NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.


In this issue — January 3, 2018

  • Government, financial services most hit by mobile malware
  • Security pros waste 10 hours a week due to inefficient systems
  • Abedin Forwarded State Passwords to Yahoo Before It Was Hacked By Foreign Agents
  • Kim Jong-un: North Korean Nuclear Force Is a Reality
  • New in 2018: The Fight Against ISIS Evolves
  • How Antivirus Software Can Be Turned into a Tool for Spying
  • Beware whale phishing and corporate espionage
  • U.S. Elections Remain Unprotected
  • Security Firm Warns Ukraine Now a ‘Training Ground’ for Russian Hackers
  • DoD Transfer May Complicate Planned Changes to Clearance Process

Government, financial services most hit by mobile malware—Report (Punchng.com, 1/2/18)

The financial services and the government are the most hit by mobile malware attacks globally, a report by Check Point Software Technology Limited has indicated. The mobile threat research report stated the two sectors were more susceptible to malware attacks due to their huge database of financial and personal information. Findings from the study showed that though employees in financial services often used the iOS devices for better security, iPhones and iPads were not immune to mobile malware attacks.

According to Check Point, government employees are targeted by premium dialers, which abuse the SMS and call permissions to charge the device’s owner for fraudulent calls and text messages to premium services. The company explained that each organization it examined experienced at least one mobile malware attack in the past year, amounting to an average of 54 mobile malware attacks per organization. More

Security pros waste 10 hours a week due to inefficient systems (HelpNet Security, 1/2/18)

Process and software inefficiencies play a major role in slowing down an organization’s ability to detect and respond to cyber threats, according to LogRhythm. Over one-third of IT decision makers say their teams spend at least three hours a day on tasks that could be handled by better software. Additionally, the majority think the average cybersecurity professional wastes as much as 10 hours a week due to inadequate software.

The study, conducted by Widmeyer, which surveyed 751 IT decision makers from the U.S., U.K. and Asia/Pacific, also found that an overwhelming majority (88 percent) of respondents view insider threats as a dangerous and growing concern in defending their organizations. Today, less than half of all the organizations surveyed use some form of Artificial Intelligence (AI) to combat cyber threats. But the study indicates that, among organizations that do rely on AI, more than 90 percent believe it has improved the effectiveness of their cybersecurity operations. More

Abedin Forwarded State Passwords to Yahoo Before It Was Hacked By Foreign Agents (Dailycaller.com, 1/1/18)

Huma Abedin forwarded sensitive State Department emails, including passwords to government systems, to her personal Yahoo email account before every single Yahoo account was hacked, a Daily Caller News Foundation analysis of emails released as part of a lawsuit brought by Judicial Watch shows.

Abedin, the top aide to former Secretary of State Hillary Clinton, used her insecure personal email provider to conduct sensitive work. This guarantees that an account with high-level correspondence in Clinton’s State Department was impacted by one or more of a series of breaches — at least one of which was perpetrated by a “state-sponsored actor.” The U.S. later charged Russian intelligence agent Igor Sushchin with hacking 500 million Yahoo email accounts. The initial hack occurred in 2014 and allowed his associates to access accounts into 2015 and 2016 by using forged cookies More

Kim Jong-un: North Korean Nuclear Force Is a Reality (AP, 1/1/18)
North Korean leader Kim Jong Un said Monday that the United States should be aware that his country’s nuclear forces are now a reality, not a threat.  But he also struck a conciliatory tone in his New Year’s address, wishing success for the Winter Olympics set to begin in South Korea in February and suggesting the North may send a delegation to participate.
Kim, wearing a Western-style gray suit and tie, said in his customary annual address that his country had achieved the historic feat of “completing” its nuclear forces and added that he has a nuclear button on his desk.  “The U.S. should know that the button for nuclear weapons is on my table,” he said during the speech.  “The entire area of the U.S. mainland is within our nuclear strike range. ... The United States can never start a war against me and our country.”  More

