Cyber Research

Cyber News

Cyber Info


 September, 2016







 In this issue



*         New USB Kill 2.0 Thumb Drive Can Kill Your Laptop or PC in a Second

*         Stopping Hackers from Turning Power Off

*         UK’s National Cyber Security unit working on Automated Defenses

*         Someone Is Learning How to Take Down the Internet

*         Latest Cyber Security NewsLatest Cyber Security News


about the Cyber Security News update

The Cyber News Update is an activity of the Cyber Research Center - Industrial Control Systems and intended to reach out to all Cyber Security Professionals interested in industrial / critical infrastructure threats, protection & resilience. For more information visit the CRC-ICS website at www.crc-ics.net or www.cyber-research-center.net


New USB Kill 2.0 Thumb Drive Can Kill Your Laptop or PC in a Second

September 12, 2016

A Hong Kong company is selling a USB thumb drive called USB Kill 2.0 that can fry any computer it's plugged into by introducing a power surge via the USB port.

Last year, a device called USB Killer developed by a Russian hacker named Dark Purple made waves online because of its ability to destroy any computer the hacker wanted.

Now, a Hong Kong company that uses the same name, USB Killer, has launched a similar product called USB Kill 2.0, which is selling online for $49.95.

The company claims it developed the product for the sole purpose of allowing companies to test if their devices are vulnerable to USB power surge attacks.

The USB Kill 2.0 is a testing device created to test USB ports against power surge attacks. The USB Kill 2.0 tests your device's resistance against this attack.

The USB Kill collects power from the USB power lines (5V, 1 - 3A) until it reaches ~ -240V, upon which it discharges the stored voltage into the USB data lines.

This charge / discharge cycle is very rapid and happens multiple times per second.

The process of rapid discharging will continue while the device is plugged in, or the device can no longer discharge - that is, the circuit in the host machine is broken.

The USB Kill Tester Shield is a dual purpose device:

- It allows you to test your USB Kill 2.0 without damaging your host device.

- It prevents data theft via 'juice-jacking'

If you use a charger or USB port that is not your own - the device can steal your data while you are charging. Using a USB Kill Shield will prevent devices from having access to your data.

The device also comes with a protection shield sold for $13.95 that allows users to test their devices without destroying them.

Removing this protection shield weaponizes the device, which will then be able to fry the devices it's being plugged into. The company says on its websites that it "strongly condems [sic] malicious use of its products."

According to its own set of tests, the company claims that 95 percent of all devices available on the market today are vulnerable to power surges introduced via the USB port.

The only devices not vulnerable to USB kill attacks are recent Macbook models, which optically isolate the data lines on the USB ports.

More info https://www.usbkill.com/

Stopping Hackers from Turning Power Off

September 13, 2016

The power goes out. Is a storm or downed line to blame for the power outage? No—an attack by a malicious hacker is the cause.

Your local power grid may not seem like a likely target for cyber hackers, but cybersecurity threats are an all-too-real risk for many buildings and electric grids connected to the Internet. According to a U.S. Department of Homeland Security report, although “the energy sector only represents 5-6 percent of U.S. GDP, the energy industry is subject to roughly 32 percent of all cyberattacks.”

Network of transmission lines. In response to this vulnerability, the Senate recently passed a comprehensive energy reform bill that, among a number of other things, would establish a mechanism for dealing with cybersecurity threats to the electric grid. The bill, the Energy Policy Modernization Act of 2016, would designate the U.S. Department of Energy as the agency responsible for protecting the grid from cybersecurity threats.

This bill would also expand the Secretary of Energy’s authority under the Fixing America’s Surface Transportation (FAST) Act, which took effect in December 2015. The FAST Act established the Secretary’s power to address power grid security emergencies. The Senate’s bill, however, would clarify and extend this authority to include cybersecurity threats.

Under the Senate bill, the President would determine when a hacker’s attack on an electrical grid necessitates “immediate action.” After that determination, the Secretary of Energy would have the authority to intervene, ordering power companies to protect the power system as well as directing them how to do so. These emergency orders from the Secretary would be able to be given without prior notice and could remain in effect for up to 30 days, although in some circumstances they could be amended to last for as long as 90 days. To preempt financial concerns from energy companies and their shareholders, the bill contains provisions allowing companies to recoup the costs for actions ordered by the Secretary.

