Tag Archives: Cyber
Good afternoon, Cyber Saturday readers.
On this week’s episode of Balancing The Ledger, Fortune’s new show covering the future of finance, my colleague Jen Wieczner and I chatted with David Pakman, a partner at the venture capital firm Venrock, about the hardline approach tech giants are taking against the nascent cryptocurrency industry.
To wit: Facebook, Alphabet’s Google, and Twitter have all blacklisted cryptocurrency-promoting advertisements on their platforms this year. Google said Monday it would forbid extensions that “mine” cryptocurrency from its Chrome Web Store. And MailChimp, a purveyor of email newsletters, put the kibosh on dispatches that self-interestedly hawk virtual moneys. (If you’re seeking a responsible replacement, I might recommend our upcoming Ledger newsletter; sign up here.)
Presumably, the Internet behemoths—who have been facing increased scrutiny from the public and regulators in recent months—are reacting harshly to appease a growing chorus of critics. An apologist might say that these companies are simply trying to protect consumers from scams. (The field abounds with swindlers, yes.) But could there be an ulterior motive behind Big Tech’s blanket bans?
“It’s just a little bit too convenient for my taste to see a platform ban an entire ecosystem, or an entire market segment, just because they don’t want to spend the time figuring out who the bad actors are,” Pakman told me.
“We’re talking about highly centralized platforms who, in theory, have the most to lose from the advent of decentralized technologies and platforms,” Pakman said. “It kind of underlines the point of why alternative structures for platforms are needed, because on a whim a single platform can ban an entire market.”
Conspiratorial as it may sound, Pakman has a point. Whether Big Tech is conscious of the biases it possesses or not, there’s no denying the incumbents have an interest in smothering a would-be usurper in its crib. Cryptocurrencies, which proponents expect one day could decentralize Internet services, like social networking, search, and more, pose a legitimate, if early, threat to today’s tech business models.
“The space should be cleaned up, but sometimes we lose sight of the fact that there’s incredible innovation happening,” Pakman said. “We hope they don’t throw the baby out with the bath water.”
We hope so too. Have a great weekend; I’ll be sipping the last dregs of the ski season on a mountain in Vermont.
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
PYEONGCHANG, South Korea (Reuters) – Pyeongchang Winter Olympics organizers confirmed on Sunday that the Games had fallen victim to a cyber attack during Friday’s opening ceremony, but they refused to reveal the source.
The Games’ systems, including the internet and television services, were affected by the hack two days ago but organizers said it had not compromised any critical part of their operations.
“Maintaining secure operations is our purpose,” said International Olympic Committee (IOC) spokesman Mark Adams.
“We are not going to comment on the issue. It is one we are dealing with. We are making sure our systems are secure and they are secure.”
Asked if organizers knew who was behind the attack, Adams said: “I certainly don’t know. But best international practice says that you don’t talk about an attack.”
The Winter Games are being staged only 80km (50 miles) from the border with North Korea, which is technically still at war with the South since their 1950-1953 war ended in a truce rather than a peace treaty.
The two teams marched together at an Olympics opening ceremony for the first time since 2006.
South Korea has been using the Pyeongchang Games to break the ice with the reclusive North, which has been trading nuclear threats with the United States recently.
“All issues were resolved and recovered yesterday morning,” Pyeongchang organizing committee spokesman Sung Baik-you told reporters.
“We know the cause of the problem but that kind of issues occurs frequently during the Games. We decided with the IOC we are not going to reveal the source (of the attack),” he told reporters.
Russia, which has been banned from the Games for doping, said days before the opening ceremony that any allegations linking Russian hackers to attacks on the infrastructure connected to the Pyeongchang Olympic Games were unfounded.
“We know that Western media are planning pseudo-investigations on the theme of ‘Russian fingerprints’ in hacking attacks on information resources related to the hosting of the Winter Olympic Games in the Republic of Korea,” Russia’s foreign ministry said.
“Of course, no evidence will be presented to the world.”
Cyber security researchers said in January they had found early indications that Russia-based hackers may be planning attacks against anti-doping and Olympic organizations in retaliation for Russia’s exclusion from the Pyeongchang Games.
Stakeholders of the Olympics have been wary of the threat from hacking and some sponsors have taken out insurance to protect themselves from a cyber attack. [nL4N1PX1HV]
Editing by Peter Rutherford
WASHINGTON (Reuters) – The U.S. Justice Department on Wednesday announced indictments of 36 people in a global internet identity theft scheme that caused more than $ 530 million in losses to consumers, businesses and financial institutions.
International law enforcement authorities arrested 13 defendants from the United States, Australia, the United Kingdom, France, Italy, Kosovo and Serbia.
“Today’s indictment and arrests mark one of the largest cyberfraud enterprise prosecutions ever undertaken by the Department of Justice,” said Acting Assistant Attorney General John Cronan.