New in 2018: The Fight Against ISIS Evolves (Military Times, 1/1/18)
The Islamic State group’s physical caliphate in Iraq and Syria has been destroyed, but the group is not defeated.  Just a few years ago, ISIS controlled vast territory over Syria, Iraq and the Euphrates River valley, including lucrative oil fields to finance their regime.  But much of that came to an end as U.S.-backed Iraqi and Syrian forces liberated ISIS’ urban strongholds.
At the start of 2018, the extremist group is barely holding onto scant desert terrain out in Iraq’s Anbar province and a few towns and villages along the Euphrates River banks in Syria.  But the fight isn’t over.  Iraqi Prime Minister Haider al-Abadi’s government is still struggling to deal with sectarian divisions and rampant poverty.  And billions of dollars will be needed to repair and rebuild cities and infrastructure destroyed by the fighting during the past three years. More

How Antivirus Software Can Be Turned into a Tool for Spying (NYT, 1/1/18)
It has been a secret, long known to intelligence agencies but rarely to consumers, that security software can be a powerful spy tool.  Security software runs closest to the bare metal of a computer, with privileged access to nearly every program, application, web browser, email and file.  There’s good reason for this: Security products are intended to evaluate everything that touches your machine in search of anything malicious, or even vaguely suspicious.
By downloading security software, consumers also run the risk that an untrustworthy antivirus maker—or hacker or spy with a foothold in its systems—could abuse that deep access to track customers’ every digital movement.  “In the battle against malicious code, antivirus products are a staple,” said Patrick Wardle, chief research officer at Digita Security, a security company.  “Ironically, though, these products share many characteristics with the advanced cyberespionage collection implants they seek to detect.”  Mr. Wardle would know.  A former hacker at the National Security Agency, Mr. Wardle recently succeeded in subverting antivirus software sold by Kaspersky Lab, turning it into a powerful search tool for classified documents. More


Poor Cyber Security Habits: A Recipe for a Breach

What your employees don't know about cyber security could hurt you -- and your organization.  An analysis of 1200 data breaches within the U.S. Government found that 95% of the breaches could be traced to poor security habits and human error.  Despite this fact, security awareness training is still ignored by many organizations. If there's a common thread the experts all agree on, it’s that poor training and unaware employees lie at the root of many if not most security breaches.

So, how do you make sure that your organization's critical information is protected? The first (and best) line of defense is employee awareness.  The more they understand—and care—about how their cyber behavior affects your company’s security posture, the better off the company will be.  NSI’s SECURITYsense awareness program gives your employees the tools and information they need to make security second nature. Find out how this valuable resource can help protect your hard-earned reputation and ensure that your employees are part of the solution and not part of the problem. To know more, click here https://www.nsi.org/securitysense/what-is-securitysense.shtml


Beware whale phishing and corporate espionage (Insurancebusinessmagazine.com, 12/29/17)

The people issue is one of the most concerning cyber risks there is. Phishing scams are becoming ever more sophisticated and some companies are struggling to keep up – especially those without access to cyber security resources, insurance and risk management. Organizations across the world have acknowledged the people problem in cyber, but are still finding it difficult to address it effectively. Phish attack training has reduced the average click rate in malicious emails to around 9-10% - but that still leaves on average one out of every 10 people falling for a phishing scam.

“We need to focus on people patching and the human firewall,” said Anthony Dagostino, global head of cyber risk at Willis Towers Watson. “This requires more effective training and awareness campaigns to make sure people aren’t clicking on things. Hackers know people are vulnerable and they will continue to prey on people in this way.” More

