John Atienza on March 4, 2016

Cyber Threat Intelligence Trends
Source: http://recordedfuture.com

Targeted Industries

  • Telecommunications
  • Information Technology
  • Software
  • Retail
  • Food and Beverage

Active Threats

  • Anonymous
  • Cyber Caliphate
  • APT28 Pawn Storm – Tsar Team
  • AnonGh0st
  • New World Hacking

Important Government Events

France is considering a bill that would punish refusal to decrypt data.
The EU and US come closer to agreeing on the Privacy Shield bill that protects EU customer data in transition to the US, but this information will be open to intelligence collection with the purpose of counter-terrorism and anti-multinational criminal efforts.
DoD starts first ever Bug Bounty program called “Hack the Pentagon” to help strengthen its security posture.
US is using big data and information sharing to develop defensive cyber operations.
Smart cars are not adequately protected from cybersecurity threats, but there is legislation in the works to provide security and privacy to car consumers.
Wassenaar Arrangement still needs to be edited so over generalization of “intrusion technologies” will not affect cybersecurity field as a whole.

Notable Events
Mobile phones can be used to spy on 3D printers. This could be used in industrial espionage.
of California Berkeley was hacked again and 80,000 people’s private information was compromised.
Verizon releases a digest of this past year’s investigations which include pirates and hacked utilities facilities.
Thieves exploit Knowledge Based Authentication questions to steal tax refunds.
Interesting Read for Management
There’s a great article in DarkReading about the ROI of cybersecurity and getting upper management to support your efforts. Here’s the link to the article!

The United States and Europe are stepping up their cybersecurity strategies in various facets. The US is still willing to hear from IT subject matter experts on how legislation should be shaped; but Europe is not as willing to be so flexible especially with the recent terrorist attacks in France being so fresh in their memories. This also explains certain intelligence collection provisions on the data transfer agreement between the EU and US.

Note:The purpose of the weekly executive summary is to provide useful information that a business or agency could use in both its cybersecurity and business strategies. In order for this website to serve the community we need to know your concerns and questions about (for example) proper safeguards for technology you’re looking into or what sets of compliance and governance policies would you need to operate a particular business. The CSCC openly invites you to send in your inquiries. We’ll have students research your issues and provide an analysis of the information at hand to guide you with all things cybersecurity. Mail us at: uhwocscc@hawaii.edu