Another piece of the bill focuses on fortifying the country’s power supply by researching and developing technologies “to identify and mitigate vulnerabilities.” It would direct the Department to conduct a research program to combat cybersecurity threats, authorizing $65 million in funds each year through 2025 for the Department to carry out this research and testing. An additional $15 million per year would be authorized for testing vulnerabilities in the energy sector supply chain to cyberattacks.

The bill also highlights a category of “critical electric infrastructure information.” Information in this category pertains to key parts of the nation’s power supply that, were they destroyed or disrupted, “would negatively affect national security, economic security, public health or safety, or any combination of those matters.” Under the bill, the Department of Energy would have the authority to designate which information fits into this category. Once designated, that information would be exempt from disclosure requirements, such as those in the Freedom of Information Act.

Recent events have highlighted vulnerabilities in the power supply system, paving the way for the bill’s cyber measures. One headline-grabbing incident occurred in March, when the Southern District of New York indicted a group of Iranian hackers for repeatedly hacking into a small dam in New York in 2013, targeting numerous major financial companies and gaining control over water levels. That episode ultimately caused little damage, aside from inconveniencing customers, but it demonstrated the potential threat nonetheless.

Reactions to the Senate bill so far have been mixed. The Heritage Foundation denounced the bill, opposing its cybersecurity measures in particular, for its use of taxpayer funds and increased federal authority over cybersecurity, “which should be led by the private sector.” The U.S. Chamber of Commerce, meanwhile, strongly supported the bill, going as far as notifying Senate members of its plan to include the vote in the Chamber’s annual How They Voted scorecard.

The House of Representatives passed an amended version of the bill in May. Before the bill can become law, however, a conference committee will need to reconcile it with the differences with the House of Representatives’ version. The House had previously passed an energy bill last December, but it included some controversial provisions for natural gas exports that lead President Obama to threaten a veto.

President Obama has voiced support for the Senate bill, however, and Secretary of Energy Ernest Moniz said the bill contains “many very, very positive elements.” Still, resolving the differences between the Senate and House versions of the bill is no small task. An energy bill conference has not been held since 2005, and Senate Democrats will face intense scrutiny from environmental groups opposed to measures in the House bill not related to cybersecurity.

Read more at  http://www.regblog.org/2016/09/13/hamilton-stopping-hackers-from-turning-off-the-lights/

UK’s National Cyber Security unit working on Automated Defenses

September 13, 2016.

The CEO of the UK’s new National Cyber Security Centre wants industry and government to work more closely together to combat cyber crime.


Giving his first public speech as CEO of the NCSC, at the Billington Cyber Security Summit in Washington today, Ciaran Martin warned that far too many unsophisticated cyber attacks are succeeding, going on to discuss the government’s new more pro-active cyber security strategy — including looking into large scale DNS filtering as a potential method to automate blocking malware at scale.

“The great majority of cyber attacks are not terribly sophisticated. They can be defended against. And if they get through their impact can be contained. But far too many of these basic attacks are getting through. And they are doing a lot of damage,” he said.

And while he praised the efforts of the security industry to tackle cyber crime to date, he said the fact so many basic attacks are prevailing points to a systemic problem with the private sector’s approach — arguing there’s therefore a need for government to take a lead.

“Something is not quite working yet in the marketplace in terms of cyber security,” said Martin. “There are great companies, great people, there’s great innovation, and barriers to information sharing are being broken down. But given the record of the past few years it’s hard to say that we’ve got ahead of the threat.

“If we’re to maintain confidence in the digital economy, we’ve got to tackle this end of the problem,” he continued. “I believe there’s a legitimate role for the Government in taking a lead… at least temporarily. This is the thinking behind our strategy.”

The UK government named cyber security a priority area, back in November 2015, announcing a plan to nearly double spending, to £1.9 billion by 2020, including funding the setting up of the NCSC, which reports into spy agency GCHQ and is due to formally open its doors this fall.

Martin described how the UK is taking a three-pronged approach with its cyber security strategy, beginning with what he dubbed the “organisational coherence” of establishing a central hub in the form of the NCSC.

