The Big Picture: Cybersecurity Headlines February 23, 2018

cybersecurity news headlines big picture February 23

Another week, another dizzying array of headlines in cybersecurity. Our field is marked by so many shocking discoveries and bizarre twists we could be mistaken for a soap opera if the situation didn’t appear so dire (or if we had more inexplicable bouts of amnesia).

Consider this article an update on all the biggest headlines of the past few days, with some reflections on what it all could mean for cybersecurity in the future.

Tesla, Los Angeles Times Servers Hacked, Used to Mine Cryptocurrency

Last week we wrote about cryptojacking—the practice by which victim servers are used to mine cryptocurrency against their will. That proved prophetic with the revelation that automotive and solar panel manufacturer Tesla had one of their cloud servers cryptojacked. The server in question, a Kubernetes administration console, was public and did not have any form of password protection, making it easy to infiltrate. Digital security company Redlock discovered the problem and alerted Tesla.

Meanwhile, a similar cryptojacking attack occurred on the Los Angeles Times Homicide Report page, operating at such a low capacity that it went unnoticed for (possibly) weeks.  

Takeaway: Our colleagues explored the details about the Tesla hack already. but the biggest takeaway we found is that digital hygiene best practices are not givens. Even a billion dollar company or a major newspaper can become careless if they don’t practice due diligence. Never assume your enterprise is safe online; your cybersecurity team should be constantly evaluating your perimeter, monitoring for any signs of penetration, and working with your solutions provider to investigate security incidents. Furthermore, your team needs to know what assets are where and who has access to them so as to ensure they receive the same treatment.

Also, and this should go without saying, make sure your servers and networks have adequate authentication protocols.

SEC Releases New Cybersecurity Guidelines

The U.S. Security and Exchange Commission (SEC) issued a new guidance demanding public companies to be more forthcoming about disclosing their cybersecurity breaches and risks. The guidance:

  • Serves as a prevailing interpretation of existing federal securities laws and therefore will influence how those laws are enforced.
  • Is the first expansion of the cybersecurity guidance originally issued in 2011.
  • Prevents executives from selling shares when important cybersecurity information, such as a breach, hasn’t been disclosed to the public.
  • Prevents companies from claiming an “ongoing investigation” as an excuse to delay informing the public of a breach.

The guidance was voted in unanimously by the SEC board, which is nonpartisan.

Takeaway: The update to the guidance parameters is an indication of just how serious cybersecurity is becoming to the economic world, and how much more seriously enterprises need to view their own security policies. Both Equifax and Intel’s cybersecurity disclosures have been coupled with suspicions of executives selling shares beforehand; that kind of practice shows a wild disregard for consumers that may come back to hurt their reputations and bottom lines in the future. Treat public disclosure as an essential component of any incident response plan your enterprise create so you can be in full compliance with the SEC guidance.  

Intel Ships New Spectre Patch

Microprocessor manufacturer Intel announced a new patch for the Spectre speculative execution flaw. The patch only applies to devices 2015 and newer. Others will have to wait for patches from their computer manufacturer.

Takeaway: Another part of the Spectre saga. Given the history of previous patches it’s hard not to be cynical about how this one might turn out, especially if a hardware replacement is the only real solution. Keep an eye on your processing speed if you have a patched device, and be sure to alert Intel if you experience more system crashes than usual.

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me

Leave a Reply

Your email address will not be published. Required fields are marked *