NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.


In this issue — November 13, 2019

  • Soldiers with top-secret clearances say they were forced to use risky app
  • Cyber Command Flags North Korea-Linked Hackers Behind Ongoing Financial Heists
  • Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
  • NY Company Charged with Selling Vulnerable Chinese-Made Equipment to U.S. Military
  • U.S., China Racing to Weaponize AI
  • Exodus of Cybersecurity Team Could Expose White House to Attacks
  • FCC Chairman Warns of Surveillance, Espionage Concerns over China’s 5G
  • FBI Warns of New Cyber Threat that Involves 'Whole Variety' of Actors from China
  • Cyber Threat Landscape to Worsen In 2020
  • 5 Ways to Strengthen Employee Cybersecurity Awareness

Soldiers with top-secret clearances say they were forced to use an app that could endanger them (Wash. Post, 11/12/19)

Soldiers in an intelligence unit with top-secret clearances were ordered by their commander to download an information app, triggering fear their secretive work could be harnessed and exploited by adversary governments, soldiers in the unit told The Washington Post. Army Col. Deitra L. Trotter, the commander of Fort Hood’s 504th Military Intelligence Brigade, told her soldiers in late October a new app developed for the unit could provide weather updates, training changes and other logistics. She then told the soldiers to download it onto their personal smartphones, according to the Texas-based soldiers in the unit.

But the soldiers — many of whom have jobs in interrogation, human intelligence and counterintelligence — soon noticed that the app’s terms of service said it could collect substantial amounts of personal data and that the developer has a presence overseas. The app’s permissions — which suggested it could pull GPS location data, photos, contacts and even rewrite memory cards — frustrated soldiers who have taken extreme precautions they felt were glossed over by Trotter and other senior leaders.  More

Cyber Command Flags North Korea-Linked Hackers Behind Ongoing Financial Heists (Cyber Scoop, 11/11/19)

The DoD has once again called out North Korean hackers by exposing malware samples researchers say are linked to regime-backed financial heists, including past attacks on the interbank messaging system known as the Society for Worldwide Interbank Financial Telecommunication (SWIFT).  Cyber Command assessed that the malware, which it posted to an information-sharing platform, is being used in ongoing cyberattacks aimed at the financial sector.  

“These malware samples are currently used for fund generation and malicious cyber activities including remote access, beaconing, and malware command by malicious cyber actors,” the command said in a tweet.  The command did not name victims or describe the magnitude of the scheme.  It’s a rare statement from the Pentagon’s cyber-operations division on the intent and capabilities of adversary-linked malware.  More

Ripple Effect: Large Enterprise Data Breaches Threaten Everyone (Threat Post, 11/8/19)

Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests.  When successful, the initial compromise is only a means to an end — the real goal is to mount follow-on attacks like spearphishing, extortion attempts, and account takeover. 

And much to the chagrin of security experts, those attacks on household-name companies are growing.  Last year saw more than 6,500 data breaches, exposing a staggering 5 billion compromised records, according to reports.  “Breaches against large enterprises are becoming more frequent.  There are several reasons for this – notably, breaches are no longer stand-alone incidents, they are part of larger organized cybercrime networks,” said Arun Kothanath, chief security strategist at Clango. More


Help Your Employees Connect to the “Why” in Security

Protecting classified and sensitive information depends more than ever on the human element of security — employees. The sad fact is, employees are still the weakest link in the security chain because they’re not trained to be security-conscious. A report by Ernst & Young finds that "security awareness programs at many organizations are weak, half-hearted and ineffectual." As a result, employees ignore them. Many employees are not invested in the process because they don’t understand what’s in it for them.  

What you can do about it: A simple, proven approach.
Now you can gain visibility and buy-in for your security program with the EMPLOYEE SECURITY CONNECTION – the proven security awareness solution exclusively for cleared defense contractors and government agencies.  It’s the best way to ensure your employees are prepared for your next government security inspection.  To learn more about how this valuable resource can help motivate your employees to practice good security habits…help you achieve better inspection results…and satisfy a major NISPOM awareness requirement… please click on the following link: http://nsi.org/es-connection.html


NY Company Charged with Selling Vulnerable Chinese-Made Equipment to U.S. Military (Cyber Scoop, 11/7/19)

U.S. prosecutors last week announced charges against a New York company and seven of its current and former employees for allegedly selling Chinese-made surveillance equipment with known cybersecurity flaws while falsely claiming the technology was made in the U.S.  Aventura Technologies, which makes security equipment like metal detectors and surveillance cameras, is accused of lying to customers, including the U.S. military, for over a decade by claiming to make their equipment in Long Island while surreptitiously importing it from China. 

In doing so, Aventura exposed its customers to “serious, known cybersecurity risks, and created a channel by which hostile foreign governments could have accessed some of the government’s most sensitive facilities,” the Justice Department said in a press release.  The U.S. Air Force, Navy, and the Department of Energy were among Aventura’s clients. More

U.S., China Racing to Weaponize AI (Asia Times, 11/7/19)

The Pentagon is racing to outpace China in building military artificial intelligence (AI) systems ranging from vehicle maintenance to advanced warfighting tools like cyber weapons and drones, according to Defense Secretary Mark Esper.  “Whichever nation harnesses AI first will have a decisive advantage on the battlefield for many, many years,” Esper said last week at an AI conference in Washington.