Next he said it’s prioritizing the defending of “the most serious threats” — such as cyber attacks on national infrastructure. (On the most serious cyber attacks side, he confirmed the UK has not yet faced “a single stand-out incident of hostile foreign cyber attack” but said he’s expecting one, adding: “Last year we detected twice as many national security level cyber incidents – 200 per month – than the year before.”)

The third plank of the strategy is focused on improving the digital security ecosystem as a means to tackle the “unsophisticated, prolific threats” that he warned post a threat to consumer trust in the digital economy. This includes the government seeking to foster and even directly invest in relevant security startups.

“Like the US and other allies we have a chronic cyber security skills challenge that can only be addressed through sustained, long-term action,” he noted.

Detailing some of the NCSC’s work aimed at combating the broad funnel of low grade cyber crime, he said the unit has been looking at what “a more activist and automated approach” can achieve — citing automated spam filters and content filters as some of the inspiration for its thinking here.

Automated measures the NCSC is looking at include trialling a DMARC policy on UK government email to stop emails from the wrong IP sets or with the wrong key from being delivered.

“We’re also piloting ways of tackling commodity attacks, where we’re sending automated takedown requests to hosters, registrars and others. And we’re starting to see real, measurable results: looking at phishing attacks against UK government brands, the median time the phishing site is up has dropped from 49 hours to 5 hours. This is a clear, objective protective result,” he added.

The unit has also been working with the private sector on a voluntary basis aimed at developing other automated defenses, according to Martin.

“We’re currently working with the UK telecommunications industry to stop the well-known abuse of the BGP and SS7 protocols to reroute traffic. If we’re right, this will mean it’s much more difficult for UK machines to participate in a DDOS attack. And if we’re right then everyone else can do it,” he said.

He also mentioned an exploratory “flagship project” to scale DNS filtering to try to block consumers from coming into contact with “known malware and bad addresses” — albeit noting it would need to be opt-out based to ensure consumer choice.

“It’s crucial that all of these economy-wide initiatives are private sector led. The Government does not own or operate the Internet,” he added.

In the speech, Martin also took time to laud the partnership between the US and UK intelligence agencies.

“There’s no closer, more important, or more successful partnership in global security,” he said, before adding: “As the world faces many uncertainties, our transatlantic alliance is as important as ever.”

More Info https://techcrunch.com/2016/09/13/uks-national-cyber-security-unit-working-on-automated-defenses/


Someone Is Learning How to Take Down the Internet

September 13, 2016.

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.

First, a little background. If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDoS). Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it's overwhelmed. These attacks are not new: hackers do this to sites they don't like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it's a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.

Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.

The attacks are also configured in such a way as to see what the company's total defenses are. There are many different ways to launch a DDoS attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they've got to defend themselves. They can't hold anything back. They're forced to demonstrate their defense capabilities for the attacker.

I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex."

There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.

Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

What can we do about this? Nothing, really. We don't know where the attacks come from. The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it's possible to disguise the country of origin for these sorts of attacks. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the US decides to make an international incident over this, we won't see any attribution.

But this is happening. And people should know.

Read more: https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html


Latest Cyber Security News

Individuals at Risk

Identity Theft

Identity Theft: How To Protect Yourself Or Resolve It: Identity theft impacts more than 17 million consumers every year, and consumers over 50 can be particularly vulnerable. This year is on track to exceed the 780 data breaches of 2015, according to the Identity Theft Resource Center. But there are a few key ways to protect yourself from becoming an identity theft victim and taking action if your identity is stolen. Forbes, September 14, 2016

Regulators Slam Wells Fargo for Identity Theft: For years, some Wells Fargo employees subscribed the bank’s customers to products they didn’t request, and that practice has now triggered $185 million in fines. BankInfoSecurity, September 9, 2016

Cyber Privacy

Russian Hackers Get Bolder in Anti-Doping Agency Attack: NOT SO LONG ago, the world learned about Russian cyberespionage attacks only when embarrassed government officials admitted they’d discovered the hackers silently lurking in their systems. Today, the same intruders seem to announce themselves on Facebook, via Twitter, and even on their own website covered in bear-themed clip art and gifs. Wired, September 14, 2016

