source: technewsworld.com

 

Americans were targeted on social media by Russian agents on a mission to harvest personal information, The Wall Street Journal reported Wednesday.

The agents pretended to work for organizations promoting African-American businesses as a ruse to obtain personal information from black business owners during the 2016 presidential election campaign, according to the report.

Using names like "BlackMattersUS" and "Black4Black," the agents set up hundreds of accounts on Facebook and Instagram, the WSJ said.

As part of its efforts to address the abuse of its platform during the election, Facebook introduced a tool that would enable its members to determine if they had contact with Russian propaganda during that period. The tool doesn't address the problem of Kremlin agents masquerading as Americans, however.

Facebook did not respond to our request to comment for this story.

The Journal story came on the heels of President Donald Trump's Tuesday announcement that his administration was doing a "very, very deep" study of election meddling and would make "very strong" recommendations about the 2018 elections.

However, Adm. Michael Rogers, chief of the U.S. Cyber Command and head of the National Security Agency, last week told the Senate Armed Services Committee that the White House had not directed him to take any actions to counter potential Russian meddling in the 2018 elections.

"The impact of social media is very real," said Ajay K. Gupta, program chair for computer networks and cybersecurity at the University of Maryland.

"The lack of real attribution for social media content means that elections are being impacted by people who we don't know who they are," he told TechNewsWorld.

 source: technewsworld.com

It's a truism that just like organizations adapt, so too do criminals. For example, anyone who has ever seen a Wells Fargo commercial knows that there was a time when stagecoaches were a normative method for transporting cash and valuables. But what modern criminals in their right mind would attempt robbing a Brink's truck on horseback? While that strategy might have worked well in the days of the Pony Express, attempting it in now would be out of touch and inefficient.

This is an intentionally extreme example to make a point: Criminals adapt to keep pace in the same way that organizations adapt. With a veritable renaissance in technology use under way, criminals have been advancing their methods of attack just like organizations have been advancing their methods for conducting business.

One of the more recent developments in attacker tradecraft is so-called "fileless malware." This trend -- which emerged a few years ago but gained significant prominence in late 2016 and throughout 2017 -- refers to malware that is designed specifically and architected to not require -- or in fact interact with at all -- the filesystem of the host on which it runs.

It is important for technology pros to be alert to this, because it impacts them in several different ways.

First, it alters what they should watch for when analyzing attacker activity. Because fileless malware has different characteristics from traditional malware, it requires looking for different indicators.

Second, it impacts how practitioners plan and execute their response to a malware situation. One of the reasons attackers employ this method is that it circumvents many of the techniques that typically are employed to mitigate attacks.

However, there are some things practitioners can and should do to keep their organizations protected.

 source: informationsecurity-magazine.com

The US Department of Homeland Security (DHS) and the FBI are warning that Russian state-sponsored cyber-attackers are targeting critical infrastructure – and have been for quite some time.

The two agencies issued a joint alert saying that Russian government cyber-actors are actively targeting organizations in the US energy, nuclear, commercial facilities, water, aviation, government and critical manufacturing sectors. They characterized the activity as a “multi-stage intrusion campaign,” where the hackers first targeted peripheral organizations such as trusted third-party suppliers with less secure networks, before pivoting and gaining remote access into energy-sector networks. From there, they conducted network reconnaissance and launched spear-phishing and watering-hole efforts to move laterally and collect information pertaining to industrial control systems (ICS) across industries.

In all of this, the ultimate goal extends beyond espionage to include gaining access to the human-machine interfaces and other control platforms used to administrate critical infrastructure.

“Yesterday's DHS/FBI alert validates what the ICS community has known for months: Russian cyber-attackers have both the intent and the ability to successfully compromise our critical infrastructure networks, including in our nuclear facilities,” said Phil Neray, vice president of industrial cybersecurity at CyberX, via email. “It's easy to see how Russia could leverage these dangerous footholds to test our red lines and threaten us with sabotage in the event of escalating hostilities, such as new Russian incursions on former Soviet territories."

 source: cyberdefensemagazine.com

The role of IT in defending against cyber-attacks is more difficult than ever. It becomes even more challenging when IT departments are forced to tackle the lack of willingness by employees to take precautionary steps against attacks, according to the latest results from the A10 Networks Application Intelligence Report (AIR).

Based on research involving more than 2,000 business and IT professionals at companies from various industries around the world, A10 AIR addresses the challenges IT decision makers face with the rise and complexity of cyberattacks, and the sometimes careless attitudes of employees who unwittingly introduce new threats into their businesses.

Employees Unknowingly Introducing Cyberthreats to Their Companies

The report revealed that employees often unknowingly weaken cybersecurity with the use of unsanctioned apps: one out of three (37 percent) of employees surveyed say they aren’t familiar with what a DDoS attack is, or even aware of how they could unknowingly become victimized.

This data is even more disturbing when almost half (48 percent) of IT leaders say they agree that their employees do not care about following security practices, according to the survey findings. It’s hard to protect someone who isn’t familiar with the warning signs associated with attacks – or willing to learn about them.

With often poor understanding of corporate security policies, this behavior increases the risks that come with a growing reliance on disparate and app-dependent workforces, especially when one third (30 percent) of employees surveyed knowingly use apps their companies forbid.

Of those who use non-sanctioned apps, more than half (51 percent) claim “everybody does it,” while one third (36 percent) say they believe their IT department doesn’t have the right to tell them what apps they can’t use.

Why use unsanctioned apps in the first place? One third (33 percent) of all respondents claim IT doesn’t give them the apps needed to get the job done.

But Who’s Responsible for App Security?

For employees who want to check sports scores or listen to streaming music at work, poorly designed apps with weak security could provide the backdoor for attackers to gain entry into the employee’s corporate network.