Cyber Research

Cyber News

Cyber Info


 February, 2017







 In this issue



*         Study Reveals Cybersecurity Readiness Gaps in US Oil and Gas Industry

*         Cybersecurity Is a Missing Piece of the Smart City Puzzle (Industry Perspective)

*         Protecting Bulk Power Systems from Hackers

*         State-sponsored hackers targeting prominent journalists, Google warns

*         Latest Cyber Security NewsLatest Cyber Security News


about the Cyber Security News update

The Cyber News Update is an activity of the Cyber Research Center - Industrial Control Systems and intended to reach out to all Cyber Security Professionals interested in industrial / critical infrastructure threats, protection & resilience. For more information visit the CRC-ICS website at www.crc-ics.net or www.cyber-research-center.net


Study Reveals Cybersecurity Readiness Gaps in US Oil and Gas Industry

February 16 15, 2017



A survey of US oil and gas cybersecurity risk managers indicates that the deployment of cybersecurity measures in the industry isn’t keeping pace with the growth of digitalization in oil and gas operations. In a study from the Ponemon Institute – The State of Cybersecurity in the Oil & Gas Industry: United States – just 35% of respondents rated their organization’s operational technology (OT) cyber readiness as high.

Photo Courtesy of Reuters.


The Ponemon Institute – which conducts independent research on privacy, data protection and information security policy – examined how oil and gas companies are addressing cybersecurity risks. Its authors surveyed 377 individuals in the United States who are responsible for securing or overseeing cyber risk in the OT environment – including upstream, midstream and downstream applications.


With most respondents describing their organization as being in the early to middle stage of maturity with respect to their cyber readiness, 68% of respondents said their operations have had at least one security compromise in the past year, resulting in the loss of confidential information or OT disruption.


Additional key findings related to readiness, risks and challenges include:


·         59% of respondents believe there is greater risk in the OT than the IT environment and 67percent of respondents believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats

·         Oil and gas companies are benefiting from digitalization, but it has significantly increased cyber risks, according to 66 percent of respondents.

·         68%  of respondents say their organization experienced at least one cyber compromise, yet many organizations lack awareness of the OT cyber risk criticality or have a strategy to address it.

·         61% of respondents say their organization’s industrial control systems protection and security is not adequate.

·         65% of respondents say the top cybersecurity threat is the negligent or careless insider and 15 percent of respondents say it is the malicious or criminal insider - underscoring the need for advanced monitoring solutions to identify atypical behaviour among personnel.

·         Only 41 percent of respondents say they continually monitor all infrastructure to prioritize threats and attacks. In fact, an average of 46 percent of all cyber-attacks in the OT environment go undetected, suggesting the need for investments in technologies that detect cyber threats to oil and gas operations.

·         68% of respondents say security analytics is essential or very important to achieving a strong security posture.

·         Security technologies deployed are not considered the most effective. 63% of respondents say user behaviour analytics and 62% of respondents say hardened endpoints are very effective in mitigating cybersecurity risks. In addition, 62 percent of respondents say encryption of data in motion is considered very effective. Yet, many companies do not have plans to deploy these technologies. Specifically, in the next 12 months less than half of organizations represented (48 percent of respondents) plan to use encryption of data in motion, only 39 percent plan to deploy hardened endpoints and only 20 percent will adopt user behaviour analytics (UBA).


With regard to solutions and security practices, the security technologies that are considered most effective aren’t extensively deployed. Technologies identified as very effective in mitigating cybersecurity risk include: user behavior analytics (63%), hardened endpoints (62%) and encryption of data in motion (62%). But within the next 12 months less than half of organizations represented say they will use encryption of data in motion (48% of respondents), only 39% will deploy hardened endpoints, and only 20% will adopt user behavior analytics.


Cyber attacks in the oil and gas industry can have potentially devastating consequences for the economy and national security, said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “We hope the findings of this research create a sense of urgency to make the appropriate investments in people, process and technologies to improve the industry's cyber readiness.”


“The fact that nearly 70% of oil and gas companies were hacked in the past year must serve as a call to action,” said Judy Marks, CEO, Siemens USA. “As oil and gas producers use digitalization to become safer and more efficient, there is a clear need to bulk up defenses for operational technology, which is even more vulnerable to attacks than the IT environment. At Siemens, we’re able to draw on our deep experience managing cybersecurity across a global footprint. We help our customers assess risk, secure infrastructure and provide targeted cyber solutions for the operational environment, from the field to the control center and ultimately the enterprise.”


