Archive.fm

CyberWire Daily

The CyberWire 12.21.15

Duration:
13m
Broadcast on:
21 Dec 2015
Audio Format:
other


Learn more about your ad choices. Visit megaphone.fm/adchoices

you're listening to the cyberwire network powered by N2k this is the energy of electrification available type S high performance variant nearly 500 horsepower and 278 mile EPA range range choose from our complimentary charging packages so you can charge how you want the all-electric Acura ZDX this is the energy of innovation Acura precision crafted performance this your local accurate dealer to lease the all-electric ZDX for three hundred eighty nine dollars a month hey everybody Dave here I want to talk about our sponsor legal zoom you know I started my first business back in the early 90s and oh what I would have done to have been able to have the services of an organization like legal zoom back then just getting all of those business ducks in a row all of that technical stuff the legal stuff the registrations of the business so the taxes all of those things that you need to go through when you're starting a business the hard stuff the stuff that sucks up your time when you just want to get that business launched and out there well legal zoom has everything you need to launch run and protect your business all in one place and they save you from wasting hours making sense of all that legal stuff launch run and protect your business to make it official today at legal zoom calm you can use promo code cyber 10 to get 10% off any legal zoom business information product excluding subscriptions and renewals that expires at the end of this year get everything you need from set up to success at legal zoom calm and use promo code cyber 10 that's legal zoom calm and promo code cyber 10 legal zoom provides access to independent attorneys and self-service tools legal zoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ legal services LLC anonymous versus turkey cyber rioting in the caucuses countering dash info ops and reactions to US cyber law I'm Dave bitner in Baltimore with your cyberwire summary for Monday December 21st 2015 anonymous looks at - and sees turkey the hacktivist collective claims responsibility for a large distributed denial of service attack on Turkish servers anonymous has declared motive is Turkey's alleged according to anonymous support for Isis NATO assesses Isis dash threats to its networks as low but other challenges are tougher most concerns internationally focus on dash online recruitment and inspiration with secondary worries about Isis use of the internet for command and control of terrorist attacks against soft targets the United Nations Security Council promises a move against Isis in cyberspace and US authorities work on their own information operations responses to dashes online presence for what Isis opponents are up against in this regard see the recent New York Times piece on how the group attracts recruits the Wall Street Journal reports that Iran gained access to the controls of a small downstate New York dam in 2013 in itself not serious the incursion was seen as an alarming bellwether cyber rioting in the caucuses flares as Armenian hackers release sensitive information taken from the Azerbaijan ministerial servers the now patched Juniper firewalls vulnerability is seen as having national security implications it's also regarded as an object lesson in the risks of installing back doors the FBI is said to be investigating a now fired staffer in senator Sanders US presidential campaign improperly accessed rival Clinton campaign data on the Democratic National Committee servers the DNC had barred Sanders from its resources but over the weekend the Sanders team threatened to sue the DNC and access was restored before Saturday nights televised Democratic debate Xbox and PlayStation may be in the crossfire of a skid civil war between lizard squad and phantom squad adherence president Obama signed cyber security legislation over the weekend observers reactions seemed to turn upon whether they prefer more liability protection as opposed to more privacy guarantees this episode is brought to you by global X since 2008 global X ETFs has been committed to empowering investors with unexplored intelligence solutions global X specializes in exchange-traded funds that offer exposure to the artificial intelligence ecosystem including themes like data centers robotics semiconductors and cloud computing to learn more about global X's entire suite of ETFs from covered calls fixed income emerging markets and more visit global X ETFs dot-com and now a word from our sponsor know before it's all connected and we're not talking conspiracy theories when it comes to InfoSec tools effective integrations can make or break your security stack the same should be true for security awareness training know before provider of the world's largest library of security awareness training provides a way to integrate your existing security stack tools to help you strengthen your organization security culture know before's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft CrowdStrike and Cisco 35 vendor integrations and counting security coach analyzes your security stack alerts to identify events related to any risky security behavior from your users use this information to set up real time coaching campaigns targeting risky users based on those events from your network endpoint identity