Friday Five 2/19
Indictments of North Korean hackers, cybersecurity in the stimulus bill, and the growing popularity of Python - catch up on all of the week's infosec news with the Friday Five!
1. U.S. Indicts North Korean Hackers in Theft of $200 Million by Brian Krebs
The U.S. Department of Justice announced indictments against three North Korean hackers for their roles in carrying out some of the largest cybercrimes of the past decade, including the 2014 hack of Sony Pictures and WannaCry ransomware in 2017. The hacks are part of the North Korean regime’s attempts to circumvent the international financial sanctions that have crippled the North Korean economy. Specifically, the latest indictments highlight how North Korea has doubled down on its cyber operations around cryptocurrency platforms to fund its objectives. Though the odds are very low of any of the indictments leading to arrests, officials hope they will deter or at least bring further attention to the cybercrimes being committed by the North Korean government.
2. France Ties Russia's Sandworm to a Multiyear Hacking Spree by Andy Greenberg
The French security agency has publicly attributed several significant hacks to Sandworm, a hacker group connected to the Russian military. Most recently, Sandworm has allegedly been exploiting an IT tool called Centreon to hack targets around the country. Investigators suspect Sandworm’s involvement partially because of familiar malware, and mostly because of an overlap in the command-and-control servers used in the Centreon hacking campaign and previously known Sandworm attacks. It’s important to note that Centreon is disputing claims that the campaign was targeted commercial versions. Though some have drawn comparisons to the SolarWinds breach, at this moment, there’s no evidence that customers were affected in the same way.
3. The Cybersecurity 202: Industry groups urge Congress to include cybersecurity funding in coronavirus relief package by Tonya Riley
There was a push this week to include ten billion dollars of cybersecurity funding in the final version of the current coronavirus relief package. The funding has the support of a wide variety of cybersecurity experts and trade groups, especially as risks caused by the large shift to virtual work have not been addressed in previous packages. As well, there is a push for more cybersecurity funding for states; a recent hack of a water treatment plant in Florida has helped illustrate the gap in cybersecurity spending cities and states face. Despite the support, getting the funds included in the next package is facing an uphill challenge as some legislator’s question if cybersecurity is critical and relevant to coronavirus.
4. Experts Discuss Challenges of Voting in An Electronic Age by Katya Maruri
This story examines the benefits and potential risks of online voting and biometrics as they pertain to election security. Online voting has some big advantages as it speeds up the process of counting ballots and allows individuals with disabilities to vote. However, the challenge is that it could lead to voter’s information potentially be exposed, including their personal information and who they voted for. As far as the future of biometrics, it could replace signatures in the process of verifying the identity of voters. Regardless of the new technology incorporated into voting, experts agree that we will need comprehensive state and federal laws, along with a better framework for assessing voting securing and voting machines, in order to maintain trust in the system.
5. Python Is More Popular Than Ever by Klint Finley
Despite a difficult transition from Python 2 to Python 3, Python continues to grow in popularity as a coding language. Java Script and Java continue to be extremely popular, but for code that has existed for a while like Python, it’s impressive that programmers haven’t jumped to new languages as they’ve entered the market. Ultimately, Python’s popularity can be attributed to its versatility, which has made it popular in a wide variety of industries, as evidenced by its use at companies like Google, and also by its use in academia, as the most effective code for data crunching. Working in the cybersecurity space, it’s always valuable to know what code is currently in vogue with developers and why it’s seen as valuable.