Weekly Executive Summary for Week Ending March 11, 2016

By John Atienza on March 17, 2016

Cyber Threat Intelligence Trends

Targeted Industries

Banking
Information Technology
Manufacturing
Consumer Goods
Retail

Active Threats

Anonymous
New World Hacking
APT28 Pawn Storm – Tsar Team
Cyber Caliphate
Desert Falcons

As demonstrated by the large number of ransomware incidents and data breaches, today’s IT security strategies are focusing too much on perimeter defense and not enough on endpoint and data protections.It takes only one malicious site or phishing email to bypass perimeter defenses and compromise an organization’s confidential information. On a related note I would give Dell’s DCEPT Honeypot tool a look for detecting breaches stemming from compromised endpoints.

In terms of data protection an organization’s responsibility to follow compliance regulations and data protection laws will always be questioned when it comes to data breaches. An organization cannot simply write off their responsibilities in their EULA or Terms of Service agreements to reduce liability. The laws in place will make attempts at reducing your liability unenforceable. This same problem was the case with V-Tech when they tried to avoid the responsibility to protect children’s private information in both Europe and the United States.

Another item to consider is mobile security. The mobile phones of both South Korean government officials and Japanese ICS employees were hacked for the purpose of espionage and data exfiltration. This is also applicable to Dark Hotel as many people connect their mobile devices to wireless. Mobile security will be the next big security item to focus on especially for VIPs and businessmen and women who go on the road.

The Department of Homeland Security is briefing the United States’ critical infrastructure companies to step up their security after Ukraine’s cyberattack. Ukraine’s Dark Energy and Japan’s Operation Dust Storm prove that hacking and possibly debilitating critical infrastructure is possible through cyber-attacks.

One important lesson learned from RSA Conference 2016 is that hacking back is a very dangerous and litigious road to go down. Hacking back could put an organization at even more risk, create international diplomatic incidents, cause legal problems both in the United States and abroad, and prevent any type of help from coming because of counter-offensive actions.

Note:The purpose of the weekly executive summary is to provide useful information that a business or agency could use in both its cybersecurity and business strategies. In order for this website to serve the community we need to know your concerns and questions about (for example) proper safeguards for technology you’re looking into or what sets of compliance and governance policies would you need to operate a particular business. The CSCC openly invites you to send in your inquiries. We’ll have students research your issues and provide an analysis of the information at hand to guide you with all things cybersecurity. Mail us at: uhwocscc@hawaii.edu