“We have to get there first,” he added. “Future wars will be fought not just on the land and in the sea as they have for thousands of years, or in the air as they have for the past century, but also in outer space and cyberspace in unprecedented ways.”  China, according to Esper, intends to be the world leader in AI by 2030, and Chinese President Xi Jinping has stated that China must occupy “the high ground in critical and core AI technologies.” More

Exodus of Cybersecurity Team Could Expose White House to Attacks (CPO, 11/7/19)

At a time when global cyber threats seem to be emerging everywhere, the White House appears to be ignoring the potential risk of a cyberattack carried on the White House’s computer networks.  What is most alarming is a recent exodus of at least a dozen senior cybersecurity officials, all of them former members of the Office of the Chief Information Security Officer (OCISO). 

In July, the White House carried out a reorganization, in which these members of the White House cybersecurity team were shifted into the Office of the Chief Information Officer.  In the aftermath of this shakeup, former OCISO officials have had their scope of duties removed and many of their security privileges revoked.  All of this is setting up a situation where members of congress are starting to wonder about the long-term security posture of the White House. More

FCC Chairman Warns of Surveillance, Espionage Concerns over China’s 5G (Epoch Times, 11/7/19)

The majority of the equipment at the heart of 5G networks come from just a small number of global suppliers, with the largest being Chinese company Huawei.  Ajit Pai, chairman of the FCC, last week said this was a “major concern” for the United States that could open the door to surveillance, espionage, and other dangers.

U.S. officials have long conveyed concerns of national security threats posed by certain foreign communications equipment providers, and of hidden “backdoors” to networks in routers or other equipment that could allow foreign powers to inject malware or steal private data, Pai said.  He dedicated a portion of his remarks to warning about the threat posed by Huawei and its links to China’s communist regime.  He said that although Huawei positioned itself as a private company, it has “significant ties” to the Chinese Communist Party and China’s military. More

FBI Warns of New Cyber Threat that Involves 'Whole Variety' of Actors from China (Fox News, 11/7/19)

New cyber and digital national security threats are coming not just from terrorists, but an “uptick” in counterintelligence campaigns from China, the FBI said last week.  ISIS and domestic terrorists are very effective at recruiting sympathizers via social media and the internet, FBI Director Christopher Wray and other intelligence officials said, testifying before the Senate Homeland Security Committee at a hearing on security threats facing the country.

“With the broad distribution of social media, terrorists can spot, assess, recruit, and radicalize vulnerable persons of all ages in the U.S. either to travel to foreign lands or to conduct an attack on the homeland,” Wray said in a statement. More

Cyber Threat Landscape to Worsen In 2020 (NewsGram, 11/5/19)

With the perpetually shifting threat landscape, over 90% of organizations believe the cyber-threat landscape will stay the same or worsen in 2020, and 51% don’t believe they’re ready for or would respond well to a cyberattack or breach, according to a new report from FireEye.  The company’s “Cyber Trendscape” report surveyed over 800 CISOs and other senior executives across North America, Europe and Asia to uncover attitudes towards some of cybersecurity’s most prevalent topics.

The report “highlights the overall beliefs and perceptions of senior leaders regarding top cybersecurity priorities for 2020 and beyond, as well areas where they differ across the globe,” Eric Ouellet, Global Security Strategist at FireEye, said in a statement.  “These critical data points will help organizations bring focus and clarity to their cybersecurity programs, while helping to expand the dialogue with senior leadership and the board.” More

5 Ways to Strengthen Employee Cybersecurity Awareness (We Live Security, 11/5/19) 

Since human error has a well-documented history of causing breaches, no organization can afford to overlook the importance of ensuring that its employees are aware of online dangers.  This is mainly why the first instalment in our series of articles to mark this year’s Antimalware Day will outline five ideas for creating a culture that inspires staff to stay on their toes and with cybersecurity top of mind.

Number 1: Establish an email address for queries.  Creating an email account where employees can send their questions on any and all things cybersecurity provides for a good start and has multiple benefits.  For one thing, the designated email account can encourage employees to come forward and ask questions that they might not otherwise ask. More

Keep Getting This Newsletter

To ensure delivery to your inbox (not bulk or junk folders), please add NSI@nsi.org to your address book.

SUBSCRIBE: If you were sent this by a colleague and wish to subscribe to NSI's complementary Security NewsWatch e-newsletter, visit http://nsi.org/newsletter.html.


Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy at http://nsi.org/newsletter.html

ADVERTISERS: For information about sponsoring this e-letter, contact sburns@nsi.org or call

NSI LogoNational Security Institute
165 Main Street, Suite 215
Medway, MA 02053
Tel: 508-533-9099
Fax: 508-507-3631
Internet: http://nsi.org



Mark Your Calendar

Reshaping Government Security
for a New Decade

Raise your security expertise to a new level.  Plan now to attend the 35th annual NSI security forum to be held on April 20-22, 2020 at the Westfields Marriott in Chantilly, VA.


Who's Worse:
Employees or Hackers?

Experts agree, well intentioned but careless employees pose just as much of a danger to your organization as faceless hackers on the outside. In fact, 95 percent of successful hack attacks or incidents are attributed to human error.

Learn how to mitigate the accidental insider threat and empower your employees to think securely with these valuable lessons:

  1. How to recognize and respond to social engineering attacks
  2. How to avoid spear-phishing and email scams
  3. How avoid becoming an easy target for hackers
  4. How to prevent human errors that cause security breaches
  5. How to protect sensitive data from hackers, spies and ID thieves

Learn More Button