Simone Biles and Williams Sisters Latest Target of Russian Hackers: Russian hackers — possibly the same group that compromised the Democratic National Committee’s computer servers — have made top American athletes their latest target. The New York Times, September 14, 2016

Location Privacy: The Purview of the Rich and Indigent: I’d just finished parking my car in the covered garage at Reagan National Airport just across the river from Washington, D.C. when I noticed a dark green minivan slowly creeping through the row behind me. The vehicle caught my attention because its driver didn’t appear to be looking for an open spot. What’s more, the van had what looked like two cameras perched atop its roof — one of each side, both pointed down and slightly off to the side. KrebsOnSecurity, September 5, 2016

Cyber Danger

Attack Leverages Windows Safe Mode Tools Used for Support: Researchers warn the Windows diagnostic feature Safe Mode can be used as a remote attack vector by hackers who already have access to a compromised PC or server. The method of attack is unusual, researchers said, and places attention on the diagnostic tool used to fix PC problems and remove security threats. ThreatPost, September 15, 2016

NEVERQUEST TROJAN GETS BIG SUMMER UPDATE: The once prolific banking Trojan Neverquest received a major code revamp over the summer and is now armed with modifications that can more adeptly hijack a victim’s PC, inject code into webpages and steal credentials. The update represents a significant enough change to the malware that researchers have dubbed the latest samples Neverquest2. ThreatPost, September 15, 2016

Ransomware prevalent in cloud-based malware: Cloud-based filesharing, collaboration and social networking applications are ransomware delivery vehicles, according to a report released today. CSO, September 8, 2016

Cyber Defense

CHROME TO LABEL SOME HTTP SITES ‘NOT SECURE’: Chrome users who navigate to some HTTP sites will be notified, starting in January, they’re on a site that isn’t secure. ThreatPost, September 8, 2016

The Limits of SMS for 2-Factor Authentication:
A recent ping from a reader reminded me that I’ve been meaning to blog about the security limitations of using cell phone text messages for two-factor authentication online. The reader’s daughter had received a text message claiming to be from Google, warning that her Gmail account had been locked because someone in India had tried to access her account. The young woman was advised to expect a 6-digit verification code to be sent to her and to reply to the scammer’s message with that code.
KrebsOnSecurity, September 7, 2016

Information Security Management in the Organization

Information Security Governance

Kaspersky Lab Survey Shows Real Business Loss From Cyber-Attacks Now $861K Per Security Incident: On average, a single cybersecurity incident now costs large businesses $861,000, while small and medium businesses (SMB) end up paying $86,500. Most alarmingly, the cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44 per cent more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within one day. Enterprises pay a 27 per cent premium in the same circumstances. These are the main findings of Kaspersky Lab’s report “Measuring the Financial Impact of IT Security on Businesses” based on the 2016 Corporate IT Security Risks survey. InformationSecurityBuzz, September 15, 2016

Cybersecurity Is Every Executive’s Job: All companies connected to the internet are vulnerable to cyber attacks. And the potential losses are significant. Retail giant Target, for example, estimated its losses from a 2013 data breach at more than $250 million. What’s more, according to a recent survey conducted for BAE Systems of 300 managers in the financial services, insurance, and IT/tech industries in the U.S., 85% of respondents listed reputational damage as the most prominent result of a data breach, with 74% citing legal liability as the second largest concern. Harvard Business Review, September 13, 2016

Cyber Warning

MySQL vulnerability disclosed, status of patches uncertain: Oracle’s lack of response to security researchers raises more questions after a zero-day MySQL vulnerability was reported, though patches may have already been released. SearchSecurity, September 15, 2016

Ransomware Getting More Targeted, Expensive: I shared a meal not long ago with a source who works at a financial services company. The subject of ransomware came up and he told me that a server in his company had recently been infected with a particularly nasty strain that spread to several systems before the outbreak was quarantined. He said the folks in finance didn’t bat an eyelash when asked to authorize several payments of $600 to satisfy the Bitcoin ransom demanded by the intruders: After all, my source confessed, the data on one of the infected systems was worth millions — possibly tens of millions — of dollars, but for whatever reason the company didn’t have backups of it. KrebsOnSecurity, September 15, 2016

