IBM’s Cybersecurity Training Truck

IBM recently introduced a mobile cyber command center which would help in cybersecurity education. It takes the form of a truck in which contains high tech equipment to combat cybercriminals. In this truck, numerous cyber war games happen in which companies practice responses to simulated cyber attacks. These companies participate in cyber war games and have mock attacks to test their defenses. The main purpose of this truck would be training people to respond better during cyber attacks.

A picture of a door opening into IBM's mobile cybersecurity unit on a truck.

 

An interesting fact would be that the truck would be coming to RIT in November, to hold a national penetration testing competition for students. By creating mock-attack scenarios based on previous attacks, companies will be able to either find new vulnerabilities in their defenses or be able to improve their defenses with the experiences they gained from the training.

Source: https://www.nytimes.com/2018/10/15/business/ibm-takes-cybersecurity-training-on-the-road.html

Google+ Vulnerability Kept Secret, Kills Service Later on

Google+ was shut down recently, following the public exposure of an old vulnerability. The issue was found and fixed by Google several months prior, but they failed to mention it to the public. The issue was discovered through some company memos, and has lead to some nasty lawsuits coming Google’s way. The Google+ service was never all that popular, so it’s no surprise that Google is giving it the ax the moment trouble comes up.

Onto the vulnerability itself, it allowed individuals using the development software to access private information of users. However, due to Google+’s small user base, only 432 people actually ever requested the software. There’s a good chance that this exploit never actually saw use, especially given that Google found and fixed it on its own. The reason it’s coming up in lawsuits is because of Google not telling the public about a breach on their private info. Google could even win in court, because there’s not much evidence that anyone’s info even got breached.

Written by James Burger.

Sources:

https://www.wsj.com/articles/google-exposed-user-data-feared-repercussions-of-disclosing-to-public-1539017194?mod=e2tw

New York shows new focus on cybersecurity

4650-splan-cybernyc_logo_480_horiz_final

Recently, the New York Department of Financial Services passed a set of cybersecurity regulations, known as 23 NYCRR 500. These regulations list several cybersecurity requirements that financial services companies must follow. The requirements include creating a written policy on the protection of information, hiring a chief information security officer, performing annual penetration tests and bi-annual vulnerability assessments, using multi-factor authentication, and reporting on risks that may harm users within 72 hours after they are determined. The introduction to 23 NYCRR 500 states that the regulations were created to address the increasing threat of cyber attacks on financial service companies, and to protect the information of both consumers and companies.

In addition, the New York City Economic Development Corporation recently invested $30 million into Cyber NYC, a movement to create strong cybersecurity programs to protect the vital industries located in New York City. The programs being developed by Cyber NYC include the Global Cyber Center, a location for cybersecurity companies worldwide to collaborate and experiment, Hub.NYC, a place for growing cybersecurity companies to gain support from investors and other partners, Cyber Boot Camp, a training program for students to quickly learn about cybersecurity and earn jobs in the field, and the Applied Learning Initiative, a series of educational programs ran in colleges to increase workers in the cybersecurity field. These programs aim to create new jobs in the cybersecurity field, allow cybersecurity startups to gain the support they need to aid in the task of increasing security, and connect the cybersecurity industry worldwide to combat the growing threat of cybercrime.

Ryan Vay

Sources:

https://www.securityinfowatch.com/article/12431196/new-yorks-laser-focused-move-to-better-cybersecurity

https://www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf

https://securitytoday.com/articles/2018/10/08/nyc-invests-30-million-in-cybersecurity.aspx

https://www.cyber-nyc.com/

Russian GRU Military Officers/Hackers Indicted

blog post picture

On October 4, 2018, seven Russian hackers were indicted for hacking in relation to the Russian Olympic doping scandal.  Beginning in 2014, these individuals allegedly hacked into the computer networks of the organizations charged with investigating and putting an end to Russian athletic doping.  They were specifically charged with stealing and publicizing the personal information of officials that were a part of anti-doping agencies, as well as stealing and publicizing medical information from 250 athletes from the U.S. and 29 other countries, including modifying medical information to make it appear as if some non-Russian athletes were doping when they were not.  Additional charges include conspiracy to commit computer fraud, conspiracy to commit wire fraud, wire fraud, aggravated identity theft, and conspiracy to commit money laundering. Some of the methods used by the Russian hackers were spear-phishing, distributed denial of service attacks (hackers accomplish a DDoS attack by literally sending so much web traffic at a target that it is unable to function), spoofing legitimate web domains, and using cryptocurrencies to cover their tracks.