or web security vendors then coach your users at the moment the risky behavior occurs with contextual security tips delivered via Microsoft Teams slack or email learn more at know before dot-com slash security coach that's know before dot-com slash security coach and we thank know before for sponsoring our show my hospital stay would have cost $25,000 but with VA health care it's free my education would have cost $42,000 but with VA benefits my books tuition and housing are all covered the down payment for my home would have been $74,000 but with my VA home loan my down payment was zero my service was then my benefits are now get what you earned visit choose dot VA dot gov not all veterans are eligible for the type or amount of benefits mentioned here imagine this your primary identity provider goes down whether it's a cloud outage network issue or even a cyber attack suddenly your business grinds to a halt but what if it didn't have to meet identity continuity from strata the game- changing solution that keeps your business running smoothly no matter what whether your cloud IDP crashes or your on-prem system faces a hiccup identity continuity seamlessly shifts authentication to a secondary or even tertiary IDP automatically and without disruption powered by the maverick's identity orchestration platform identity continuity uses smart health checks to monitor your IDP's availability and instantly activates fail over strategies tailored to your needs when the cost is clear it's a seamless switch back no more downtime no lost revenue no frustrated customers just continuous secure access to your critical applications every single time protect your business from the high costs of IDP outages with identity continuity from strata downtime is a thing of the past visit strata.io/cyberwire to learn how strata's identity continuity can provide seamless enhanced capabilities to your existing identity fabric and receive a free set of AirPods Pro joining me is John Patrick editor of the cyberwire John Ransomware appears regularly in our news and it seems to be getting more sophisticated so let's start at the beginning what is Ransomware and how do I protect myself from it Ransomware is a kind of malware and it can end up on your system in the same way that any other kind of malware might end up there you might be fished you might click on a vicious link in some email you receive you might visit a contaminated website in a waterhole attack but Ransomware is a particular kind of malware that what it does is it encrypts your files so all of your documents all of your emails all your family photographs whatever you've got on your device can be encrypted and as long as they're encrypted and you don't have the key and you won't have the key because the criminals have got the key you're not going to be able to use you or do anything with those files they become useless to you what they're going to do is they're going to try to encrypt your files and they're going to send you a ransom message that if you pay me $100 $200 however much they're asking and the evidence seems to be that the asks are not much higher than that in most retail hacking if you paid in the ransom they promised to send you the key now suppose I have backups is that going to protect me from Ransomware can I restore the files that I've backed up somewhere or does the ransomware root those out and encrypt those as well no backing up your files is the best single protection you can take cancer ransomware if you've got your files well and completely backed up you're probably going to be safe from the effects of ransomware it's going to be a nuisance but you're not going to lose your data and do the do do the Ransomers have overall integrity if I if I pay the ransom in general do you get your files back you know that's a funny thing they appear to it's you know we hesitate to give any credit to any criminal but there even some figures in law enforcement have suggested that if you're hit with ransom where the best thing you could do is pay the ransom that's a controversial position but the fact that it's been set by some people in the FBI and elsewhere indicates that it's not exactly a crazy solution John Patrick editor of the cyberwire thanks for joining us we'll talk again soon the IT world used to be simpler you only had to secure and manage environments that you controlled then came new technologies and new ways to work now employees apps and networks are everywhere this means poor visibility security gaps and added risk that's why cloudflare created the first ever connectivity cloud visit cloudflare.com to protect your business everywhere you do business how about listening to the sounds of Istanbul beautiful isn't it but you can't discover the coolest city in the world just by listening check the Istanbul dot go turkey a dot com now and plan your Istanbul trip today and that's the cyberwire we are proudly produced in Maryland by our talented team of editors and producers I'm Dave Bittner thanks for listening and now a word from our sponsor NordPass NordPass is an advanced password manager from the team behind Nord VPN designed to help keep your business safe from data leaks and cyber threats it gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords right now you can go to www dot NordPass dot com slash cyberwire for 35% off the NordPass business yearly plan don't miss out on that (gentle music) [BLANK_AUDIO]