Cybersecurity News Bytes for the Week Ending 16 Feb 2018
Winter Olympics Hacked
The PyeongChang Olympics suffered a cyber attack lasting about 12 hours over the weekend of 10-11 February. The Winter Olympics official website was down, and the attack also affected WiFi and television connections in the media center. Officials said they were aware of the cause of the attack, but are not releasing any attribution comments while the Olympics are still ongoing. Analysis of the malware, dubbed “Olympic Destroyer” by cyber experts, determined that it includes not only disk wiping malware but also has the capability to mutate and evolve as it moves through a network. Olympic Destroyer was apparently deployed using EternalBlue, one of the stolen U.S. Government exploits leaked by Shadow Brokers last year. Info Security, 12 Feb 2018 and Bleeping Computer, 14 Feb 2018
U.S. and UK Government Sites Hit With Crypto Miners
More than 4,000 websites affiliated with UK, U.S. and other government organizations were infected with Coinhive (cryptojacking) malware that caused their browsers to surreptitiously mine for the digital currency Monero. The common denominator for all the affected sites was a text-to-speech script called BrowseAloud developed by TextHelp. When infected, browsers began to use CPU power to illegally generate Monero. TextHelp removed the script as soon as they were notified of the malware infection. The UK’s National Cyber Security Centre is investigating the incident. Bleeping Computer, 11 Feb 2018
Facebook Under Fire for Messenger Kids App
Facebook is under pressure from child advocate groups to remove Messenger Kids, an app launched in December and intended for pre-teen children. While Facebook claims to have consulted parents, child advocates, and other stakeholders before launching Messenger Kids, they failed to mention that many of those endorsing the new app were paid by Facebook for their endorsements. Wired Newsletter, 15 Feb 2018
Congressional Testimony on Cyber Threats to U.S.
On 13 February, Directors of the FBI, CIA, NSA, and ODNI provided their annual, unclassified update to the Senate Select Committee on Intelligence. They pointed to several cybersecurity topics of interest, including the continuing threat of Russian interference in the U.S. elections, ongoing Russian cyber attacks against Ukraine (especially the Ukrainian electrical grid), and the threat posted by information technology produced by China and sold in the U.S. In response to questioning about reported U.S. negotiations with the Shadow Brokers to retrieve stolen NSA cyber exploit tools, CIA Director Mike Pompeo flatly denied that CIA had offered to pay for return of the tools in contrast to published reports. (Various media reports)
February Has a Busy Patch Tuesday
Between them, Microsoft and Adobe issued fixes for over 90 vulnerabilities on 13 February. Microsoft issued 50 patches, 14 of them listed as “critical.” Adobe released 41 fixes, 17 of which were “critical.” Users are reminded to upload any updates to their operating systems and applications to prevent attacks against their systems. Infosecurity Magazine
Kaspersky Challenges Ban on its Anti-Virus Software
On 14 February, Moscow-based Kaspersky Lab filed suit in U.S. District Court in Washington, D.C. against the ban of its products by the U.S. Government. Kaspersky claims that the ban by the Department of Homeland Security (DHS) has caused reputational damage and loss of business in the United States. The DHS ban, issued in September 2017, was based on the fear about Kaspersky’s links to the Russian Government that could be used to collect sensitive U.S. Government information for the Kremlin. The basis for the claim, filed by Washington law firm Baker McKenzie on behalf of Kaspersky, is that the company’s Fifth Amendment rights to due process were violated because they didn’t have sufficient opportunity to contest the ban. Darkreading.com
Return to our HOME PAGE