More info https://siemensusa.newshq.businesswire.com/sites/siemensusa.newshq.businesswire.com/files/doc_library/file/Cyber_readiness_in_Oil__Gas_Final_4.pdf

Cybersecurity Is a Missing Piece of the Smart City Puzzle (Industry Perspective)

February 10, 2017

While the concern over smart city security is broadly distributed, a survey of government IT professionals reveals that actions to address these concerns are few and far between.

The term “smart city” is as broad as the successes that are frequently published in industry journals and advocacy websites. It’s clear that the opportunities for the industrial Internet of Things to automate city infrastructure are expansive. From helping to manage waste removal in Seoul to more effective flood mitigation in Calgary, the world is now applying connected technologies to make our cities more efficient, greener and more livable.

There is a cloud behind that smart city silver lining, however. The security research community has been clearly calling out the risks involved in smart city technology, but cybersecurity remains a secondary consideration in planning these initiatives. In part, the failure to adequately address cybersecurity is a consequence of the breadth of these initiatives. There is no silver bullet for securing smart cities because the term really refers to a wide collection of technologies that could be deployed. There are, however, widely accepted best practices for building cybersecurity into initiatives that can and should apply to smart cities, starting with design and ending with operations.

In order to more fully understand the reality and challenges of securing our smart cities, Tripwire conducted a survey of more than 200 IT professionals working for state and local government. Government IT workers are frequently on the front lines of smart city technology in real-world deployments, providing the survey with a valuable perspective on the topic. The results confirm that while the concern over smart city security is broadly distributed, actions to address these concerns are few and far between. To set the stage, the respondents overwhelmingly agreed (74 percent) that smart city initiatives are “very important.” At the same time, a majority (55 percent) said that cities do not devote adequate resources to cybersecurity for smart city initiatives. Clearly, while these initiatives are vital to the future of our cities, cybersecurity is a missing piece of the smart city puzzle today.

In order to understand more about where these concerns come from, we asked respondents about which smart city initiatives their jurisdictions had actually adopted. The top four responses were public Wi-Fi, surveillance cameras, public lighting and apps for city services. These top four initiatives only partially map to where respondents thought there was the most risk from cyberattacks.

Public Wi-Fi is both the most common and most risky of the identified smart city technologies. That conclusion isn’t surprising. Public Wi-Fi systems are a service explicitly open to connection from the community, including attackers. That No. 1 spot is where the similarities between prevalence and risk end, however.

The smart grid ranks second in terms of perceived risk from our respondents, but eighth in prevalence. Disruptions in the energy supply, whatever the source, are always high visibility and they directly affect the average citizen. It’s telling, however, that the respondents who ranked the smart grid second in terms of risk from cyberattacks aren’t average citizens, but IT professionals working in government. Their perspective on risk is ideally more informed for this topic.

Of course, there have been highly public incidents to drive concerns around smart grid security as well. In late December 2015, about 230,000 residents in the Ukraine were left in the dark after a cyberattack. The attack wasn’t simply opportunistic, or the result of a misconfiguration, but a planned and executed multistep operation. It included a coordinated cyberattack that resulted in disabled UPS systems, disabled substations and a telephone denial of service to prevent Ukrainian customers from reporting outages. While this incident occurred outside the U.S., experts have said that the U.S. might not fare as well in such an attack. The Ukrainian power grid was successfully attacked again, nearly a year later. In this case, the result was smaller, about 20 percent of the capacity for the city of Kiev . The tactic was different as well, starting with malware delivered via email phishing that stole valid user credentials.

If these incidents weren’t enough to raise awareness and concern, don’t forget that Ted Koppel published a book in late 2015 called Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath, perhaps foreshadowing these kinds of attacks.

How other countries would fare under the same types of attacks is an open question, and while not explicitly answered by the Tripwire survey, the level of concern is certainly clear.