The motive of this hacking charged in the indictment was apparently in revenge for revealing the nature of Russia’s state-sponsored athlete doping program, which resulting in Russian athletes participation being limited during the 2016 Olympics and banned from the 2018 Olympics. According to Assistant Attorney General John Demers of the National Security Division, the goal of the state-sponsored Russian hackers was “to pursue [Russia’s] interests through illegal influence and disinformation operations aimed at muddying or altering perceptions of the truth.” 

The indictment names all seven hackers as members of the Russian Federation intelligence agency (a.k.a. GRU) housed in the intelligence directorate of the Russian military. Three out of the seven were also charged as part of the Mueller investigation. The Mueller investigation is an investigation headed by the former director of the FBI, Robert Mueller, to investigate Russian involvement in the 2016 presidential election. There is widespread concern that Russian hackers hacked the Democratic National Convention to compromise the infrastructure of the 2016 US election.

               While none of the Russians that were charged in the Olympic doping indictment were arrested because they are Russian nationals living in Russia, authorities say that these charges make it difficult for them to travel, and they will no longer have the benefit anonymity.  “These activities by Russian GRU officers move well beyond acceptable government intelligence operations. The GRU is breaking traditional international norms—and the law—in using cyber tools and resources in the fashion that they have,” said FBI Cyber Division Deputy Assistant Director Eric Welling. “The FBI considers any criminal activity conducted by nation-state actors, especially those leading to the violation of Americans’ privacy or interference in our economy, to be a matter of national security.”

Russian hackers also were recently alleged to have been involved in hacking into the Organization for the Prohibition of Chemical Weapons in April. This crime was carried out in the Netherlands and was specifically designed to target an organization that was analyzing the nerve agent that British authorities said was used in an assassination attempt by Russian assassins against a former Russian spy and his daughter in England.

Sources:

https://www.nbcnews.com/news/us-news/7-russians-indicted-hacking-related-olympic-doping-scandal-nerve-agent-n916656

https://www.theverge.com/2018/10/4/17936442/russian-hackers-charged-hacking-anti-doping-mo-farah

https://www.foxnews.com/politics/muellers-russia-investigation-what-to-know

https://www.fbi.gov/news/stories/russian-gru-officers-charged-with-hacking-100418

 

 – Matthew Christie

The Importance of Cybersecurity in Modern Video Surveillance Environments

Spencer Roth

cyber-camera-enews

As it is widely agreed upon, more and more physical security devices are being connected through the Internet of Things (IoT), and are lacking proper cyber security. It is therefore critical for security leaders to focus on securing every aspect of their network infrastructure, which includes confirming software updates and firmware on surveillance cameras are completed as available. A threat could enter from anywhere in an organization’s ecosystem and regardless of the nature of the attack, the cyber criminal’s goal is to exploit vulnerabilities quickly and profit from them.

With so much information to be protected, security leaders need to evaluate how to secure not only their video data but also the entire video surveillance system. In the past, this meant making sure best practices were enforced so that an individual could not physically tamper with a camera, however, now the focus also incorporates IT processes, such as ensuring that no one can access the camera and its data via the network. Cyber threats continue to increase and evolve in sophistication, and security leaders need to maintain a proactive approach to mitigate risk. As we continue to move toward the connected world, new cyber vulnerabilities will come to light. We as consumers put our trust in vendors in the video surveillance market to provide secure products and guidelines.

Image result for iot security

Encryption and vulnerability testing are essential to ensure secure data transfer. One of the best ways to reduce network vulnerabilities associated with video surveillance systems is to ensure strong levels of data protection. Highly secure encryption and comprehensive role-based access control are two capabilities that elevate protection while meeting the compliance requirements of mission-critical environments. Encryption is typically a resource-intensive process that requires more powerful servers to maintain video performance, resulting in the need for customers to purchase additional costly hardware. However, by leveraging software-based encryption, video system performance is maintained with nominal CPU overhead, eliminating additional hardware investments.

 

 

Sources:

https://www.securitymagazine.com/articles/89426-understanding-cybersecurity-and-its-relationship-with-physical-security-to-reduce-risk

https://www.securitymagazine.com/articles/89444-the-importance-of-cybersecurity-in-modern-video-surveillance-environments

https://www.securitymagazine.com/articles/89425-the-intersection-of-cybersecurity-and-physical-security-is-more-critical-than-ever