Reporting by Sarah N. Lynch; Writing by Doina Chiacu; Editing by David Alexander
The cryptocurrency market is in a meltdown. Bitcoin prices are down nearly 60% from their December highs, and major banks are cutting off credit card access to crypto exchanges—no surprise in the wake of a mania that saw everyone and their dog sharing hot crypto tips.
Meanwhile, the cyber-security industry is experiencing its own bubble bursting, albeit in much less dramatic fashion. As Reuters reported last month, investors are at last acknowledging the obvious: There are too many VC-bloated start-ups chasing too few clients, while unicorns are morphing into zombies struggling to find an IPO or other exit.
This situation may explain a recent flurry of press releases from cyber firms like Tenable, Cylance and Duo. The releases tout revenue growth and appear intended to assure anyone who will listen that “hey, we’re surviving the cyber shake-out just fine thank you very much.”
It’s hard to say for now which firms will be left standing at the end of 2018 but, for now, it’s clear the peak of the cyber-boom, when VCs would shower money on any company with blinky lights, is over. The investor uncertainty, though, is just one part of the cyber story. There’s also the more important question of whether all these companies have helped harden the country against hacking, and the answer appears to be yes.
Based on recent conversations with ordinary executives, I’ve found cyber-literary has shot up. While hackers are still getting through (they always will), managers and general counsels are finally attuned to the threat and doing something about it.
This change is also trickling down to more humble enterprises. I met a company this week called CyberSight, which offers free and low-cost ransomware protection to the likes of small businesses and county governments, and many of them are actually implementing it. This is a welcome change from a year ago when too many companies blew off cyber defense as an exotic affair they didn’t need.
So let’s celebrate cyber victories where we can find them. Finally, returning to crypto, don’t forget it’s tax time—if you bought or sold, here’s a plain English Q&A to get you through. Have a great weekend.
Jeff John Roberts
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
Bye-bye little bots: Twitter users are losing tens of thousands of followers in the wake of a searing report about a “follower factory” that let people inflate their social media popularity with the help of bots, many of which were crafted by means of identity theft. A Twitter board member was among those who lost followers in the purge.
Apple and the FBI, it’s complicated: In the wake of a 2016 terrorist attack, media outlets (including Fortune) reported on bad blood between Apple and law enforcement over the iPhone maker’s encryption polices. Today, the two sides still don’t see eye-to-eye but are in many ways more friendly than you think.
Looming specter of Spectre: Sure enough, those scary Spectre and Meltdown viruses may be coming to a chip near you. Researchers have already found 130 malware samples that appear to have been built in order to exploit the worldwide chip vulnerabilities disclosed in January.
Netflix and Phish: When you have 118 million subscribers, many of them addicted to binge-watching, your service will be a popular target for scammers. A fake Netflix subscription email is making the rounds (again), threatening to cancel Netflix customers’ accounts if they don’t supply their credit card number. One guess what happens if you click.
Hey Hawaii, good call on canning that button pusher who kept confusing drills with real life.
Share today’s Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
— If you’re going to rob someone at gunpoint for their crypto-currency, for heaven’s sake, don’t transfer the funds to a popular exchange in your own name. Fortune obtained exclusive details about a crazy crypto heist in New York.
ONE MORE THING
Obligatory SuperBowl tidbit: Jeopardy host Alex Trebek chided his contestants over their complete and utter ignorance of football, a topic that regularly pops up in the weeks before the gig game. The show then trolled the players with a tweet, saying “Our contestants answered as many clues in this category as the @Browns had wins this season.”
WASHINGTON (Reuters) – The Trump administration is expected on Tuesday to publicly blame North Korea for unleashing a cyber attack that crippled hospitals, banks and other companies across the globe earlier this year, said two sources familiar with the matter.
The accusation that the North Korean government was behind the so-called WannaCry attack comes as worries mount about North Korea’s hacking capabilities and its nuclear weapons program.
The U.S. government has assessed with a “very high level of confidence” that a hacking entity known as Lazarus Group, which works on behalf of the North Korean government, carried out the WannaCry attack, a senior administration official said. The official spoke on condition of anonymity to discuss details not yet public.
The White House did not immediately respond to a request for comment.
The public condemnation will not include any indictments or name specific individuals, the official said. But the shaming is designed to hold North Korea accountable for its actions and “erode and undercut their ability to launch attacks,” the official said.
North Korean government representatives could not be immediately reached for comment. The country has repeatedly denied responsibility for WannaCry and called other allegations about cyber attacks a smear campaign.
Lazarus Group is widely believed by security researchers and U.S. officials to have been responsible for the 2014 hack of Sony Pictures Entertainment, which destroyed files, leaked corporate communications online and led to the departure of several top studio executives.