The third place for risk from a cyberattack goes to transportation systems, which ranked fifth for prevalence of initiatives. Transportation includes anything from driverless buses to the much more common connected traffic lights. In 2015 a pair of security researchers demonstrated that they could remotely infiltrate an unaltered passenger vehicle.  Not only did they undertake simple operations, like changing the radio station or turning on the windshield wipers, they also remotely killed the vehicle. Researchers have also gained access to traffic data and the ability to alter traffic signals in recent years.  While we haven’t seen a serious, criminally motivated incident involving cyberattacks on smart city transportation systems, it’s only a matter of time before these individual risks are assembled into a coordinated attack. The evolution of smart cities means that these attacks aren’t simply about stealing data, they now endanger human life.

Seeking Solutions     

Dramatic, foreboding conclusions never solved any problem alone. The survey respondents were also asked about why cities don’t devote enough resources to cybersecurity for these initiatives. The responses were uncharacteristically evenly split.

Budget, politics and a lack of understanding were all fairly close in terms of response percentages. That’s a telling triad. The allocation of budget, the ultimate fuel for any action within government, is directly affected by the politics and the understanding of the risks involved. Phrased a little differently, government officials don’t understand the risks well enough and aren’t being pressured enough, to allocate sufficient budget to addressing cybersecurity within smart city initiatives. That’s why the security research outlined above is so important.

If you’re not familiar with the security research community, it may be tempting to see these researchers who are discovering and publicizing risks as causing problems by making this type of information public. While an understandable initial viewpoint, it’s ultimately incorrect, unproductive and increases real risk. In most cases, the research that gets publicly shared was conducted with the explicit objective of increasing the security of these systems. History has demonstrated that without this type of research from the security community, these risks remain hidden and are ultimately exploited by criminals. In the best cases, the security research community partners with affected technology vendors to jointly disclose risks after a fix has been created. This type of cooperation benefits the researcher, the vendor and the community of users. It’s this type of cooperation and partnership that should be fostered around cybersecurity for smart cities.

Addressing cybersecurity for the industrial Internet of Things that drive the smart city isn’t all about finding and fixing risks that are already out there. In fact, addressing risks in deployed technologies is the most expensive method available. In order to make more meaningful progress in securing our smart cities, these initiatives need to build cybersecurity in at the design phase. That means addressing basic security best practices around authentication, encryption and secure configuration of systems. It means monitoring the systems to ensure that they’re not being changed or tampered with, either maliciously or simply through human error. Securing complex, connected systems isn’t easy, but it’s not rocket science either. Incorporating the basic, foundational security principles at the planning stage, following through with adequate monitoring of deployed systems, and partnering with security researchers can deliver substantially more secure systems. There may be no silver bullet for securing our smart cities, but there are some solid roadmaps.

Tim Erlin is a senior director of security and IT risk strategist at Tripwire, a provider of security and compliance solutions for enterprises and industrial organizations. Erlin is responsible for the solutions and strategy. He previously managed Tripwire’s Vulnerability Management product line, including IP360 and PureCloud.

Read more at  http://www.govtech.com/security/Cybersecurity-Missing-Piece-the-Smart-City-Puzzle-Industry-Perspective.html

Protecting Bulk Power Systems from Hackers

February 10, 2017.

Reliability measures of electrical grid has risen to a new norm as it involves physical security and cybersecurity. Threats to either can trigger instability, leading to blackouts and economic losses.

New research led by scientists from Michigan Technological University delves into so-called "nightmare" scenarios where hackers exploit security weaknesses and execute a disruptive plan of cyberattacks. The journal IEEE Transactions on Smart Grid published their work recently. Lead author Chee-Wooi Ten, an associate professor of electrical and computer engineering at Michigan Tech, says the fundamental problem is a gap between physical equipment and intangible software.


Advances in smart grid technology—such as smart meters in homes, management systems for distributed energy resources like wind and solar production along with instrumentation systems in power plants, substations or control centers—create both improvements in monitoring and entry points for hackers.

"Ten years ago, cybersecurity simply didn't exist—it wasn't talked about and it wasn't a problem," Ten says, joking that people thought he was crazy for suggesting power grid hacking was possible. "Now with events like in Ukraine last year and malware like Stuxnet, where hackers can plan for a cyberattack that can cause larger power outages, people are starting to grasp the severity of the problem."