U.S. Elections Remain Unprotected (NextGov, 12/29/17)
Two weeks before the inauguration of President Donald Trump, the U.S. intelligence community released a declassified version of its report on Russia’s interference in the 2016 election.  It detailed the activities of a network of hackers who infiltrated voting systems and stole documents from the Democratic National Committee and Hillary Clinton’s presidential campaign.  It also issued a stark warning: “Moscow will apply lessons learned from its Putin-ordered campaign aimed at the U.S. presidential election to future influence efforts worldwide, including against U.S. allies and their election processes.”
Since then, current and former officials, including former Pentagon official Michael Vickers and former CIA deputy director Michael Morell, have said that the Russians will interfere in U.S. elections again, in potentially new and sophisticated ways.  How disinformation will be deployed in 2018 and beyond is unclear.  What is clear, however, is that the Kremlin believes its efforts to sow chaos in the American political process, which it has continued to hone in Europe, have worked and are poised for a return. More

Security Firm Warns Ukraine Now a ‘Training Ground’ for Russian Hackers (The Independent, 12/29/17)
Ten minutes before the 2pm news broadcast on June 27, Vitaly Kovach, editor of Ukraine's Channel 24, stood and told his staff to unplug their network cables immediately.  The computers had frozen at the studio in Lviv and an editor there had sent him a picture of what looked like a ransomware message.  But it was already too late to stop the virus: within minutes, 20 of 23 computers in the Kiev office were non-functional.  "All programs froze, video editing froze," Kovach recalled.
According to Oleksii Yasinsky of the Kiev cybersecurity firm ISSP, Ukraine has become a "training ground" for suspected Russian hackers to "hone technologies, mastery and attack techniques" for bigger targets.  The head of the UK’s national cybersecurity center said in November that Russian hackers had already tried to attack British energy, telecom and media companies.  Theresa May reprimanded Russia for cyber interference, a warning echoed by Boris Johnson during a visit to Moscow last week. More

DoD Transfer May Complicate Planned Changes to Clearance Process (Fed News Radio, 12/28/17)
The National Background Investigations Bureau has been working all year to find new ways to make the current background investigation process more efficient.  During a “business re-engineering process” with OPM, DoD, OMB, and the Office of the Director of National Intelligence, NBIB identified 57 challenges to the current clearance process, according to a recent GAO report.  NBIB then split the 57 challenges into five different portfolios and 21 initiatives and began to work on plans to tackle them.
But those plans were put in limbo as OPM waited to hear whether the Pentagon would resume control over background investigations for its own personnel.  “NBIB’s long-term strategic plans are impacted by uncertainties related to the [fiscal] 2017 National Defense Authorization Act, Section 951, which directed DoD to develop a plan to transfer responsibility for conducting background investigations on DoD personnel from NBIB to DoD.  NBIB therefore has been developing contingency plans and models, including milestones, to work down the current inventory to a ‘healthy’ inventory, that take into account DoD’s 951 Plan, phased transition and variable timeline,” acting OPM Director Kathleen McGettigan wrote in a Oct. 24 response to GAO. More

Keep Getting This Newsletter

To ensure delivery to your inbox (not bulk or junk folders), please add NSI@nsi.org to your address book.

SUBSCRIBE: If you were sent this by a colleague and wish to subscribe to NSI's complementary Security NewsWatch e-newsletter, visit http://nsi.org/newsletter.html.


Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy at http://nsi.org/newsletter.html

ADVERTISERS: For information about sponsoring this e-letter, contact sburns@nsi.org or call

NSI LogoNational Security Institute
165 Main Street, Suite 215
Medway, MA 02053
Tel: 508-533-9099
Fax: 508-507-3631
Internet: http://nsi.org




Impact 2018 Banner

Who's Worse:
Employees or Hackers?

Experts agree, well intentioned but careless employees pose just as much of a danger to your organization as faceless hackers on the outside. In fact, 95 percent of successful hack attacks or incidents are attributed to human error.

Learn how to mitigate the accidental insider threat and empower your employees to think securely with these valuable lessons:

  1. How to recognize and respond to social engineering attacks
  2. How to avoid spear-phishing and email scams
  3. How avoid becoming an easy target for hackers
  4. How to prevent human errors that cause security breaches
  5. How to protect sensitive data from hackers, spies and ID thieves

Learn More Button

Dice Man Graphic