Sony also suspended release of a comedy film that portrayed North Korea’s ruler, Kim Jong Un, because of threats issued by the hackers.
Then-U.S. President Barack Obama condemned Pyongyang for the Sony hack, vowing at the time to “respond proportionally.” No indictments have been brought in the Sony case.
Reporting by Dustin Volz; Editing by Jonathan Weber and Peter Cooney
TARTU, Estonia (Reuters) – A group of NATO allies are considering a more muscular response to state-sponsored computer hackers that could involve using cyber attacks to bring down enemy networks, officials said.
The United States, Britain, Germany, Norway, Spain, Denmark and the Netherlands are drawing up cyber warfare principles to guide their militaries on what justifies deploying cyber attack weapons more broadly, aiming for agreement by early 2019.
The doctrine could shift NATO’s approach from being defensive to confronting hackers that officials say Russia, China and North Korea use to try to undermine Western governments and steal technology.
“There’s a change in the (NATO) mindset to accept that computers, just like aircraft and ships, have an offensive capability,” said U.S. Navy Commander Michael Widmann at the NATO Cooperative Cyber Defence Centre of Excellence, a research center affiliated to NATO that is coordinating doctrine writing.
Washington already has cyber weapons, such as computer code to take down websites or shut down IT systems, and in 2011 declared that it would respond to hostile cyber acts.
The United States, and possibly Israel, are widely believed to have been behind “Stuxnet”, a computer virus that destroyed nuclear centrifuges in Iran in 2010. Neither has confirmed it.
Some NATO allies believe shutting down an enemy power plant through a cyber attack could be more effective than air strikes.
“I need to do a certain mission and I have an air asset, I also have a cyber asset. What fits best for the me to get the effect I want?” Widmann said.
The 29-nation NATO alliance recognized cyber as a domain of warfare, along with land, air and sea, in 2014, but has not outlined in detail what that entails.
In Europe, the issue of deploying malware is sensitive because democratic governments do not want to be seen to be using the same tactics as an authoritarian regime. Commanders and experts have focused on defending their networks and blocking attempts at malicious manipulation of data.
Senior Baltic and British security officials say they have intelligence showing persistent Russian cyber hacks to try to bring down European energy and telecommunications networks, coupled with Internet disinformation campaigns.
They believe Russia is trying to break Western unity over economic sanctions imposed over Moscow’s 2014 annexation of Crimea and its support for separatists in eastern Ukraine.
“They (Russia) are seeking to attack the cohesion of NATO,” said a senior British security official, who said the balance between war and peace was becoming blurred in the virtual world. “It looks quite strategic.”
Moscow has repeatedly denied any such cyber attacks.
ESTONIAN ‘CYBER COMMAND’
The United States, Britain, the Netherlands, Germany and France have “cyber commands” — special headquarters to combat cyber espionage and hacks of critical infrastructure.
Estonia, which was hit by one of the world’s first large-scale cyber attacks a decade ago, aims to open a cyber command next year and make it fully operational by 2020, with offensive cyber weapons.
“You cannot only defend in cyberspace,” said Erki Kodar, Estonia’s undersecretary for legal and administrative affairs who oversees cyber policy at the defense ministry.
Across the globe this year computer hackers have disrupted multinational firms, ports and public services on an unprecedented scale, raising awareness of the issue.
NATO held its biggest ever cyber exercise this week at a military base in southern Estonia, testing 25 NATO allies against a fictional state-sponsored hacker group seeking to infiltrate NATO air defense and communication networks.
“The fictional scenarios are based on real threats,” said Estonian army Lieutenant-Colonel Anders Kuusk, who ran the exercise.
NATO’s commanders will not develop cyber weapons but allied defense ministers agreed last month that NATO commanders can request nations to allow them use of their weapons if requested.
Reporting by Robin Emmott; Editing by Peter Graff
(Reuters) – British shipping services provider Clarkson Plc said it was subject to a cyber security incident and warned that the person or persons behind the incident may release some data on Wednesday.
“As soon as it was discovered, Clarkson took immediate steps to respond to and manage the incident,” the company said.
“Our initial investigations have shown the unauthorized access was gained via a single and isolated user account which has now been disabled,” Clarkson said.
The London-headquartered company said it had been working with the police on the incident.
Reporting by Rahul B in Bengaluru; Editing by Maju Samuel
Black Friday has passed, but Cyber Monday—the big online shopping day that falls on the first Monday after Thanksgiving—is just around the corner. That means that there are some great tech deals to be had this year on Nov. 27.
And just because the name Cyber Monday implies that people only have one day to buy something on discount, several retailers like Newegg and Target are extending Cyber Monday into a multi-day shopping fest.
Here’s a roundup of some of the best Cyber Monday tech deals.