Ten points out that hackers target specific parts of the control network of power infrastructure and they focus on the mechanisms that control it. Automated systems control much of the grid from generation to transmission to use. As Ten puts it, the convenience and cost reduction of automation streamlines the process, but without solid security measures, it also makes the systems vulnerable. The interconnectedness of the grid can also cause cascading impacts leading to blackouts, equipment failure and islanding where regions become cut off and isolated from the main power grid.

Emerging Cybersecurity Threats

Ten and his team draw connections and assess weaknesses using a framework that would constantly assess the bottleneck of a power grid and its interconnection with their neighboring grids. Using quantitative methods to prioritize cybersecurity protection will ensure power grids are operated in a more secure and safer manner. Ten says it's like measuring blood pressure.

"You know your health is at risk because we monitor systolic and diastolic numbers, so perhaps you work out more or eat healthier," Ten says. "The grid needs established metrics for health too, a number to gauge if we are ready for this security challenge."

With a better understanding of the system's weaknesses, it's easier to be strategic and shore up security risks. In the long run, Ten says improving regulations with specifics to match actual infrastructure needs and providing cybersecurity insurance will help.

"Simply because the remote substation networks are constantly commissioned with full compliance doesn't mean they are secure," Ten says. "There is going to be a tremendous impact if we're negligent and fail to keep up with changes in communication infrastructure and emerging security threats."




Specific targets are weak in terms of a power grid's cybersecurity; the impacts hacking have cascading effects through the system leading to equipment failure, power outages, blackouts and islanding where a grid section is cut off from the main grid.

Read more at: https://phys.org/news/2017-02-bulk-power-hackers.html#jCp

More Info https://phys.org/news/2017-02-bulk-power-hackers.html#jCp




State-sponsored hackers targeting prominent journalists, Google warns

February 17, 2017.


Google has warned a number of prominent journalists that state-sponsored hackers are attempting to steal their passwords and break into their inboxes, the journalists tell POLITICO.

Jonathan Chait of New York Magazine said he received several messages from Google warning him about an attack from a government-backed hacker starting shortly after the election. He said the most recent warning came two to three weeks ago.

Julia Ioffe, who recently started at The Atlantic and has covered Russia for years, said she got warnings as recently as two weeks ago. (See one of the warnings: http://bit.ly/2kMUyRb)

Some journalists getting the warnings say they suspect the hackers could be Russians looking to find incriminating emails they could leak to embarrass journalists, either by revealing alleged liberal bias or to expose the sausage-making of D.C. journalism.

"The fact that all this started right after the election suggests to me that journalists are the next wave to be targeted by state-sponsored hackers in the way that Democrats were during it," said one journalist who got the warning. "I worry that the outcome is going to be the same: Someone, somewhere, is going to get hacked, and then the contents of their gmail will be weaponized against them — and by extension all media."

The Russian embassy did not respond to a request for comment.

Google cautioned that the warnings did not mean the accounts had been compromised already and were sent due to "an abundance of caution."

Read more: http://www.politico.com/story/2017/02/google-hackers-russia-journalists-234859

Latest Cyber Security News

Individuals at Risk

Cyber Privacy

Germany bans talking doll Cayla, citing security risk: A talking doll named Cayla has been banned by German authorities because the software inside her could be hacked, posing a security risk and allowing personal data to be revealed. Reuters, February 17, 2017

‘Give Us Your Passwords’: What happens if border agents are allowed to demand access to your phone and online accounts—and turn you away if you don’t comply? The Atlantic, February 10, 2017

Cyber Warning — Financial Cyber Security

Reports that Chase customers at risk from cardless eATM fraud: Do you use Chase Bank’s eATM machines, the ones which operate using your smartphone as identification? There are reports gathering criminals may have figured out a way to circumvent security measures, and steal money from your account. While not widespread, the stories do involve large sums of money, and should serve as a reminder about the importance of good information security. Digital Trends, February 13, 2017

Macro Malware Hits Mac Users: After hounding Windows users for well over two decades, macro malware has taken its first steps towards affecting the other operating system on which the Microsoft Office suite is available, and that’s Apple’s macOS. BleepingComputer, February 10, 2017

