The Stroz Friedberg Cyber Brief


email : Webview : Cyber Brief: North Korea Steals Military Designs in Hack of South
The Cyber Brief
Today's Top Story
MONDAY, JUNE 13, 2016
NORTH KOREA STEALS MILITARY DESIGNS IN HACK OF SOUTH
Police in South Korea allege that hackers across its northern border stole thousands of defense industry documents, including wing designs for an F-15 fighter aircraft and photos of drones. The theft was reportedly part of a much larger hacking campaign, infiltrating more than 140,000 computers at 160 South Korean firms and government agencies, which began in 2014 but was only discovered this past February. A South Korean military official said the assailants did not obtain sensitive information, such as jet engines or electronic systems, and would “likely have a negligible impact on national security.” North Korea regularly denies conducting cyberattacks, but defectors and experts say it has ramped up its hacking capabilities in recent years. (Reuters, WSJ)
Twitter: The company alerted users that their accounts are at risk of being taken over after a database containing nearly 33 million usernames and passwords was made public. In related news, Facebook founder Mark Zuckerberg briefly lost control of both his Twitter and Pinterest accounts last week, after a hacker broke into both and defaced pages. (WSJ, Guardian)

‘Peace’ Hacker: Wired magazine interviewed a hacker known as “Peace_of_mind,” who is linked to dark web sales of millions of stolen accounts. While almost none of Peace’s claims could be confirmed, it offers some insight into the mind of a blackhat hacker. (Wired)

Botnet: One of the world's largest criminal botnets—a massive collection of computers used to launch attacks—has mysteriously disappeared. Analysts speculate the development may be linked to the Russian government’s arrest of a gang of around 50 hackers. (Motherboard)
Credit Cards: A federal appeals court ruled that law enforcement can legally scan or swipe a seized credit card without a warrant. Swiping a card does not constitute a physical search, as the magnetic stripe contains the same information visible on the front of the card, the court said. (Ars Technica)

Uber: A Paris court convicted Uber and two of its executives in France— Pierre-Dimitri Gore-Coty and Thibaud Simphal—of violating transportation and privacy laws, fining them a total of about $1.1 million. Analysts say the outcome illustrates the degree to which the company is under pressure to adapt to a broad array of regulatory threats. (WSJ)
Email Privacy: A popular bipartisan bill that would require police to get warrants for older emails has hit a snag over a proposed amendment that would expand the FBI’s surveillance authority. Privacy advocates say the legislation would help ensure that investigators don’t violate individuals’ privacy, given the central role now played by emails and other electronic communication. (WSJ)

ICANN: The Commerce Department approved a proposal aimed at offloading oversight of the internet's name-and-address system to an international body. Opponents say the plan is a risky bid to win goodwill abroad and lacks enough safeguards. (WaPo)
Tech Partner Problem: Industry analysts say that the bureaucratic demands placed by the Pentagon on private-sector startups is often too great. The process has become so burdensome that these firms often must suspend business with all other customers in order to service Defense Department contracts. (WaPo)
Microsoft: The software giant is acquiring LinkedIn, the business-oriented social media network, in a $26.2 billion cash deal. Jeff Weiner will stay on as CEO of LinkedIn and will report to Microsoft CEO Satya Nadella. (CNBC)

Symantec: The cybersecurity firm has agreed to buy Blue Coat Systems in a $4.65 billion deal that will give it a new portfolio of cyberdefense technologies along with a new chief executive. The transaction is expected to close before October. (WSJ)

Driverless Cars: In an industry first, UK-based insurer Adrian Flux has begun offering customers in Britain a special policy designed for autonomous and partly automated vehicles.

Area 1: A innovative cybersecurity startup is monitoring computer servers that have already been compromised in an attempt to head off spear-phishing attacks. (NYT)
Afghanistan: The Taliban are pushing into social media, recently releasing audio files with songs and news updates, and launching a smartphone app for their Voice of Jihad website, available in multiple languages. (WSJ)

Singapore: Government employees of the island nation are temporarily losing internet access at work to make official information systems more secure. The government said it has begun disconnecting internet from the work stations of some employees and will expand the process to all public workers by next June. (AP)
Must Reads
The Orlando Massacre and How ISIS Outsources Terror: “These people elect to wrap themselves in the Islamic State’s brand because of its unparalleled notoriety, an image that the group has cultivated through a sophisticated propaganda campaign that has taken advantage of social media’s power and pervasiveness. As I wrote earlier this year, the Islamic State’s media operation is focused not just on luring recruits to emigrate to the 'caliphate,' but also on tapping into the psyches of twisted souls searching for meaning,” writes Brendan Koerner for Wired.

A Russian Cybersleuth: “Mr. Kaspersky is something of an anomaly in Russia, a businessman who built a global brand from scratch, using brains and persistence. His firm is among the most successful international computer security operations in the world, with offices in 32 countries, about 400 million people using its software (by its own estimate) and high-profile advertising campaigns, like its sponsorship of Ferrari’s Formula One team. However, given the tense relations between Russia and the West, Kaspersky Lab is fighting a rear-guard battle along with combating cybercrime,” writes Neil MacFarquhar in the New York Times.

Taking the Grid Offline: “The American power grid is more efficient than ever before because electricity plants, transformers, and other key pieces of infrastructure are networked together, allowing for electricity to be redirected in real time from areas with too much to those needing more. The problem is that those gains have also left the overall system open to attack. Power stations and grids run by network-connected computer control systems can be hacked to cause widespread power outages,” writes Elias Groll in Foreign Policy.
Top Op-Eds
Follow us:

EDITOR-IN-CHIEF, KAREN J. GREENBERG, DIRECTOR, CENTER ON NATIONAL SECURITY, FORDHAM LAW SCHOOL
Stroz Friedberg
powered by emma