Things I Hearted This Week, 11th Jan 2019

And we’re back into the swing of things with a proper first week on the books and plenty to talk about as to the weird and wonderful goings on in the world of security, technology and beyond.

International Security of Mystery

Joe Gray hasn’t really flown outside of the US other than Canada, so when presented with an opportunity to speak at conferences in Switzerland and Paris, he went about trying to find what a security professional should do when travelling internationally.

• The Preliminary Cybersecurity Guide To International Travel | Forbes

Lesley Carhart’s blog which is referenced in Joe’s article probably has one of the most comprehensive posts on the topic

• The Infosec Introvert Travel Blog | tisi phone

Mondelez Sues Zurich in Rest for Cyber Hack Insurance

And so it begins…

Mondelez, the US food company that owns the Oreo and Cadbury brands, is suing its insurance company, Zurich, for refusing to pay out on a $100m claim for damage caused by the NotPetya cyber attack.

• Mondelez sues Zurich in test for cyber hack insurance | FT (may require subscription)

2019 – The Year of Cloud-Based Cybersecurity

Yes, it’s a prediction piece, but a rather specific one talking about how we’re seeing a rise in cloud-based security analytics and operations.

• 2019 will be the year of cloud-based cybersecurity analytics/operations | CSO

The Cyber-Attack That Sent an Alaskan Community Back in Time

They still don’t know where it came from. But when it hit, the Alaskan borough of Matanuska-Susitna was knocked for six. Malware rapidly spread across the borough’s computer networks, disrupting a bewildering array of services. Hundreds of employees found themselves locked out of their work stations. Staff at local libraries received urgent phone calls telling them to quickly turn off all the public PCs. The animal shelter lost access to data on medications required by its furry residents.

• The cyber-attack that sent an Alaskan community back in time | BBC

Hacker History III: Professional Hardware Hacker

In the mid-to-late 1980’s, following France’s 1985 bombing and sinking of the Rainbow Warrior in New Zealand, if you wanted to learn to hack and not worry about repercussions – any system related to the French Government was within scope. It was in that period that war-dialing and exploit development really took off and, in my opinion, the professional hacker was born – at least in New Zealand it was. Through 1989-1991 I had the opportunity to apply those acquired skills in meaningful ways – but those tales are best not ever written down.

• Hacker History III: Professional Hardware Hacker | Technical info

Rush to Attribution Misses the Point

During the past week, an outbreak of Ryuk ransomware that impeded newspaper printing services in the United States has garnered a lot of attention. To determine who was behind the attack many have cited past research that compares code from Ryuk with the older ransomware Hermes to link the attack to North Korea. Determining attribution was largely based on the fact that the Hermes ransomware has been used in the past by North Korean actors, and code blocks in Ryuk are similar to those in Hermes.

• Ryuk Ransomware Attack: Rush to Attribution Misses the Point | McAfee

How a Russian Firm Helped Catch an Alleged NSA Data Thief

The company’s role in exposing Harold T. Martin is a remarkable twist in an increasingly bizarre case that is believed to be the largest breach of classified material in U.S. history.

It indicates that the government’s own internal monitoring systems and investigators had little to do with catching Martin, who prosecutors say took home an estimated 50 terabytes of data from the NSA and other government offices over a two-decade period, including some of the NSA’s most sophisticated and sensitive hacking tools.

• How a Russian firm helped catch an alleged NSA data thief | Politico

You Gotta fight! For Your Right! To Repaaaair!

You buy a new appliance and soon after the warranty runs out the appliance coughs and splutters in the sweet embrace of death.

Maybe you can’t repair it, maybe no one else can, or won’t for a reasonable price – so you end up throwing it out and getting a new appliance.

But the EU and some US states are fighting for a right to repair, of sorts, to make appliances last longer and be easier to repair.

It should make for interesting developments over the coming years as more devices become smart, or cloud enabled, and repair becomes less about the hardware, and more about the software.

• Climate change: ‘Right to repair’ gathers force | BBC

• California becomes the 18th state to introduce right to repair bill | The Verge

• John Deere just swindled farmers out of their right to repair | Wired

Other Stories I Lked This Week

• Meet ‘NoSurf,’ the Self-Help Group That Told Us to Log Off Before It Was Cool | Medium, Andrew Zaleski

• The Workplace of the Future Is Lonely as Hell | Medium, Deanna Pai

• 40% of companies are adding jobs after deploying AI, not killing them | Tech republic

      

The post Things I Hearted This Week, 11th Jan 2019 appeared first on Cybersecurity Insiders.

January 11, 2019 at 09:09PM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security