Reminder to Beware of Fake Ads as Scammers slip fake Amazon ad under Google’s nose: Last year, Google says it took down 1.7bn bad ads. Well, it missed a whopper on Wednesday: a bad ad perfectly spoofed to look like a legit Amazon ad. Anybody who clicked on it was whisked to a Windows support scam, according to ZDNet. Naked Security, February 10, 2017

Cyber Defense

It’s Time for Users to Pony Up and Quit Reusing Passwords: Did you ever notice that no two Thoroughbred race horses are ever named alike? Did you ever wonder how they do that? And did you wonder if that uniqueness has anything to do with your responsibilities as a C-level executive? Security Intelligence, February 16, 2017

Cyber Update

Microsoft Cancels February 2017 Patch Tuesday: Microsoft established a fairly predictable schedule over the last decade of precisely when it issues the most important Windows updates. Known as Patch Tuesday, the second day of each month is when individuals and organization IT departments can usually plan to apply security and other updates to keep their Windows machines humming. … This time around, Microsoft is essentially cancelling Patch Tuesday completely. The company first delayed the update indefinitely, and now it’s official — the next Patch Tuesday update will arrive on March 14, 2017. Yahoo TECH, February 16, 2017

Information Security Management in the Organization

Information Security Management and Governance

The best cybersecurity advice from experts at RSA: Come to the RSA show, and you’ll find plenty of cybersecurity technology. The top vendors from across the industry are here, showing products for fighting ransomware, preventing data breaches and more. PCWorld, February 17, 2017

Cybersecurity and Ransomware – It can get ugly when a hacker takes control of your smart building: Cyber risk affects businesses of every size and industry. A data breach can lead to negative publicity, loss of customer confidence and potential lawsuits. There can be a variety of unanticipated – and costly – business disruptions. Jeffer Mangels Butler & Mitchell, Cyber Security Lawyer Forum, February 8, 2017

Cyber Warning

Security Researchers demonstrate ease of hacking into conference phones to listen in: Criminals can gain a treasure trove of sensitive information by listening in to board meetings, suggest security researchers at Context Information Security, who have shown that some conference phone systems might be at risk from hackers. Information Security Buzz, February 17, 2017

Researchers at RSA demonstrate breach of divide between work, personal data on Android: SAN FRANCISCO–Researchers here at the RSA Conference demonstrated Thursday a way a hacker can bypass enterprise mobility management sandboxing tools known as Android for Work that are designed to segregate work and personal data on Android devices. ThreatPost, February 16, 2017

Phishing: Inside the New Attacks, incl DNC hack: Immediately after the 2016 U.S. presidential election, there was a phishing attack that impressed experts with its ingenuity. Markus Jakobbson of Agari discusses this and other recent attacks – and what we must learn from them. BankInfoSecurity, February 16, 2017

New ASLR-busting JavaScript is about to make drive-by exploits much nastier: For a decade, every major operating system has relied on a technique known as address space layout randomization to provide a first line of defense against malware attacks. By randomizing the computer memory locations where application code and data are loaded, ASLR makes it hard for attackers to execute malicious payloads when exploiting buffer overflows and similar vulnerabilities. As a result, exploits cause a simple crash rather than a potentially catastrophic system compromise. ars tehcnica, February 15, 2017

Cyber Defense

Gmail now blocks all JavaScript email attachments: As of earlier this week, anyone who tries to send a .js (JavaScript) file attachment via Gmail will be out of luck, as they’re now on Google’s list of restricted file types for attachments. Naked Security, February 17, 2017

RSA Tips for CISOs: From 10 Years Ago to Today: I’ve heard it said that experience is something you don’t get until just after you need it. That essentially defines most information security programs I’ve seen. Generally speaking, chief information security officers (CISOs) and security managers know what needs to be done. The outcome, however, is often not quite what they expected. Security Intelligence, February 17, 2017

Email Security from the Trenches: As former CIO of a large government agency, Charles Armstrong is painfully aware of email security issues. Now, as an independent consultant, he’s helping organizations defend against them. BankInfo Security, February 16, 2017

Microsoft unveils a bonanza of security capabilities: Companies concerned about cybersecurity have a fleet of new Microsoft tools coming their way. The company announced a host of new security capabilities Friday morning as part of the run-up to the massive RSA security conference next week in San Francisco. PCWorld, February 10, 2017

