The FBI crops up frequently in cybernews these days, but this time, the story isn’t about heated disputes over smartphones or Russia. Ok… it’s a little bit about Russia.
On Tuesday, President Obama signed a presidential directive officially putting the FBI in charge of responding to any and all cyberthreats. This directive gives the federal government a far more active role in the preventing and investigating of U.S.-based network attacks. Lisa Monaco, Obama's homeland security adviser, said that the move was spurred by the uncertainty of who the culprits are behind such attacks – terrorists, other countries or just good old cybercriminals.
"This directive establishes a clear framework to coordinate the government’s response to such incidents," Monaco said on Tuesday at a cybersecurity conference at Fordham University in New York. "It spells out which federal agencies are responsible. And it will help answer a question heard too often from corporations and citizens alike — 'In the wake of an attack, who do I call for help?'"
The move also has interesting timing, as just days ago, the journalistic organization Wikileaks came out with 20,000 emails lifted from the Democratic National Committee (DNC). The information revealed that the party actively plotted and schemed to cripple Senator Bernie Sanders' presidential campaign. Experts and officials speculate that Russia may have been behind the attack.
Enter the FBI. Along with them, The Department of Homeland Security and the Cyber Threat Intelligence Integration Center will be joining the fight to help prevent and contain the effect of cyber-attacks.
"We’re harnessing all elements of national power, just as we do in dealing with other threats, like terrorism," Monaco said. "No tool is off the table."
Having a robust set of “tools” is certainly the name of the game in defense these days, whether you’re an organization, a political party or an online payment tool. PayPal users can certainly relate. Hackers are using the popular virtual payments system to spread the Chtonic banking Trojan. This week, hackers were observed using the PayPal platform to “request money” from folks via email. The emails contain the subject “You’ve got a money request,” and appear to be sent directly from PayPal. Seemingly legitimate, the emails are bypassing spam filters and are landing directly in Gmail inboxes.
"The sender does not appear to be faked. Instead the spam is generated by registering with PayPal (or using stolen accounts) and then using the portal to request money," said security company Proofpoint in an advisory. “PayPal’s money request feature allows adding a note along with the request, where the attacker crafted a personalized message and included a malicious URL. In a double whammy, the recipient here can fall for the social engineering and lose $100, click on the link and be infected with malware, or both.”
As it turns out, the scale of this campaign appears to be pretty small and low-impact, the bad link having only been clicked a few dozen times. PayPal was also alerted of the issue. Even still, researchers are calling the malware hack “interesting and troubling.” Interesting and troubling indeed.
To wrap up the week, let’s get our heads stuck in the clouds for a moment. Network security firm Blue Coat just released findings of the First Half 2016 Shadow Data Threat Report, which stated that the majority of cloud applications are completely falling down on the job in terms of protecting valuable and sensitive enterprise data.
According to the announcement, Blue Coat analyzed thousands of cloud applications and found that 99 percent of the apps were sorely lacking vital security, compliance controls and features needed to protect enterprise data in the cloud.
“The vast majority of business cloud apps we analyzed do not meet enterprise standards for security and can put companies at risk for compromise even though virtually every enterprise uses them,” said Aditya Sood, PhD and Director of Security and Elastica Cloud Threat Labs at Blue Coat. “This is troubling when you think about the financial risks faced by enterprises due to insecure or non-compliant apps. Understanding which cloud applications your employees are adopting and using is an important step to identifying which apps are business ready and which apps need to be replaced with more secure alternatives.”
The report reveals more disconcerting findings, essentially all pointing to the fact that the cloud is riddled with security threats and pitfalls that could potentially harm organizations. The sun may break through the digital clouds sometime in the future, but for now, enterprises everywhere should take note and do everything they can to protect against breaches.