Secret Service Warns of ‘Periscope’ Skimmers: The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data. KrebsOnSecurity, September 13, 2016

Thousands of Seagate NAS boxes host cryptocurrency mining malware: Thousands of publicly accessible FTP servers, including many from Seagate network-attached storage devices, are being used by criminals to host cryptocurrency mining malware. ComputerWorld, September 12, 2016

Cyber Defense

The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations: The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure is critical to preserve the confidentiality, integrity, and availability of communication and services across an enterprise. US-CERT, September 6, 2016

The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations: The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure is critical to preserve the confidentiality, integrity, and availability of communication and services across an enterprise. US-CERT, September 6, 2016

Cyber Update

CISCO PATCHES CRITICAL WEBEX MEETINGS SERVER VULNERABILITY: Cisco warned customers of 12 vulnerabilities across its product line this week, including a critical vulnerability in the software that powers its conferencing product, WebEx Meetings Server. ThreatPost, September 15, 2016

Adobe, Microsoft Push Critical Updates: Adobe and Microsoft on Tuesday each issued updates to fix multiple critical security vulnerabilities in their software. Adobe pushed a patch that addresses 29 security holes in its widely-used Flash Player browser plug-in. Microsoft released some 14 patch bundles to correct at least 50 flaws in Windows and associated software, including a zero-day bug in Internet Explorer. KrebsOnSecurity, September 14, 2016

Cyber Security in Society

Know Your Enemy

Cybercrime-as-a-Service Economy: Stronger Than Ever: Police estimate that just 100 to 200 people may be powering the “cybercrime-as-a-service” ecosystem by developing the attack code and services that enable criminals who lack technical acumen to pay for their cybercrime will to be accomplished. BankInfoSecurity, September 14, 2016

National Cyber Security

White House Said Mulling Legal Action Against Russian Hackers: The White House is trying to build a legal case against Russian hackers it believes are behind recent leaks aimed at disrupting the U.S. presidential election, while Congress is eyeing sanctions as a remedy, media reports says. RadioFreeEurope, Sepember 16, 2016

Powell emails were leaked on a site linked to the Russian government: Donald Trump is “a national disgrace and an international pariah” who gave voice to a “racist” movement to question President Obama’s citizenship, former secretary of state Colin L. Powell tapped on his keyboard. The Washington Post, September 14, 2016

Hackers, Organizational Doxing, and Data Forgeries: In the past few years, the devastating effects of hackers breaking into an organization’s network, stealing confidential data, and publishing everything have been made clear. It happened to the Democratic National Committee, to Sony, to the National Security Agency, to the cyber-arms weapons manufacturer Hacking Team, to the online adultery site Ashley Madison, and to the Panamanian tax-evasion law firm Mossack Fonseca. The Atlantic, September 13, 2016

How America’s 911 emergency response system can be hacked: Critical to the success of the 911 emergency phone system, which has saved countless lives since it was first implemented in 1968, is its ability to quickly route calls to emergency responders closest to a caller. The Washington Post, September 9, 2016

Obama Names Retired Air Force General as First Federal CISO: President Obama has named Gregory Touhill, a retired Air Force brigadier general, as the U.S. federal government’s first chief information security officer. BankInfoSecurity, September 9, 2016

Congressional Report Slams OPM on Data Breach: The massive data breach at the U.S. Office of Personnel Management (OPM) that exposed background investigations and fingerprint data on millions of Americans was the result of a cascading series of cybersecurity blunders from the agency’s senior leadership on down to the outdated technology used to secure the sensitive data, according to a lengthy report released today by a key government oversight panel. KrebsOnSecurity, September 7, 2016

Cyber Vulnerability

Researcher Finds Critical Vulnerabilities in Hollywood Screener System: A prominent security researcher has discovered serious vulnerabilities in a system that allows awards voters to watch the latest movie screeners online. Chris Vickery, who previously gained access to the ‘World-Check’ terror, crime and sanctions database, informed TF of his discovery last month after an unsecured database was left open to the public. TorrentFreak, September 9, 2016