Keep Employees Secure, Wherever They Are: Nearly 80% of professionals work remotely at least one day a week, and 1.55 billion others are expected to work outside the boundaries of the corporate office by 2020, according to Frost & Sullivan research. This shift to a mobile workforce is causing technology disruption because remote workers require different solutions and infrastructure, which can increase vulnerabilities. DarkReading, February 10, 2017

Cyber Law

$5.5 Million HIPAA Settlement for Florida Provider: Federal regulators have signed a $5.5 million HIPAA settlement with a Florida-based healthcare system for breaches related to unauthorized access to tens of thousands of patients’ information by employees that lasted for more than a year and that subsequently led to criminal charges. It’s the second largest such settlement to date. HealthCareInfo Security, February 17, 2017

Smart Television Manufacturer Settles by Paying $ 2.2 Million to the FTC and the State of New Jersey: The FTC and the State of New Jersey recently announced a settlement with Vizio, Inc., in the amount of $2.2 million for tracking consumer behavior using its smart television devices. Alston Bird, February 11, 2017

Cyber Security in Society

Cyber Crime

Yahoo announces additional breaches occurred as recently as 2016: Yahoo has sent out another round of notifications to users, warning some that their accounts may have been breached as recently as last year. The accounts were affected by a flaw in Yahoo’s mail service that allowed an attacker—most likely a “state actor,” according to Yahoo—to use a forged “cookie” created by software stolen from within Yahoo’s internal systems to gain access to user accounts without a password. ars technica, February 15, 2017

Know Your Enemy

Google ranks Gmail malware targets: Here’s how your sector rates on malicious spam: Google’s breakdown of Gmail customers who receive the most spam reveals that the real-estate sector is the prime target of emails with malicious attachments or links. ZDNet, February 17, 2017

Was cybercriminal outed when he re-used same password on multiple accounts?: Late last month, multiple news outlets reported that unspecified law enforcement officials had seized the servers for Leakedsource.com, perhaps the largest online collection of usernames and passwords leaked or stolen in some of the worst data breaches — including billions of credentials for accounts at top sites like LinkedIn and Myspace. KrebsOnSecurity, February 15, 2017

US National Cyber Security

Hackers using ViperRAT Android malware to spy on Israeli soldiers Hackers are carrying out surveillance on members of the Israeli military by hacking into their Android phones in order to monitor activity and steal data – potentially including photos and audio recordings – according to security companies. ZDNet, February 17, 2017

Speakers at RSA Say Election-Tampering ‘a red line we should not allow anyone to cross’: As discussion about possible American collusion with Russian interference in the 2016 US presidential election heats up in Washington, the events have also been a hot topic here. RSA Conference speakers have not only tackled recent hacking events specifically, but discussed how they exacerbate the weaknesses of an already fragmented, lightly regulated voting system with highly irregular security practices. Dark Reading, February 17, 2017

Representative Chaffetz probes Trump admin handling of information security at Mar-a-Lago: Chaffetz asked the White House to provide details on security at a gathering the President’s Florida resort, and whether classified information was passed around a dinner table. UPI, February 14, 2017

State-sponsored hackers targeting prominent journalists, Google warns: Google has warned a number of prominent journalists that state-sponsored hackers are attempting to steal their passwords and break into their inboxes, the journalists tell POLITICO. Politico, February 10, 2017

Talinn 2.0 – There’s Cyberwar and Then There’s the Big Legal Gray Area: The Russian government-backed hacks of Democratic political organizations that upended the 2016 presidential contest represent the sort of legal gray area U.S. adversaries will continue to exploit if nations don’t create rules of the road in cyberspace, the director of an updated manual on international cyber law said Wednesday. Nextgov, February 9, 2017

Tallinn 2.0 – International Law Applicable to Cyber Operation – Analyzes Legality of Russian DNC Hack: Legally speaking, what can a nation do when its election system is hacked by another country? That’s just one of the many kinds of cases the new Tallinn Manual on the International Law Applicable to Cyber Operations attempts to address. FCW, February 9, 2017

White House CISO Out in Apparent Cybersecurity Staff Shakeup: The Obama-appointed chief information security officer was charged with keeping the president and his staff safe from cyber-threats posed by hackers and nation-state attackers. ZDNet, February 9, 2017

