Taking on the role of the CISO can be a steep learning curve, particularly when it happens in the wake of a large cybersecurity incident. This, as cybersecurity breach posterchild Target appointed a new CISO.
The role of the CISO was one of numerous cybersecurity themes at the Cisco Live conference in Melbourne, where cybersecurity was a high-visibility element as the company extended its capabilities in the area. There were notes that many attackers are now part of large organisations whose professionalism may exceed that of their targets, and the observation from Australia’s peak cybersecurity administrator that security investment and work is exploding this year thanks to the government’s renewed interest in the area. And some at the event were wondering why Australian companies aren’t buying more Australian information-security products.
Researchers ran an extensive study of how social-engineering scams exploit social media, even as a US mass-marketing company publicly exposed its list of 1.36 billion emails, many cross-referenced with other information.
The US government is so keen to keep its hacking techniques secret that it dropped a child pornography case to avoid having to disclose the way it caught the defendant. Wikileaks filled in some of the vacuum with a massive dump of the CIA’s hacking techniques – which include hacks of Android and TVs, raising eyebrows and sending companies scrambling to re-evaluate their security postures.
Wikileaks founder Julian Assange said the CIA had lost control of its cyberweapon documents well before they were published online, saying that it would share the tools with Apple and other technology companies – although some wondered whether they can use it. Intel Security released its own tool to check whether users’ EFI subsystems have been compromised by rootkits.
Antivirus vendors also moved to take advantage of the CIA malware leak, which will allow them to determine whether a particular organisation has been hacked by the CIA. Apple said it has already fixed most of the iOS exploits detailed in the CIA leak. Analysis of the documents suggested that the NSA and CIA were behind the Equation espionage group, even as Wikileaks said might help technology vendors disarm the tools detailed in the leaks.
Speaking of bad security postures, consumer-advocacy group Consumer Reports announced it would start reviewing consumer Internet of Things (IoT) products on their data security and privacy performance, enlisting the help of an ex-Google cybersecurity expert to warn people about potential security risks.
Also not secure is Internet voting, according to the French government, which has banned Internet voting in its upcoming presidential elections because of the “extremely elevated threat of cyberattack”. Hackers exploited a vulnerability in Apache Struts to compromise corporate Web servers, while one security expert warned that risk management requires one to start with the basics.
A security hole in the Confide messaging app, reportedly popular amongst White House staff, exposed user details. Some security experts were evaluating the security of rival messaging tool WhatsApp, even as a cryptographer advised that those concerned about secure communications are best advised to use an iPhone to communicate.
The Church of England had great success in baselining its system to quickly pick up on ransomware attacks before they caused serious damage, while Blackhawk Network got better visibility into threats with the Darktrace Enterprise Immune System.
Researchers linked the Shamoon cyberattack in Saudi Arabia to a new attack in Europe, even as the CIA data leak suggested that a CIA ‘false flag’ team had repurposed the Shamoon data wiper. This, as FBI head James Comey railed against strong encryption and said that citizens have never had guarantees of “absolute privacy”.