The retail giant said have everything on its website at 15% for the week, which Target is pitching as Cyber Week. Additionally, Target (tgt) will unveil special deals on several items each day throughout the week.
Some of the deals include:
- The Sony PlayStation 4 Virtual Reality Headset, with racing game Gran Turismo included, for $ 300, a $ 100 discount.
- People who buy BeatsX earphones or Beats EP headphones—which cost $ 150 and $ 130 respectively—will get a free $ 20 Target GiftCard.
- A KitchenAid 4.5-qt. Classic Plus Stand Mixer will cost $ 200 instead of $ 260.
- A Samsung 55-inch 4K television will cost $ 550 instead of $ 900.
- An Apple (aapl) iPad Pro with 256 GB and Wi-Fi will cost $ 750, a 13% discount.
- An unlocked Apple iPhone 8 with 64 GB will cost $ 674 instead of $ 700.
- The iRobot Roomba 980 Robot Vacuum with Wi-Fi will cost $ 760, an 11% discount.
Online tech-focused retailer Newegg will be staggering some deals throughout its Cyber Monday event lasting from Nov. 26 through Nov. 30.
Deals valid from Nov. 26 and Nov. 27.
- A Western Digital 4 TB external hard drive will cost $ 60 instead of $ 100.
- A Western Digital 500 GB solid state internal hard drive will cost $ 138 instead of $ 150. There’s a limit of three.
Deals valid from Nov. 26 through Nov. 30.
- Hyperkin RetroN 1 HD Gaming Console for the NES will cost $ 15 instead of $ 30.
Deals valid on Nov. 27 only.
- The CyberPower Intelligent LCD battery backup and power supply will cost $ 75 instead of $ 110.
- The Corsair Carbide Mid-Tower Gaming Case will cost $ 40 instead of $ 50.
- H&R Block Tax Software Deluxe + State 2017 will cost $ 35 instead of $ 45.
- A MSI gaming laptop will cost $ 750 instead of $ 850.
Deals valid from Nov. 27 through Nov. 30.
- An ABS Lite Gaming Desktop will cost $ 830 instead of $ 900.
- A Dell OptiPlex 3050 Desktop Computer will cost $ 590 instead of $ 660
The social networking giant (fb) is slashing the price of its Oculus Rift VR headset on both its Oculus online store as well as on Amazon (amzn), Best Buy (bby), Newegg, and Microsoft’s (msft) online store. From Nov. 21 through the end of Cyber Monday, the Rift + touch controller will cost $ 350 instead of $ 400.
Get Data Sheet, Fortune’s technology newsletter.
Dell’s Cyber Monday event will start Nov. 25 and last until Dec. 3. Throughout the period, Dell will have a 15% site wide sale on its video game-oriented computers like the Alienware brand as well as its Inspiron models.
Additionally, the company will debut several online deals throughout the week. These include Dell products in addition to those of third-party companies.
- A Vizio 70-inch 4K television will cost $ 1,500 instead of $ 2,000, plus a $ 200 Dell promotional card.
- A Microsoft Xbox One S with 500 GB and the video game Battlefield 1 will cost $ 220, down from $ 370
- Dell’s UltraSharp 24-inch monitor will cost $ 220 instead of $ 350.
(Reuters) – Technology executive Dave DeWalt has joined early-stage cyber-security venture capital firm Allegis Capital as a managing director, the fund said on Thursday, as it looks to invest more in companies closer to going public.
With the appointment DeWalt, a former CEO of FireEye Inc and McAfee before it was acquired by Intel Corp, is moving directly into the world of venture capital after years of running companies.
“His experience, and the networks that come with it, will be a tremendous asset to our firm and our portfolio companies as they grow from solution innovators to market leaders,” Allegis founder Bob Ackerman said in a statement.
Allegis is looking to raise between $ 200 million and $ 400 million to invest in series C funding rounds, a source with knowledge of the plans said. Such rounds typically involve the last private cash injected into a company before it goes public.
San Francisco-based Allegis also said it would change its name to AllegisCyber and open an office in the Washington area to tap into the region’s high density of cyber engineers and robust investment opportunities.
Allegis said that DeWalt had previously consulted on several investments, including a stake they took in Callsign, where DeWalt sits on the board.
DeWalt has this year joined the boards of a string of cyber security companies including ForgeRock, Optiv, Phantom and Claroty. He has sat on the board of Delta Air Lines Inc since late 2011.
Allegis’ existing cyber security investments include Area 1, Bracket Computing, CyberGRX, E8 Security, Shape Security, Signifyd, Synack, tCell.io and vArmour.
Reporting by Alastair Sharp; Editing by Jim Finkle and Diane Craft
… cyber risks, through to corporate governance and systems accreditation. In the next issue we’ll focus on the specific challenges of cloud computing.