Former government contractor charged with stealing top-secret documents: A former government contractor accused in a massive theft of top secret information has been indicted on charges of mishandling classified materials. LA Times, February 9, 2017

Rep. Jim Langevin – Open Letter to Trump “Important lessons on cybersecurity”:Dear President Trump, In my eight terms in Congress, I have seen cybersecurity explode onto the national stage as an issue of paramount importance to our national security. As you begin to craft your legacy in this emerging domain, I encourage you to use the successes and failures of your predecessor to guide your efforts. The Hill, February 7, 2017

Stewart Baker & Corin Stone, Exec Director of the National Security Agency – Steptoe Cyberlaw: Our guest for episode 149 of the podcast is Jason Healey, whose Atlantic Council paper, “A Nonstate Strategy for Saving Cyberspace,” advocates for an explicit bias toward cyber defense and the private sector. He responds well to my skeptical questioning, and even my suggestion that his vision of “defense dominance” would be more marketable if paired with thigh-high leather boots and a bull whip. #50ShadesofCyber. Steptoe Cyberblog, February 6, 2017

Financial Cyber Security

Reworked N.Y. Cybersecurity Regulation Takes Effect in March: New York’s controversial new cybersecurity regulation will come into effect March 1, imposing new rules on the banking and insurance sectors with the aim of better protecting institutions and consumers against cyberattacks. BankInfoSecurity, Febuary 17, 2017

Content Protection

HDR’s Potential as a Revolution for Content Protection: Piracy has long plagued the content industry, from camcorder-toting movie theater attendees to re-streaming and torrent networks. The Motion Picture Association of America estimates that piracy costs the global content industry a whopping $6.1 billion annually. MESA Alliance, February 15, 2017

Internet of Things

Researchers discover security problems under the hood of 9 Android automobile apps: In a presentation at this week’s RSA security conference in San Francisco, researchers from Kaspersky Labs revealed more bad news for the Internet of drivable things—connected cars. Malware researchers Victor Chebyshev and Mikhail Kuzin examined seven Android apps for connected vehicles and found that the apps were ripe for malicious exploitation. Six of the applications had unencrypted user credentials, and all of them had little in the way of protection against reverse-engineering or the insertion of malware into apps. ars technica, February 17, 2017

Cyber Enforcement

FBI is ‘moving towards’ predictive cybercrime-fighting tools, assistant director says: The FBI’s cybercrime unit is developing predictive policing capabilities, Assistant Director Scott Smith said during a panel discussion at the 2017 RSA conference. February 16, 2017

Cyber Talent

Closing The Cybersecurity Skills Gap With STEM: As a nation, we should be doing more to promote educational programs that prepare today’s students for tomorrow’s jobs. DarkReading, February 17, 2017

Cyber Sunshine

Feds indict 8 in ‘Massive’ identity theft ring targeting 1 in 20 Utahns: SALT LAKE CITY — What started as a midsize marijuana bust turned into a year-and-a-half-long investigation that resulted in eight federal indictments and the dismantling of a “massive” identity theft ring, authorities said Friday. Desert News Utah, February 17, 2017

Man Jailed For Hacking Ex-Employer’s Operations: Louisiana resident Brian Johnson was sentenced to 34 months in prison and ordered to pay more than $1.1 million in damages. Dark Reading, February 17, 2017

Men Who Sent Swat Team, Heroin to Brian Krebs’ Home Sentenced: It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation. KrebsOnSecurity, February 17, 2017







Cyber ReseArch

Cyber News

Cyber info


The content of this CRC-ICS Cyber News Update is provided for information purposes only. No claim is made as to the accuracy or authenticity of the content of this news update or incorporated into it by reference. No responsibility is taken for any information or services which may appear on any linked websites. The information provided is for individual expert use only.



Founded in 2015, the Cyber Research Center - Industrial Control Systems is a not for profit research & information sharing research center working on the future state of Physical & Cyber Protection and Resilience. CRC-ICS goals are to inform industries / critical infrastructures about the fast changing threats they are facing and the measures, controls and techniques that can be implemented to be prepared to deal with these cyber threats.



Cyber Research Center - Industrial Control Systems. 2017

www.crc-ics.net or www.cyber-research-center.net