Cyber Connections News Roundup: November 16

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

November 16

FBI Email System Hacked to Send Out Fake Security Warnings

According to a recent report on www.theverge.com, hackers targeting the Federal Bureau of Investigation’s (FBI) email servers sent out thousands of phony messages that say its recipients have become the victims of a “sophisticated chain attack.” The emails were initially uncovered by The Spamhaus Project, a nonprofit organization that investigates email spammers. The emails claim that Vinny Troia, a cybersecurity evangelist and hacker with Night Lion Security, was behind the fake attacks and falsely state that Troia is associated with the hacking group, The Dark Overlord. Read more.

United States Joins Global Cybersecurity Partnership

The United States has joined the Paris Call for Trust and Security in Cyberspace, the 80-country partnership to condemn reckless behavior in cyberspace mobilize resources to secure the software supply chain, according to a recent report on www.cnn.com. The partnership includes a series of principles such as defending elections from cyberattacks, protecting intellectual property from theft, and condemning the use of hacking tools by non-state actors. The French government began the multilateral cyber initiative in 2018. Read more.

Brain-Computer Interfaces: A New Frontier for Hackers

Jason Pittman, Sc.D., collegiate faculty member at UMGC where he teaches in the School of Cybersecurity and Information Technology, believes that the potential of Brain-Computer Interfaces (BCIs) is enormous, from helping people with disabilities to improving work and personal performance but so, too, are the untold cybersecurity risks. Brain-computer interfaces (BCIs) are already commercially available, but there is a downside. The technology carries attack opportunities for hackers, including . It is important to understand the cybersecurity of BCIs if we are to proactively prevent threats to this new frontier of innovation. Read more.

Businesses Need to Move from Cybersecurity to Cyber Resilience

A recent article on www.weforum.org argues that way we think about securing our businesses and our data hasn’t really kept up with today’s cybersecurity risks. Business resources are still used to defend against attacks and protect the confidentiality and integrity of data. We need cyber resilience in addition to cyber security. Cyber resilience starts with the basics: patching vulnerabilities, detecting and mitigating threats, and educating employees on how to defend company security. But businesses also need to build resilience into every part of the business and limit the impact of cybercrime to a company’s brand, finance, legal, and customer trust obligations. Resilience is not about the ability to respond and recover from an attack, but how quickly we recover and what we prioritize. Read more.

U.S. Takes swift Action Against REvil Ransomware Attackers

According to a recent report on www.cyberscoop.com, the U.S. government took action against the alleged REvil ransomware attackers in Europe, including an arrest, an indictment, seizure of more than $6 million in stolen money, and new sanctions against a cryptocurrency exchange service and companies that support it. Highlighting the efforts was the arrest of Yaroslav Vasinksyi, a 22-year-old Ukrainian national, who is accused of writing the code behind REvil malware, also known as Sodinokibi, which has become among the most virulent ransomware strains in use. According to US Attorney General Merrick Garland, the malware has been “deployed” against roughly 175,000 computers worldwide, generating at least $200 million in extortion fees. Read more.