Cyber Politics

Sowing Doubt Is Seen as Prime Danger in Hacking Voting System: WASHINGTON — Russian hackers would not be able to change the outcome of the United States presidential election, the nation’s most senior intelligence and law enforcement officials have assured Congress and the White House in recent weeks. The New York Times, September 15, 2016

New batch of leaked Colin Powell e-mails lambasts Trump and Clinton: Add former US Secretary of State Colin Powell to the list of high-ranking Washington insiders whose leaked e-mails are rankling their peers with just weeks to go before the US presidential election. ars technica, September 14, 2016

New Documents Released From Hack of Democratic Party: A hacker who American intelligence officials believe has ties to the Russian government made public on Tuesday a second batch of documents suspected of having been stolen from the Democratic National Committee’s computer system, leaving the organization rushing to contain damage or embarrassment less than two months before the presidential election. The New York Times, September 14, 2016

Financial Cyber Security

New York plans cyber rules for banks, insurers to set a floor for cybersecurity standards: Because every major financial institution on the planet operates in New York, the state regulations will effectively form a global floor for cybersecurity standards. FedScoop, September 14, 2016

How EMV is fueling an e-commerce fraud frenzy: The rollout of EMV-enabled credit and debit cards is driving a sharp decline in brick-and-mortar transaction fraud. But now fraudsters have a different target: online retailers. RetailDive, September 14, 2016


OCR Announces Business Associate Audits Coming Soon: The Department of Health and Human Services is gearing up to kick off in October its first-ever round of HIPAA compliance audits of business associates. And the agency is also developing a variety of new guidance aimed at helping healthcare organizations deal with a surge in cyber threats. HealthCareInfoSecurity, September 15, 2016

Critical Infrastructure

Someone Is Learning How to Take Down the Internet: Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses. Schneier on Security, September 13, 2016

Internet of Things

Volkswagen is founding a new cybersecurity firm to prevent car hacking: As cars become more computerized, they’re also facing a greater risk of being hacked. That’s why Volkswagen is founding a new cyber security company devoted to protecting next-generation vehicles. PCWorld, September 14, 2016

Secure the Village

Uber, Dropbox, Other Tech Leaders Team Up To Boost Vendor Security: Tech companies – including Uber, Dropbox, Twitter, and Docker – have joined forces to create the Vendor Security Alliance, which aims to vet vendor security practices. DarkReading, September 16, 2016

Cyber Sunshine

Alleged vDOS Proprietors Arrested in Israel: Two young Israeli men alleged to be the co-owners of a popular online attack-for-hire service were reportedly arrested in Israel on Thursday. The pair were arrested around the same time that KrebsOnSecurity published a story naming them as the masterminds behind a service that can be hired to knock Web sites and Internet users offline with powerful blasts of junk data. KrebsOnSecurity, September 10, 2016

Cyber Event

Secure Coding Class for the Web: The major cause of application insecurity is the lack of secure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects. The class features a combination of lecture, security testing demonstration and code review. Event Date: October 17-21

THIRD ANNUAL LOS ANGELES CYBER SECURITY SUMMIT 2016-SILICON BEACH: Cyber attacks on corporations, governmental agencies and individuals are becoming increasingly widespread and regular, as well as more complex. In honor of National Cyber Security Awareness Month, LMU is once again hosting The Third Annual Cybersecurity Summit that brings together government officials, private business executives and cybersecurity experts to discuss the current and emerging threats that exist in today’s sophisticated cyber environment, and the technological advancements being made to countermeasure and manage these risks. Event Date: October 22, 2016




Cyber ReseArch

Cyber News

Cyber info


The content of this CRC-ICS Cyber News Update is provided for information purposes only. No claim is made as to the accuracy or authenticity of the content of this news update or incorporated into it by reference. No responsibility is taken for any information or services which may appear on any linked websites. The information provided is for individual expert use only.



Founded in 2015, the Cyber Research Center - Industrial Control Systems is a not for profit research & information sharing research center working on the future state of Physical & Cyber Protection and Resilience. CRC-ICS goals are to inform industries / critical infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be prepared to deal with these cyber threats.



Cyber Research Center - Industrial Control Systems. 2016

www.crc-ics.net or www.cyber-research-center.net