Skip to content Skip to navigation

Friday Cyber News: May 10 2019

Cyber technology-related news and links from around the web, for the week of 5/4 - 5/10:

1. Cyberattacks led by Hamas prompted Israel to respond with an air strike against two floors of a building in the Gaza strip where it claimed the cyber operations were being conducted. Although not the first time lethal military force was used against hackers, the operation opens the possibility of further retaliatory options for cyber attacks. [ZDnet; BBC]

2. A new open-source tool from Microsoft, ElectionGuard, is being offered to election officials and voting technology purveyors to enable audits, voter and third-party verification of ballots, and encryption. Voting machine vendors have generally expressed support for these functionalities, and a single implementation used by multiple voting platforms will be beneficial to cross-district and cross-state verification efforts. [Microsoft; The Hill]

3. Last March, a US electric utility experienced a denial of service attack that disabled power grid control systems in Utah, Wyoming, and California, according to a DoE report this week. Power generation and transmission were not affected, but SCADA systems may have been temporarily inaccessible. [EE News]

4. Losing control of hacking tools is unfortunate, but may be unavoidable due to the reverse-engineerable nature of cyber exploits; Symantec reports this week that Chinese hackers have been able to analyze and repurpose NSA hacking tools previously used against them, including some tools later released in the Shadow Brokers collection. [NY Times]

5. In light of espionage concerns, the FCC will prevent Chinese telecom company China Mobile USA from providing international phone service in the US. [NPR] 

6. Proposed legislation, the Data Breach Prevention and Compensation Act, would fine credit reporting agencies like Equifax for data breaches at a rate of $100 per consumer affected. In other breach news, a Chinese national and an unnamed codefendant were indicted this week on charges related to the Anthem breach. [The Hill; WSJ]

7. Establishing behavioral data on candidates' speech and movements is thought to provide a verification corpus that can be used to identify deepfakes; experts are compiling "soft biometric models" for all 2020 candidates. [The Hill]

8. Princeton researchers have developed a new tool, IoT Inspector, to allow anyone to monitor the network traffic of their IoT devices, and see where data is being sent. In other privacy news, Google is expanding Incognito Mode and data-deletion capabilities in a push to compete with Apple on privacy. [Techcrunch; NY Times]

9. Latest cryptocurrency and blockchain news: Nobel prizewinning economist Joseph Stiglitz thinks cryptocurrencies should be "shut down" because they enable criminal activity; Facebook will no longer require pre-approval for ads relating to blockchain projects, events, or education. [The Block x2]

10. An update on last week's spy whale who came in from the cold sea: he's now bringing electronics. Baltimore was hit by a ransomware attack this week. [GFYcat; The Hill]

Thanks for reading,

Allison
Stanford Cyber Initiative
fsi.stanford.edu/cyber

(To suggest an item for this list, please email aberke@stanford.edu. You can view news from past weeks, subscribe, and unsubscribe at https://tinyletter.com/CyberNewsBytes)