source: infosecurity-magazine.com

Intelligence agency GCHQ has advised the UK government to ensure no Russian cybersecurity vendors are protecting Whitehall networks critical to national security.

In an update issued on Friday, National Cyber Security Centre (NCSC) CEO, Ciaran Martin, argued — as Prime Minister Theresa May did recently — that “Russia is acting against the UK’s national interest in cyberspace”.

He added:

“We advise that where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen. In practical terms, this means that for systems processing information classified SECRET and above, a Russia-based provider should never be used. This will also apply to some Official tier systems as well, for a small number of departments which deal extensively with national security and related matters of foreign policy, international negotiations, defence and other sensitive information.”

He said this could also include departments responsible for critical infrastructure.

The news will be a blow to Moscow-headquartered Kaspersky Lab, which has been trying to clear its name after being accused in several newspapers of either working with or allowing Russian intelligence to use its products to steal sensitive info from the NSA.

Its detailed investigation of the incident in question revealed that the NSA contractor actually disabled Kaspersky Lab AV on his laptop after illegally taking his work home with him, as it had started to detect new NSA-developed malware. The firm said that backdoor malware was then installed on the machine as part of pirated software package.

The contractor in question, Vietnam-born Nghia Hoang Pho, has pleaded guilty to one count of wilful retention of national defense information, and could now face several years in jail.

However, the NCSC claimed that its current guidance — applicable solely to central government at this stage — is just a preliminary missive.

“As well as keeping this guidance under review, we are in discussions with Kaspersky Lab, by far the largest Russian player in the UK, about whether we can develop a framework that we and others can independently verify, which would give the government assurance about the security of their involvement in the wider UK market,” explained Martin. 

“In particular we are seeking verifiable measures to prevent the transfer of UK data to the Russian state. We will be transparent about the outcome of those discussions with Kaspersky Lab and we will adjust our guidance if necessary in the light of any conclusions.”

However, the decision is already having an impact on Kaspersky Lab’s wider business. Barclays has withdrawn its offer to customers of free software from the provider.

 source: securityweek.com

A member of the US National Security Agency's elite hacking team has been charged with illegally removing top secret materials, in an embarrassing breach for the crucial electronic espionage body.

The Justice Department said Friday that Nghia Hoang Pho, 67, a 10-year veteran of the NSA's Tailored Access Operations unit, which broke into computer systems, agreed to plead guilty to a single charge of removing and retaining top-secret documents from the agency.

He kept the material at his Ellicott City, Maryland home.

According to The New York Times, it was Vietnam-born Pho's computer that apparent Russian hackers accessed via his use of Kaspersky software to steal files and programs the NSA developed for its own hacking operations.

The Justice Department said Pho had taken printed and digital copies of documents and writings labelled "secret," and containing sensitive "national defense information," and stored them in his home from 2010 until he was caught in 2015.

It gave no detail on why he did that, and did not say whether Pho had revealed or lost any of the information.

Pho faces up to 10 years in prison, though could negotiate a lighter punishment.

He was the third NSA employee charged in the past two years for taking home top-secret information.

The NSA declined to respond to questions on the case.

In October The Wall Street Journal reported that Russian hackers exploited anti-virus software made by Kaspersky Lab to steal top secret materials from an unnamed NSA employee.

The Journal said the 2015 hack led to the Russians obtaining information on how the NSA itself penetrates foreign computer networks and protects itself from cyberattacks.

The incident was a key reason why the US government earlier this year announced a ban on use of Kaspersky anti-virus software on government computers, warning that the Moscow-based company has suspect links to Russian intelligence.

Kaspersky denies any ties to the Russian government, but said its own forensic investigation did show that hackers made use of its software to break into the NSA worker's home computer.

Kaspersky said what was stolen included essential source code for so-called Equation Group hacking software from the NSA.

 source: cnet.com

No really, get ready. Do these security basics now, because online criminals are going to get even more aggressive next year.

 
 

After the year we've had, do you need any more convincing that your personal information is constantly being exposed to hackers?

It wasn't just the Equifax hack, which leaked 145.5 million Social Security numbers, or the WannaCry ransomware attack that locked up our computers and demanded a ransom paid in bitcoins.

Even the security software on millions of our computers became suspect when, for example, the US government banned the widely popular Kaspersky Lab software over concerns about connections to the Russian government. And experts made us question whether we can trust the invisible systems that connect our devices to the internet, like Wi-Fi.

But as scary as all this news is, I don't recommend putting your fingers in your ears and chanting "fa la la la" until the next hack (though sometimes I'm tempted to do that myself).

The good news is that even as things get worse, you can still do a lot to protect yourself from many types of cyberattacks. In fact, it's because these trends aren't likely to turn around in 2018 that you should do all of the following:

Sound like too much work? You should really carve out some time for this stuff. If you'll permit me to be Debbie Downer for a moment, our security situation is likely to get worse, not better in 2018. Here's how.

Ransomware will get sneakier, so your backups will be even more important

It's hard to imagine how ransomware could get much worse. In the WannaCry attack, hackers used NSA hacking tools that leaked into the criminal underworld, repurposing them to launch ransomware at regular computer users.

 source:  wired.com

YOU'RE USING STRONG and unique passwords. You're on the lookout for phishing emails. And you've set up two-factor authentication on every account that offers it. Basically, you're acing Personal Cybersecurity 101. But with new threats popping up all the time, you may be looking for other proactive steps you can take to protect yourself. Here's an easy one: Clean up your digital junk.

Most people have old email accounts floating around, forgotten thumb drives in a drawer, and years-worth of crap in a downloads folder. All that stuff is a liability. Saving data that you want or that will someday come in handy is...sort of the whole point of the digital revolution, but holding on to accounts and files that you don't actually want anymore needlessly exposes you to all sorts of risks. Your devices can be lost or stolen (or hacked) and big companies can suffer data breaches that incidentally expose your information. So the less there is out there, the better off you are.

"The physical presence of data is so small that sometimes we don’t think about it as being clutter," says Michael Kaiser, the executive director of the National Cyber Security Alliance. "But we accumulate massive amounts of it and some of it can be harmful if it gets lost or stolen."

Here's some tips from the experts on how to clean that clutter before it comes back to haunt you.

Digital Dumping Ground

First, address your physical devices. Destroy old CDs, thumb drives, and external hard drives you don't need anymore. (Don't forget the box of floppy disks in your basement. Seriously.) Consider old PCs, gaming consoles, and smart home gadgets, and back up anything you want from those devices before wiping them.

 

Next, deal with your current devices. Sort through your desktop and clean out your documents folder. Eliminating old PDFs of credit card statements or medical forms that you no longer need will go a long way toward keeping you safer. And it's a good opportunity to make a plan for sensitive documents that you do want to hold on to. You might back them up to a cloud service or a password-protected external hard drive and then take them off the devices you use every day that could be lost or stolen.